ExpressionFilter (proto)

This extension has the qualified name envoy.access_loggers.extension_filters.cel

Note

This extension is functional but has not had substantial production burn time, use only with this caveat.

This extension has an unknown security posture and should only be used in deployments where both the downstream and upstream are trusted.

Tip

This extension extends and can be used with the following extension category:

This extension must be configured with one of the following type URLs:

extensions.access_loggers.filters.cel.v3.ExpressionFilter

[extensions.access_loggers.filters.cel.v3.ExpressionFilter proto]

ExpressionFilter is an access logging filter that evaluates configured symbolic Common Expression Language expressions to inform the decision to generate an access log.

{
  "expression": ...
}
expression

(string) Expression that, when evaluated, will be used to filter access logs. Expressions are based on the set of Envoy attributes. The provided expression must evaluate to true for logging (expression errors are considered false). Examples:

  • response.code >= 400

  • (connection.mtls && request.headers['x-log-mtls'] == 'true') || request.url_path.contains('v1beta3')