1syntax = "proto3";
2
3package envoy.service.accesslog.v2;
4
5import "envoy/api/v2/core/base.proto";
6import "envoy/data/accesslog/v2/accesslog.proto";
7
8import "udpa/annotations/status.proto";
9import "validate/validate.proto";
10
11option java_package = "io.envoyproxy.envoy.service.accesslog.v2";
12option java_outer_classname = "AlsProto";
13option java_multiple_files = true;
14option go_package = "github.com/envoyproxy/go-control-plane/envoy/service/accesslog/v2;accesslogv2";
15option java_generic_services = true;
16option (udpa.annotations.file_status).package_version_status = FROZEN;
17
18// [#protodoc-title: gRPC Access Log Service (ALS)]
19
20// Service for streaming access logs from Envoy to an access log server.
21service AccessLogService {
22 // Envoy will connect and send StreamAccessLogsMessage messages forever. It does not expect any
23 // response to be sent as nothing would be done in the case of failure. The server should
24 // disconnect if it expects Envoy to reconnect. In the future we may decide to add a different
25 // API for "critical" access logs in which Envoy will buffer access logs for some period of time
26 // until it gets an ACK so it could then retry. This API is designed for high throughput with the
27 // expectation that it might be lossy.
28 rpc StreamAccessLogs(stream StreamAccessLogsMessage) returns (StreamAccessLogsResponse) {
29 }
30}
31
32// Empty response for the StreamAccessLogs API. Will never be sent. See below.
33message StreamAccessLogsResponse {
34}
35
36// Stream message for the StreamAccessLogs API. Envoy will open a stream to the server and stream
37// access logs without ever expecting a response.
38message StreamAccessLogsMessage {
39 message Identifier {
40 // The node sending the access log messages over the stream.
41 api.v2.core.Node node = 1 [(validate.rules).message = {required: true}];
42
43 // The friendly name of the log configured in :ref:`CommonGrpcAccessLogConfig
44 // <envoy_api_msg_config.accesslog.v2.CommonGrpcAccessLogConfig>`.
45 string log_name = 2 [(validate.rules).string = {min_bytes: 1}];
46 }
47
48 // Wrapper for batches of HTTP access log entries.
49 message HTTPAccessLogEntries {
50 repeated data.accesslog.v2.HTTPAccessLogEntry log_entry = 1
51 [(validate.rules).repeated = {min_items: 1}];
52 }
53
54 // Wrapper for batches of TCP access log entries.
55 message TCPAccessLogEntries {
56 repeated data.accesslog.v2.TCPAccessLogEntry log_entry = 1
57 [(validate.rules).repeated = {min_items: 1}];
58 }
59
60 // Identifier data that will only be sent in the first message on the stream. This is effectively
61 // structured metadata and is a performance optimization.
62 Identifier identifier = 1;
63
64 // Batches of log entries of a single type. Generally speaking, a given stream should only
65 // ever include one type of log entry.
66 oneof log_entries {
67 option (validate.required) = true;
68
69 HTTPAccessLogEntries http_logs = 2;
70
71 TCPAccessLogEntries tcp_logs = 3;
72 }
73}
View as plain text