...

Text file src/github.com/datawire/ambassador/v2/api/envoy/config/accesslog/v3/accesslog.proto

Documentation: github.com/datawire/ambassador/v2/api/envoy/config/accesslog/v3

     1syntax = "proto3";
     2
     3package envoy.config.accesslog.v3;
     4
     5import "envoy/config/core/v3/base.proto";
     6import "envoy/config/route/v3/route_components.proto";
     7import "envoy/type/matcher/v3/metadata.proto";
     8import "envoy/type/v3/percent.proto";
     9
    10import "google/protobuf/any.proto";
    11import "google/protobuf/struct.proto";
    12import "google/protobuf/wrappers.proto";
    13
    14import "udpa/annotations/status.proto";
    15import "udpa/annotations/versioning.proto";
    16import "validate/validate.proto";
    17
    18option java_package = "io.envoyproxy.envoy.config.accesslog.v3";
    19option java_outer_classname = "AccesslogProto";
    20option java_multiple_files = true;
    21option (udpa.annotations.file_status).package_version_status = ACTIVE;
    22
    23// [#protodoc-title: Common access log types]
    24
    25message AccessLog {
    26  option (udpa.annotations.versioning).previous_message_type =
    27      "envoy.config.filter.accesslog.v2.AccessLog";
    28
    29  reserved 3;
    30
    31  reserved "config";
    32
    33  // The name of the access log implementation to instantiate. The name must
    34  // match a statically registered access log. Current built-in loggers include:
    35  //
    36  // #. "envoy.access_loggers.file"
    37  // #. "envoy.access_loggers.http_grpc"
    38  // #. "envoy.access_loggers.tcp_grpc"
    39  string name = 1;
    40
    41  // Filter which is used to determine if the access log needs to be written.
    42  AccessLogFilter filter = 2;
    43
    44  // Custom configuration that depends on the access log being instantiated.
    45  // Built-in configurations include:
    46  //
    47  // #. "envoy.access_loggers.file": :ref:`FileAccessLog
    48  //    <envoy_api_msg_extensions.access_loggers.file.v3.FileAccessLog>`
    49  // #. "envoy.access_loggers.http_grpc": :ref:`HttpGrpcAccessLogConfig
    50  //    <envoy_api_msg_extensions.access_loggers.grpc.v3.HttpGrpcAccessLogConfig>`
    51  // #. "envoy.access_loggers.tcp_grpc": :ref:`TcpGrpcAccessLogConfig
    52  //    <envoy_api_msg_extensions.access_loggers.grpc.v3.TcpGrpcAccessLogConfig>`
    53  oneof config_type {
    54    google.protobuf.Any typed_config = 4;
    55  }
    56}
    57
    58// [#next-free-field: 13]
    59message AccessLogFilter {
    60  option (udpa.annotations.versioning).previous_message_type =
    61      "envoy.config.filter.accesslog.v2.AccessLogFilter";
    62
    63  oneof filter_specifier {
    64    option (validate.required) = true;
    65
    66    // Status code filter.
    67    StatusCodeFilter status_code_filter = 1;
    68
    69    // Duration filter.
    70    DurationFilter duration_filter = 2;
    71
    72    // Not health check filter.
    73    NotHealthCheckFilter not_health_check_filter = 3;
    74
    75    // Traceable filter.
    76    TraceableFilter traceable_filter = 4;
    77
    78    // Runtime filter.
    79    RuntimeFilter runtime_filter = 5;
    80
    81    // And filter.
    82    AndFilter and_filter = 6;
    83
    84    // Or filter.
    85    OrFilter or_filter = 7;
    86
    87    // Header filter.
    88    HeaderFilter header_filter = 8;
    89
    90    // Response flag filter.
    91    ResponseFlagFilter response_flag_filter = 9;
    92
    93    // gRPC status filter.
    94    GrpcStatusFilter grpc_status_filter = 10;
    95
    96    // Extension filter.
    97    ExtensionFilter extension_filter = 11;
    98
    99    // Metadata Filter
   100    MetadataFilter metadata_filter = 12;
   101  }
   102}
   103
   104// Filter on an integer comparison.
   105message ComparisonFilter {
   106  option (udpa.annotations.versioning).previous_message_type =
   107      "envoy.config.filter.accesslog.v2.ComparisonFilter";
   108
   109  enum Op {
   110    // =
   111    EQ = 0;
   112
   113    // >=
   114    GE = 1;
   115
   116    // <=
   117    LE = 2;
   118  }
   119
   120  // Comparison operator.
