Monitor and observe the operation of Kyverno using logs, metrics, and traces.
The log verbosity and encoding format for the Kyverno controllers can be configured.
logging:
level: 2
encoding: textFor more information, check Kyverno documentation for logs.
The Kyverno controllers expose Prometheus metrics by default. This package comes pre-configured with the necessary annotations to let Prometheus scrape metrics automatically from the Kyverno controllers.
If you want to export metrics based on the OpenTelemetry format rather than Prometheus, you need to configure the OpenTelemetry endpoint where the controllers will push the metrics using gRPC.
metrics:
type: grpc
collector: opentelemetrycollector.kyverno.svc.cluster.local:4317For more information, check the Kyverno documentation for metrics.
OpenTelemetry instrumentation is provided for Kyverno. By default, the instrumentation is disabled. You can enable the generation of traces and configure how they are exported to an OpenTelemetry-compatible distributed tracing backend.
tracing:
enabled: true
endpoint: opentelemetrycollector.kyverno.svc.cluster.local
port: 4317For more information, check the Kyverno documentation for traces.
If you use the Grafana observability stack, you can refer to this dashboard as a foundation to build your own.