Need a documentation or Info about logging details for kube-apiserver log

Hi Folks,

I’m Naveen working as a security engineer, recently we onboarded a “Kubernetes” product & while collecting logs for kube-apiserver, kube-audit, kube-controller-manager category.

in the below kube-audit category logs,

{
"operationName":"Microsoft.ContainerService/managedClusters/diagnosticLogs/Read",
"category":"kube-apiserver",
"resourceId":"/SUBSCRIPTIONS/C111111-DXXX-4XXX-AXXX-900000000/RESOURCEGROUPS/AG-AKS-RG/PROVIDERS/MICROSOFT.CONTAINERSERVICE/MANAGEDCLUSTERS/AG-AKS-CLUSTER",
"properties":▼{
"log":"I0624 20:14:59.855669       1 wrap.go:47] PUT /api/v1/namespaces/kube-system/endpoints/kube-scheduler?timeout=10s: 
(9.05251ms) 200 [hyperkube/v1.12.8 (linux/amd64) kubernetes/a89f8c1/leader-election 172.31.1.1:48110]
",
"stream":"stderr",
"pod":"kube-apiserver-796bd9b775-xqk5s",
"containerID":"2d6cac1300da3226323fd1b936fe8278b87cba2b7a1bbd9c8401da6f8e786f5e"
},
"time":"2019-06-24T20:14:59.000Z"
}

from this “log” key - the value contains “I0624” what is that represents.
In more logs the keyword get different “E0428” & “W0506” & so on.

i’m came across this blog - click here

they have mention its an <klog header>. couldn’t able to find more info about that.

if anyone knows about what it does, kindly share the info.

Regards,
Naveen

The header is constructed in klog (link). The first character represents the severity level and the numbers represent month/date, refer to the FormatHeader function in klog.