Before covering the topic of observability and monitoring, it's important to mention that this is a beta test. Bulwark is not currently recommended for production use-cases.
Logs
Bulwark currently relies on a mix of its own logs and metrics and also Envoy's metrics for observability. Bulwark supports both Prometheus-compatible metrics scraping and StatsD for metrics collection. There are a number of future roadmap items related to improving Bulwark's capabilities in this area. Since Bulwark is intended to function as a security observability tool in its own right, this is a development area that will receive significant attention.
Bulwark currently offers two log formats. The first is a structured newline-delimited JSON format that implements the Elastic Common Schema (ECS) specification and is intended for use with centralized log stores and other consumers of high-cardinality event data. The second is a human-readable multi-line log format intended for debugging use-cases. Other log formats will be introduced in the future, as needed.