This extension may be referenced by the qualified name envoy.access_loggers.extension_filters.cel


This extension is functional but has not had substantial production burn time, use only with this caveat.

This extension has an unknown security posture and should only be used in deployments where both the downstream and upstream are trusted.


This extension extends and can be used with the following extension category:


[extensions.access_loggers.filters.cel.v3.ExpressionFilter proto]

ExpressionFilter is an access logging filter that evaluates configured symbolic Common Expression Language expressions to inform the decision to generate an access log.

  "expression": "..."

(string) Expression that, when evaluated, will be used to filter access logs. Expressions are based on the set of Envoy attributes. The provided expression must evaluate to true for logging (expression errors are considered false). Examples: - response.code >= 400 - (connection.mtls && request.headers[‘x-log-mtls’] == ‘true’) || request.url_path.contains(‘v1beta3’)