antrea icon indicating copy to clipboard operation
antrea copied to clipboard
verified publisher icon antrea-io

Add Audit Action for rules

Open ColonelBundy opened this issue 7 months ago • 3 comments

Describe the problem/challenge you have Currently, there is no way to write a network policy without enforcing it or simulate policy matches for auditing or statistical purposes. The ability to create rules solely for gathering metrics over time or to stage policies before enforcement is currently lacking.

Describe the solution you'd like Add "Audit" or "Stage" to the list of possible actions for a rule so it will show up in the flow exporter as such and not enforce anything.

Anything else you would like to add? Calico and Cilium have a very similiar feature

ColonelBundy avatar Sep 03 '25 16:09 ColonelBundy

Thanks for submitting this. It seems that for Calico at least, this is an enterprise feature only (i.e., not available in the open-source version)?

antoninbas avatar Sep 03 '25 19:09 antoninbas

Thanks for submitting this. It seems that for Calico at least, this is an enterprise feature only (i.e., not available in the open-source version)?

It previously was, it's now in the open source version aswell.

ColonelBundy avatar Sep 04 '25 08:09 ColonelBundy

This issue is stale because it has been open 90 days with no activity. Remove stale label or comment, or this will be closed in 90 days. You can add a label "lifecycle/frozen" to skip stale checking.

github-actions[bot] avatar Dec 04 '25 00:12 github-actions[bot]