   121  Op op = 1 [(validate.rules).enum = {defined_only: true}];
   122
   123  // Value to compare against.
   124  core.v3.RuntimeUInt32 value = 2;
   125}
   126
   127// Filters on HTTP response/status code.
   128message StatusCodeFilter {
   129  option (udpa.annotations.versioning).previous_message_type =
   130      "envoy.config.filter.accesslog.v2.StatusCodeFilter";
   131
   132  // Comparison.
   133  ComparisonFilter comparison = 1 [(validate.rules).message = {required: true}];
   134}
   135
   136// Filters on total request duration in milliseconds.
   137message DurationFilter {
   138  option (udpa.annotations.versioning).previous_message_type =
   139      "envoy.config.filter.accesslog.v2.DurationFilter";
   140
   141  // Comparison.
   142  ComparisonFilter comparison = 1 [(validate.rules).message = {required: true}];
   143}
   144
   145// Filters for requests that are not health check requests. A health check
   146// request is marked by the health check filter.
   147message NotHealthCheckFilter {
   148  option (udpa.annotations.versioning).previous_message_type =
   149      "envoy.config.filter.accesslog.v2.NotHealthCheckFilter";
   150}
   151
   152// Filters for requests that are traceable. See the tracing overview for more
   153// information on how a request becomes traceable.
   154message TraceableFilter {
   155  option (udpa.annotations.versioning).previous_message_type =
   156      "envoy.config.filter.accesslog.v2.TraceableFilter";
   157}
   158
   159// Filters for random sampling of requests.
   160message RuntimeFilter {
   161  option (udpa.annotations.versioning).previous_message_type =
   162      "envoy.config.filter.accesslog.v2.RuntimeFilter";
   163
   164  // Runtime key to get an optional overridden numerator for use in the
   165  // *percent_sampled* field. If found in runtime, this value will replace the
   166  // default numerator.
   167  string runtime_key = 1 [(validate.rules).string = {min_len: 1}];
   168
   169  // The default sampling percentage. If not specified, defaults to 0% with
   170  // denominator of 100.
   171  type.v3.FractionalPercent percent_sampled = 2;
   172
   173  // By default, sampling pivots on the header
   174  // :ref:`x-request-id<config_http_conn_man_headers_x-request-id>` being
   175  // present. If :ref:`x-request-id<config_http_conn_man_headers_x-request-id>`
   176  // is present, the filter will consistently sample across multiple hosts based
   177  // on the runtime key value and the value extracted from
   178  // :ref:`x-request-id<config_http_conn_man_headers_x-request-id>`. If it is
   179  // missing, or *use_independent_randomness* is set to true, the filter will
   180  // randomly sample based on the runtime key value alone.
   181  // *use_independent_randomness* can be used for logging kill switches within
   182  // complex nested :ref:`AndFilter
   183  // <envoy_api_msg_config.accesslog.v3.AndFilter>` and :ref:`OrFilter
   184  // <envoy_api_msg_config.accesslog.v3.OrFilter>` blocks that are easier to
   185  // reason about from a probability perspective (i.e., setting to true will
   186  // cause the filter to behave like an independent random variable when
   187  // composed within logical operator filters).
   188  bool use_independent_randomness = 3;
   189}
   190
   191// Performs a logical “and” operation on the result of each filter in filters.
   192// Filters are evaluated sequentially and if one of them returns false, the
   193// filter returns false immediately.
   194message AndFilter {
   195  option (udpa.annotations.versioning).previous_message_type =
   196      "envoy.config.filter.accesslog.v2.AndFilter";
   197
   198  repeated AccessLogFilter filters = 1 [(validate.rules).repeated = {min_items: 2}];
   199}
   200
   201// Performs a logical “or” operation on the result of each individual filter.
   202// Filters are evaluated sequentially and if one of them returns true, the
   203// filter returns true immediately.
   204message OrFilter {
   205  option (udpa.annotations.versioning).previous_message_type =
   206      "envoy.config.filter.accesslog.v2.OrFilter";
   207
   208  repeated AccessLogFilter filters = 2 [(validate.rules).repeated = {min_items: 2}];
   209}
   210
   211// Filters requests based on the presence or value of a request header.
   212message HeaderFilter {
   213  option (udpa.annotations.versioning).previous_message_type =
   214      "envoy.config.filter.accesslog.v2.HeaderFilter";
   215
   216  // Only requests with a header which matches the specified HeaderMatcher will
   217  // pass the filter check.
