Log Service and Service Mesh (ASM) jointly launch the log collection feature. You can use the feature to deliver control plane logs and KubeAPI operation audit logs from ASM to Log Service for query and analysis. This topic describes the assets and billing of the log collection feature.
Log types
Control plane logs: logs that are related to configuration pushes from the control plane to sidecar proxies on the data plane. In some cases, sidecar proxies or ingress gateways become unavailable due to improper configurations. You can identify the issues based on control plane logs.
KubeAPI operation audit logs: the operations that different Alibaba Cloud accounts perform on Istio resources, such as virtual services, gateways, destination rules, Envoy filters, sidecar proxies, and service entries. ASM administrators can record or trace the daily operations of different users based on KubeAPI operation audit logs to ensure secure O&M in clusters.
Assets
Dedicated project and dedicated Logstores
ImportantBefore you disable log collection, do not delete the related Log Service project and Logstore. Otherwise, logs cannot be delivered to Log Service.
If you have enabled the pay-by-ingested-data billing mode, Log Service creates a dedicated Logstore that uses the pay-by-ingested-data billing mode by default. If you want to switch the billing mode from pay-by-ingested-data to pay-by-feature, modify the configurations of the Logstore. For more information, see Manage a Logstore.
If you select an existing project when you enable the collection of control plane logs or KubeAPI operation audit logs, Log Service creates a corresponding dedicated Logstore in the project, as shown in the following table.
If you select the default project when you enable the collection of control plane logs or KubeAPI operation audit logs, Log Service creates a project named
mesh-log-ASM instance ID
in the region where the master instance resides and a corresponding dedicated Logstore in the project, as shown in the following table.Logstore name
Description
istio-ASM instance ID
Stores the control plane logs of an ASM instance.
audit-ASM instance ID
Stores the KubeAPI operation audit logs of an ASM instance.
Dedicated dashboards
Dashboard
Description
Mesh Audit Center Overview
Displays the audit information about the ASM instance, including the total number of events, number of Internet connection requests, number of unauthorized Internet connection requests, number of creation events, number of deletion events, operation distribution of RAM users, distribution of deletion events, and operation traces.
Mesh Resource Operation Overview
Displays the information about the operations that are performed on the resources in the ASM instance, including the creation, update, access, and deletion of resources such as virtual services, destination rules, gateways, sidecar proxies, Envoy filters, and service entries.
Mesh Resource Operation Details
Displays the details of the operations that are performed on the resources in the ASM instance, including the operation rules, created resource list, deleted resource list, updated resource list, and accessed resource list.
Mesh Operation Audit for Accounts
Displays the operation information of ASM instances by account, including the number of created resources, number of modified resources, number of deleted resources, distribution of managed namespaces, distribution of deleted resources, and operation traces.
Billing
You are not charged for the log collection feature of ASM.
If the billing mode of the related Logstore is pay-by-feature, you are charged based on the storage usage, read traffic, number of requests, data transformation, and data shipping after ASM logs are delivered to Log Service. For more information, see Billable items of pay-by-feature.
If the billing mode of the related Logstore is pay-by-ingested-data, you are charged only for the read traffic over the Internet after ASM logs are delivered to Log Service. For more information, see Billable items of pay-by-ingested-data.