Container apps ingress logs

Question

Container apps ingress logs

Hasitha 5

Is there a mechanism to view logs of the container apps ingress? I can't seem to find a place to configure it to be ingested into a log analytics workspace.

Sai Prabhu Naveen Parimi 2,425 Reputation points Microsoft External Staff Moderator

2025-05-24T08:01:01.4633333+00:00
@Hasitha

It looks like you're trying to figure out how to view logs for the ingress of your container apps in Azure. Unfortunately, there isn’t a direct way to configure ingress logs to be sent to a Log Analytics workspace. However, you can access logs and monitor your container apps in a couple of ways:

Accessing Logs Directly: You can view logs related to your container app under the "Diagnose and solve problems" section in the Azure portal. This area allows you to troubleshoot issues and access logs that may provide insight into ingress traffic.

Using Log Queries: Once your container app logs are in Azure Log Analytics, you can run Kusto queries to analyze them. For example, to see recent console logs output from your app, you can use:
ContainerAppConsoleLogs_CL | order by TimeGenerated desc

Logging Container Instances: You can also access logs specifically from container instances by selecting "Logs" from the container resource page.

If you need to ensure logs are sent to Log Analytics, you may need to explicitly set up diagnostic settings on your container app to send specific logs to your Log Analytics workspace.

Reference: https://learn.microsoft.com/en-us/azure/container-apps/log-monitoring?tabs=bash#query-log-with-log-analytics

If you have any other questions or still running into more issues, let me know in the "comments" and I would be happy to help you.
Sai Prabhu Naveen Parimi 2,425 Reputation points Microsoft External Staff Moderator

2025-05-27T05:26:33.76+00:00

@Hasitha

Just checking in to see if the above information was helpful. Let me know if you have any questions or need further clarification.
Hasitha Jayatilake 0 Reputation points

2025-05-27T07:26:55.82+00:00

Hi @Sai Prabhu Naveen Parimi

Thanks for your response. So to confirm - there is no way to ingest or view ingress logs of Azure container apps?

'ContainerAppConsoleLogs_CL' only shows container console logs, not ingress logs, so just wanted to double check.
Sai Prabhu Naveen Parimi 2,425 Reputation points Microsoft External Staff Moderator

2025-05-27T11:05:16.57+00:00

Hasitha Jayatilake

Could you please check the private message and provide the required details.

Here is the reference link on how to access & data retention policy of private messages in Microsoft Q&A.
Khadeer Ali 5,990 Reputation points Microsoft External Staff Moderator

2025-05-27T21:24:46.0133333+00:00

@Hasitha ,

Azure Container Apps does not currently provide ingress (HTTP request-level) logs, such as client IPs, request paths, or response codes.

This is due to its fully managed and multi-tenant architecture, where Microsoft abstracts the ingress layer (Envoy proxy) to simplify operations and maintain tenant isolation. As a result, ingress logs are not exposed or ingested into Log Analytics.

For detailed request logging, we recommend:

Logging traffic inside the app itself, or

Using a service like Azure Front Door or Application Gateway in front of the Container App, which can provide full access logs.
Hasitha 5 Reputation points

2025-05-28T03:09:28.49+00:00

Hi Khadeer,

Thanks for your clarification! Yes unfortunately what I'm trying to debug is whether any requests are failing at the Envoy proxy layer, which means logs inside the application won't help, and logs from a service that sits in front of the Envoy proxy will not necessarily help.

But thanks for the clarification, it's useful to know the limitations.

1 answer

Your answer

Sai Prabhu Naveen Parimi 2,425 Reputation points Microsoft External Staff Moderator

2025-05-24T08:01:01.4633333+00:00

@Hasitha

It looks like you're trying to figure out how to view logs for the ingress of your container apps in Azure. Unfortunately, there isn’t a direct way to configure ingress logs to be sent to a Log Analytics workspace. However, you can access logs and monitor your container apps in a couple of ways:

Accessing Logs Directly: You can view logs related to your container app under the "Diagnose and solve problems" section in the Azure portal. This area allows you to troubleshoot issues and access logs that may provide insight into ingress traffic.