   218  route.v3.HeaderMatcher header = 1 [(validate.rules).message = {required: true}];
   219}
   220
   221// Filters requests that received responses with an Envoy response flag set.
   222// A list of the response flags can be found
   223// in the access log formatter
   224// :ref:`documentation<config_access_log_format_response_flags>`.
   225message ResponseFlagFilter {
   226  option (udpa.annotations.versioning).previous_message_type =
   227      "envoy.config.filter.accesslog.v2.ResponseFlagFilter";
   228
   229  // Only responses with the any of the flags listed in this field will be
   230  // logged. This field is optional. If it is not specified, then any response
   231  // flag will pass the filter check.
   232  repeated string flags = 1 [(validate.rules).repeated = {
   233    items {
   234      string {
   235        in: "LH"
   236        in: "UH"
   237        in: "UT"
   238        in: "LR"
   239        in: "UR"
   240        in: "UF"
   241        in: "UC"
   242        in: "UO"
   243        in: "NR"
   244        in: "DI"
   245        in: "FI"
   246        in: "RL"
   247        in: "UAEX"
   248        in: "RLSE"
   249        in: "DC"
   250        in: "URX"
   251        in: "SI"
   252        in: "IH"
   253        in: "DPE"
   254        in: "UMSDR"
   255        in: "RFCF"
   256        in: "NFCF"
   257        in: "DT"
   258      }
   259    }
   260  }];
   261}
   262
   263// Filters gRPC requests based on their response status. If a gRPC status is not
   264// provided, the filter will infer the status from the HTTP status code.
   265message GrpcStatusFilter {
   266  option (udpa.annotations.versioning).previous_message_type =
   267      "envoy.config.filter.accesslog.v2.GrpcStatusFilter";
   268
   269  enum Status {
   270    OK = 0;
   271    CANCELED = 1;
   272    UNKNOWN = 2;
   273    INVALID_ARGUMENT = 3;
   274    DEADLINE_EXCEEDED = 4;
   275    NOT_FOUND = 5;
   276    ALREADY_EXISTS = 6;
   277    PERMISSION_DENIED = 7;
   278    RESOURCE_EXHAUSTED = 8;
   279    FAILED_PRECONDITION = 9;
   280    ABORTED = 10;
   281    OUT_OF_RANGE = 11;
   282    UNIMPLEMENTED = 12;
   283    INTERNAL = 13;
   284    UNAVAILABLE = 14;
   285    DATA_LOSS = 15;
   286    UNAUTHENTICATED = 16;
   287  }
   288
   289  // Logs only responses that have any one of the gRPC statuses in this field.
   290  repeated Status statuses = 1 [(validate.rules).repeated = {items {enum {defined_only: true}}}];
   291
   292  // If included and set to true, the filter will instead block all responses
   293  // with a gRPC status or inferred gRPC status enumerated in statuses, and
   294  // allow all other responses.
   295  bool exclude = 2;
   296}
   297
   298// Filters based on matching dynamic metadata.
   299// If the matcher path and key correspond to an existing key in dynamic
   300// metadata, the request is logged only if the matcher value is equal to the
   301// metadata value. If the matcher path and key *do not* correspond to an
   302// existing key in dynamic metadata, the request is logged only if
   303// match_if_key_not_found is "true" or unset.
   304message MetadataFilter {
   305  option (udpa.annotations.versioning).previous_message_type =
   306      "envoy.config.filter.accesslog.v2.MetadataFilter";
   307
   308  // Matcher to check metadata for specified value. For example, to match on the
   309  // access_log_hint metadata, set the filter to "envoy.common" and the path to
   310  // "access_log_hint", and the value to "true".
   311  type.matcher.v3.MetadataMatcher matcher = 1;
   312
   313  // Default result if the key does not exist in dynamic metadata: if unset or
   314  // true, then log; if false, then don't log.
   315  google.protobuf.BoolValue match_if_key_not_found = 2;
   316}
   317
   318// Extension filter is statically registered at runtime.
   319message ExtensionFilter {
   320  option (udpa.annotations.versioning).previous_message_type =
   321      "envoy.config.filter.accesslog.v2.ExtensionFilter";
   322
   323  reserved 2;
   324
   325  reserved "config";
   326
   327  // The name of the filter implementation to instantiate. The name must
   328  // match a statically registered filter.
   329  string name = 1;
   330
   331  // Custom configuration that depends on the filter being instantiated.
   332  oneof config_type {
   333    google.protobuf.Any typed_config = 3;
   334  }
   335}

View as plain text