calico icon indicating copy to clipboard operation
calico copied to clipboard

Published 20 hours ago verified publisher icon projectcalico

Does calico network policies only log denied traffic?

Open ausername86 opened this issue 3 years ago • 1 comments

Hello,

I am a bit confused on the Log action for Calico network policies. Im not seeing in the calico documentation if the Log action only logs denied traffic or if it can log both denied and accepted traffic. I just see an example of logging denied traffic in the documentation. Is there a way to tell if it's accepted or denied by the "calico-packet:" log line in syslog? I don't see a DROP in any of my calico-packet log lines.

https://projectcalico.docs.tigera.io/security/calico-network-policy#apply-network-policies-in-specific-order

Thanks for the clarification.

ausername86 avatar Jul 22 '22 21:07 ausername86

The log action will log packets that traverse the rule, it's not tied to accept / drop in any way and you need to use other rules in order to perform those actions.

caseydavenport avatar Jul 26 '22 16:07 caseydavenport

Going to close this for now due to inactivity but if you have any more questions please feel free to reopen, thanks!

lmm avatar Sep 06 '22 16:09 lmm