pomerium

mirror of https://github.com/pomerium/pomerium.git synced 2025-05-02 11:56:02 +02:00

Author	SHA1	Message	Date
Joe Kralicky	554e77bc7c	envoy: log mtls failures (#5210 ) envoy: log mtls failures This implements limited listener-based access logging for downstream transport failures, only enabled when downstream_mtls.enforcement is set to 'reject_connection'. Client certificate details and the error message will be logged. Additionally, the new key 'client-certificate' can be set in the access_log_fields list in the configuration, which will add peer certificate properties (issuer, subject, SANs) to the existing per-request http logs. --------- Co-authored-by: Kenneth Jenkins <51246568+kenjenkins@users.noreply.github.com>	2024-08-09 14:05:10 -04:00
Caleb Doxsey	2220d1edf0	logs: add ip address to access logs (#4391 )	2023-08-09 07:09:00 -06:00
Caleb Doxsey	baf8918676	logs: add support for logging the http query (#4390 ) * config: add customization options for logging * config: validate log fields * proxy: add support for logging http request headers * log subset of headers * add support for logging the http query * fix test name * use strings.Cut, add unit tests	2023-07-25 12:56:49 -06:00
Caleb Doxsey	638d9f3d6c	proxy: add support for logging http request headers (#4388 ) * config: add customization options for logging * config: validate log fields * proxy: add support for logging http request headers * log subset of headers * fix test name * dont use log.HTTPHeaders for access logs * canonicalize http/2 headers	2023-07-25 09:46:42 -06:00
Caleb Doxsey	438aecd7bc	config: add customization options for logging (#4383 ) * config: add customization options for logging * config: validate log fields * allocate slices once	2023-07-24 13:17:03 -06:00

5 commits