forked from envoyproxy/envoy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaccesslog.proto
323 lines (261 loc) · 10.4 KB
/
accesslog.proto
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
syntax = "proto3";
package envoy.config.accesslog.v4alpha;
import "envoy/config/core/v4alpha/base.proto";
import "envoy/config/route/v4alpha/route_components.proto";
import "envoy/type/matcher/v4alpha/metadata.proto";
import "envoy/type/v3/percent.proto";
import "google/protobuf/any.proto";
import "google/protobuf/wrappers.proto";
import "udpa/annotations/status.proto";
import "udpa/annotations/versioning.proto";
import "validate/validate.proto";
option java_package = "io.envoyproxy.envoy.config.accesslog.v4alpha";
option java_outer_classname = "AccesslogProto";
option java_multiple_files = true;
option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE;
// [#protodoc-title: Common access log types]
message AccessLog {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.accesslog.v3.AccessLog";
reserved 3;
reserved "config";
// The name of the access log extension to instantiate.
// The name must match one of the compiled in loggers.
// See the :ref:`extensions listed in typed_config below <extension_category_envoy.access_loggers>` for the default list of available loggers.
string name = 1;
// Filter which is used to determine if the access log needs to be written.
AccessLogFilter filter = 2;
// Custom configuration that must be set according to the access logger extension being instantiated.
// [#extension-category: envoy.access_loggers]
oneof config_type {
google.protobuf.Any typed_config = 4;
}
}
// [#next-free-field: 13]
message AccessLogFilter {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.accesslog.v3.AccessLogFilter";
oneof filter_specifier {
option (validate.required) = true;
// Status code filter.
StatusCodeFilter status_code_filter = 1;
// Duration filter.
DurationFilter duration_filter = 2;
// Not health check filter.
NotHealthCheckFilter not_health_check_filter = 3;
// Traceable filter.
TraceableFilter traceable_filter = 4;
// Runtime filter.
RuntimeFilter runtime_filter = 5;
// And filter.
AndFilter and_filter = 6;
// Or filter.
OrFilter or_filter = 7;
// Header filter.
HeaderFilter header_filter = 8;
// Response flag filter.
ResponseFlagFilter response_flag_filter = 9;
// gRPC status filter.
GrpcStatusFilter grpc_status_filter = 10;
// Extension filter.
ExtensionFilter extension_filter = 11;
// Metadata Filter
MetadataFilter metadata_filter = 12;
}
}
// Filter on an integer comparison.
message ComparisonFilter {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.accesslog.v3.ComparisonFilter";
enum Op {
// =
EQ = 0;
// >=
GE = 1;
// <=
LE = 2;
}
// Comparison operator.
Op op = 1 [(validate.rules).enum = {defined_only: true}];
// Value to compare against.
core.v4alpha.RuntimeUInt32 value = 2;
}
// Filters on HTTP response/status code.
message StatusCodeFilter {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.accesslog.v3.StatusCodeFilter";
// Comparison.
ComparisonFilter comparison = 1 [(validate.rules).message = {required: true}];
}
// Filters on total request duration in milliseconds.
message DurationFilter {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.accesslog.v3.DurationFilter";
// Comparison.
ComparisonFilter comparison = 1 [(validate.rules).message = {required: true}];
}
// Filters for requests that are not health check requests. A health check
// request is marked by the health check filter.
message NotHealthCheckFilter {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.accesslog.v3.NotHealthCheckFilter";
}
// Filters for requests that are traceable. See the tracing overview for more
// information on how a request becomes traceable.
message TraceableFilter {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.accesslog.v3.TraceableFilter";
}
// Filters for random sampling of requests.
message RuntimeFilter {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.accesslog.v3.RuntimeFilter";
// Runtime key to get an optional overridden numerator for use in the
// *percent_sampled* field. If found in runtime, this value will replace the
// default numerator.
string runtime_key = 1 [(validate.rules).string = {min_len: 1}];
// The default sampling percentage. If not specified, defaults to 0% with
// denominator of 100.
type.v3.FractionalPercent percent_sampled = 2;
// By default, sampling pivots on the header
// :ref:`x-request-id<config_http_conn_man_headers_x-request-id>` being
// present. If :ref:`x-request-id<config_http_conn_man_headers_x-request-id>`
// is present, the filter will consistently sample across multiple hosts based
// on the runtime key value and the value extracted from
// :ref:`x-request-id<config_http_conn_man_headers_x-request-id>`. If it is
// missing, or *use_independent_randomness* is set to true, the filter will
// randomly sample based on the runtime key value alone.
