diff --git a/CHANGELOG.md b/CHANGELOG.md
index aa4f1c29f1..2968b89615 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -142,6 +142,8 @@ Adding a new version? You'll need three changes:
   [#6010](https://github.com/Kong/kubernetes-ingress-controller/pull/6010)
   [#6047](https://github.com/Kong/kubernetes-ingress-controller/pull/6047)
   [#6071](https://github.com/Kong/kubernetes-ingress-controller/pull/6071)
+- Add `INFO` log when admission result is not allowed
+  [#6084](https://github.com/Kong/kubernetes-ingress-controller/issues/6084)
   
 - Add support for Kubernetes Gateway API v1.1:
   - add a flag `--enable-controller-gwapi-grpcroute` to control whether enable or disable GRPCRoute controller.
diff --git a/internal/admission/handler.go b/internal/admission/handler.go
index 0b3fd95dbd..3943e71d62 100644
--- a/internal/admission/handler.go
+++ b/internal/admission/handler.go
@@ -63,6 +63,18 @@ func (h RequestHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
+
+	if response.Allowed != true {
+		h.Logger.Info(
+			"Object not allowed",
+			"name", review.Request.Name,
+			"kind", review.Request.Kind.Kind,
+			"namespace", review.Request.Namespace,
+			"message", response.Result.Message,
+			"details", response.Result.Details,
+		)
+	}
+
 	review.Response = response
 
 	if err := json.NewEncoder(w).Encode(&review); err != nil {