Network flow logs
meshctl hubble observe command to gain visibility into network and app protocol flows, such as individual TCP connections, DNS queries, or HTTP requests.
This guide assumes that you followed the get started guide to set up Gloo Network.
Before you begin
Enable Cilium flow logs.
meshctl hubble observe command
meshctl hubble observe command, which is based on the
hubble observe CLI command, extends the visibility that is provided by standard Kubernetes commands and the Cilium dashboard. This CLI command allows you to monitor and observe traffic to, from, and between workloads in your cluster. You can use this information to determine whether network policies were accurately applied and to confirm that requests are properly forwarded and dropped. Unlike the Hubble CLI, the
meshctl hubble observe command does not require you to port forward the Hubble relay service on each cluster that you want to target.
Instead, you can simply run the command against the cluster and workloads that you are interested in.
For supported flags, see the
meshctl hubble observe command documentation.
Review the following example commands that you can use to view flow logs for your workloads. For more information about this command, see the Hubble documentation.
View flog logs
View flow logs for all workloads across all namespaces. Note that this command might return an extensive amount of data. Use the filter options to reduce the amount of data that is returned.
meshctl hubble observe --all
Follow the flows as they are observed.
meshctl hubble observe -f
Use the following command options to filter the amount of flow data that is returned.
List only the flows for a specific cluster.
meshctl hubble observe --cluster=<cluster-name>
View all flows that were obseved in the last 5 minutes.
meshctl hubble observe --since=5m --all
View the last 10 flows that were observed.
meshctl hubble observe --last 20 --all