// *use_independent_randomness* can be used for logging kill switches within
// complex nested :ref:`AndFilter
// <envoy_api_msg_config.accesslog.v4alpha.AndFilter>` and :ref:`OrFilter
// <envoy_api_msg_config.accesslog.v4alpha.OrFilter>` blocks that are easier to
// reason about from a probability perspective (i.e., setting to true will
// cause the filter to behave like an independent random variable when
// composed within logical operator filters).
bool use_independent_randomness = 3;
}
// Performs a logical “and” operation on the result of each filter in filters.
// Filters are evaluated sequentially and if one of them returns false, the
// filter returns false immediately.
message AndFilter {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.accesslog.v3.AndFilter";
repeated AccessLogFilter filters = 1 [(validate.rules).repeated = {min_items: 2}];
}
// Performs a logical “or” operation on the result of each individual filter.
// Filters are evaluated sequentially and if one of them returns true, the
// filter returns true immediately.
message OrFilter {
option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.OrFilter";
repeated AccessLogFilter filters = 2 [(validate.rules).repeated = {min_items: 2}];
}
// Filters requests based on the presence or value of a request header.
message HeaderFilter {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.accesslog.v3.HeaderFilter";
// Only requests with a header which matches the specified HeaderMatcher will
// pass the filter check.
route.v4alpha.HeaderMatcher header = 1 [(validate.rules).message = {required: true}];
}
// Filters requests that received responses with an Envoy response flag set.
// A list of the response flags can be found
// in the access log formatter
// :ref:`documentation<config_access_log_format_response_flags>`.
message ResponseFlagFilter {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.accesslog.v3.ResponseFlagFilter";
// Only responses with the any of the flags listed in this field will be
// logged. This field is optional. If it is not specified, then any response
// flag will pass the filter check.
repeated string flags = 1 [(validate.rules).repeated = {
items {
string {
in: "LH"
in: "UH"
in: "UT"
in: "LR"
in: "UR"
in: "UF"
in: "UC"
in: "UO"
in: "NR"
in: "DI"
in: "FI"
in: "RL"
in: "UAEX"
in: "RLSE"
in: "DC"
in: "URX"
in: "SI"
in: "IH"
in: "DPE"
in: "UMSDR"
in: "RFCF"
in: "NFCF"
in: "DT"
}
}
}];
}
// Filters gRPC requests based on their response status. If a gRPC status is not
// provided, the filter will infer the status from the HTTP status code.
message GrpcStatusFilter {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.accesslog.v3.GrpcStatusFilter";
enum Status {
OK = 0;
CANCELED = 1;
UNKNOWN = 2;
INVALID_ARGUMENT = 3;
DEADLINE_EXCEEDED = 4;
NOT_FOUND = 5;
ALREADY_EXISTS = 6;
PERMISSION_DENIED = 7;
RESOURCE_EXHAUSTED = 8;
FAILED_PRECONDITION = 9;
ABORTED = 10;
OUT_OF_RANGE = 11;
UNIMPLEMENTED = 12;
INTERNAL = 13;
UNAVAILABLE = 14;
DATA_LOSS = 15;
UNAUTHENTICATED = 16;
}
// Logs only responses that have any one of the gRPC statuses in this field.
repeated Status statuses = 1 [(validate.rules).repeated = {items {enum {defined_only: true}}}];
// If included and set to true, the filter will instead block all responses
// with a gRPC status or inferred gRPC status enumerated in statuses, and
// allow all other responses.
bool exclude = 2;
}
// Filters based on matching dynamic metadata.
// If the matcher path and key correspond to an existing key in dynamic
// metadata, the request is logged only if the matcher value is equal to the
// metadata value. If the matcher path and key *do not* correspond to an
// existing key in dynamic metadata, the request is logged only if
// match_if_key_not_found is "true" or unset.
message MetadataFilter {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.accesslog.v3.MetadataFilter";
// Matcher to check metadata for specified value. For example, to match on the
// access_log_hint metadata, set the filter to "envoy.common" and the path to
// "access_log_hint", and the value to "true".
type.matcher.v4alpha.MetadataMatcher matcher = 1;
// Default result if the key does not exist in dynamic metadata: if unset or
// true, then log; if false, then don't log.
google.protobuf.BoolValue match_if_key_not_found = 2;
}
// Extension filter is statically registered at runtime.
message ExtensionFilter {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.accesslog.v3.ExtensionFilter";
reserved 2;
reserved "config";
// The name of the filter implementation to instantiate. The name must
// match a statically registered filter.
string name = 1;
// Custom configuration that depends on the filter being instantiated.
oneof config_type {
google.protobuf.Any typed_config = 3;
}
}