Scenario
I'm using Istio 1.5
From this question I know the default envoy access log format that Istio uses, which is
\[%{TIMESTAMP_ISO8601:timestamp}\] \"%{DATA:method} (?:%{URIPATH:uri_path}(?:%{URIPARAM:uri_param})?|%{DATA:}) %{DATA:protocol}\" %{NUMBER:status_code} %{DATA:response_flags} \"%{**DATA:mixer_status**}\" %{NUMBER:bytes_received} %{NUMBER:bytes_sent} %{NUMBER:duration} (?:%{NUMBER:upstream_service_time}|%{DATA:tcp_service_time}) \"%{DATA:forwarded_for}\" \"%{DATA:user_agent}\" \"%{DATA:request_id}\" \"%{DATA:authority}\" \"%{DATA:upstream_service}\" %{DATA:upstream_cluster} %{DATA:upstream_local} %{DATA:downstream_local} %{DATA:downstream_remote} %{**DATA:requested_server**}
Note: Since the referenced question is quite old, I'm not sure if this format is still correct for istio 1.5 but it looks pretty is.
Here are my logs
Source:
"-" "-" 0 232 10 9 "-" "curl/7.52.1" "772a4c12-bb1a-4f26-9a18-f354f5a081e0" "ai-service:5000" "10.2.34.209:5000" outbound|5000||ai-service.default.svc.cluster.local 10.2.8.95:45340 172.20.126.246:5000 10.2.8.95:53462 - default
Destination:
[2020-03-26T23:19:00.311Z] "- - -" 0 - "-" "-" 1068 379 9 - "-" "-" "-" "-" "127.0.0.1:5000" inbound|5000||ai-service.default.svc.cluster.local 127.0.0.1:37604 10.2.34.209:5000 10.2.8.95:45340 outbound_.5000_._.ai-service.default.svc.cluster.local -
Question
What are the upstream_local, downstream_local and downstream_remote?