Using Log Queries: Once your container app logs are in Azure Log Analytics, you can run Kusto queries to analyze them. For example, to see recent console logs output from your app, you can use:
ContainerAppConsoleLogs_CL | order by TimeGenerated desc

Logging Container Instances: You can also access logs specifically from container instances by selecting "Logs" from the container resource page.

If you need to ensure logs are sent to Log Analytics, you may need to explicitly set up diagnostic settings on your container app to send specific logs to your Log Analytics workspace.

Reference: https://learn.microsoft.com/en-us/azure/container-apps/log-monitoring?tabs=bash#query-log-with-log-analytics

If you have any other questions or still running into more issues, let me know in the "comments" and I would be happy to help you.
Sai Prabhu Naveen Parimi 2,425 Reputation points Microsoft External Staff Moderator

2025-05-27T05:26:33.76+00:00

@Hasitha

Just checking in to see if the above information was helpful. Let me know if you have any questions or need further clarification.
Hasitha Jayatilake 0 Reputation points

2025-05-27T07:26:55.82+00:00

Hi @Sai Prabhu Naveen Parimi

Thanks for your response. So to confirm - there is no way to ingest or view ingress logs of Azure container apps?

'ContainerAppConsoleLogs_CL' only shows container console logs, not ingress logs, so just wanted to double check.
Sai Prabhu Naveen Parimi 2,425 Reputation points Microsoft External Staff Moderator

2025-05-27T11:05:16.57+00:00

Hasitha Jayatilake

Could you please check the private message and provide the required details.

Here is the reference link on how to access & data retention policy of private messages in Microsoft Q&A.
Khadeer Ali 5,990 Reputation points Microsoft External Staff Moderator

2025-05-27T21:24:46.0133333+00:00

@Hasitha ,

Azure Container Apps does not currently provide ingress (HTTP request-level) logs, such as client IPs, request paths, or response codes.

This is due to its fully managed and multi-tenant architecture, where Microsoft abstracts the ingress layer (Envoy proxy) to simplify operations and maintain tenant isolation. As a result, ingress logs are not exposed or ingested into Log Analytics.

For detailed request logging, we recommend:

Logging traffic inside the app itself, or

Using a service like Azure Front Door or Application Gateway in front of the Container App, which can provide full access logs.
Hasitha 5 Reputation points

2025-05-28T03:09:28.49+00:00

Hi Khadeer,

Thanks for your clarification! Yes unfortunately what I'm trying to debug is whether any requests are failing at the Envoy proxy layer, which means logs inside the application won't help, and logs from a service that sits in front of the Envoy proxy will not necessarily help.

But thanks for the clarification, it's useful to know the limitations.

Answer 1

@Hasitha

Currently, Azure Container Apps does not expose ingress logs (such as client IPs, request paths, or response codes) due to its fully managed, multi-tenant architecture, where the Envoy proxy layer is abstracted and not accessible for direct telemetry.

For request-level visibility, you can:

Log requests within your application code.

Use services like Azure Front Door or Application Gateway in front of your Container App to capture access logs.

As you mentioned, it's useful to be aware of these limitations. If ingress logging is important for your scenario, I recommend submitting a feature request at https://feedback.azure.com. The product team may consider adding this capability in the future based on customer demand and feasibility.

Please don’t forget to click “Accept the answer” and “Yes” if the information provided helped you — this can benefit other community members looking for the same information.

Sai Prabhu Naveen Parimi 2,425 Reputation points Microsoft External Staff Moderator

2025-05-28T08:27:03.59+00:00

@Hasitha

If the suggestion was helpful, please consider clicking "Accept Answer"

Share via

Container apps ingress logs

1 answer

Your answer