envoyproxy
access_log: add OTLP/HTTP exporter to OpenTelemetry access logger
Commit Message: access_log: add OTLP/HTTP exporter to OpenTelemetry access logger
Additional Description: Adds HTTP transport support to the OpenTelemetry access logger, complementing #29207 (OTLP/HTTP tracing). This enables direct OTLP log export to backends that only accept HTTP (Dynatrace, Datadog, Logfire), without requiring an intermediate collector sidecar.
Also refactors the config to match the tracer pattern:
- Add top-level
http_serviceandgrpc_servicefields - Add top-level
log_name,buffer_flush_interval,buffer_size_bytes,filter_state_objects_to_log, andcustom_tagsfields - Add top-level
resource_detectorsfield for dynamic resource attributes (e.g., environment detector) - Deprecate
common_configfield (still functional for backward compatibility) - Extract shared utilities (
otlp_log_utils) from duplicated code between HTTP and gRPC implementations
Risk Level: Low (new optional feature, backward compatible)
Testing: Unit tests, integration test, manual testing with OTel collector
Docs Changes: Proto documentation updated
Release Notes: Added
Fixes #26352 (access logs portion)
Example Configuration (OTLP/HTTP with resource_detectors)
# Run with: OTEL_RESOURCE_ATTRIBUTES=service.name=my-service
access_log:
- name: envoy.access_loggers.open_telemetry
typed_config:
"@type": type.googleapis.com/envoy.extensions.access_loggers.open_telemetry.v3.OpenTelemetryAccessLogConfig
http_service:
http_uri:
uri: "http://localhost:4318/v1/logs"
cluster: otel_collector
timeout: 1s
log_name: envoy_access_log
resource_detectors:
- name: envoy.tracers.opentelemetry.resource_detectors.environment
typed_config:
"@type": type.googleapis.com/envoy.extensions.tracers.opentelemetry.resource_detectors.v3.EnvironmentResourceDetectorConfig
body:
string_value: "%REQ(:METHOD)% %REQ(:PATH)% %RESPONSE_CODE%"
Example Configuration (OTLP/gRPC - after this PR is similar to tracing)
access_log:
- name: envoy.access_loggers.open_telemetry
typed_config:
"@type": type.googleapis.com/envoy.extensions.access_loggers.open_telemetry.v3.OpenTelemetryAccessLogConfig
grpc_service:
envoy_grpc:
cluster_name: otel_collector
log_name: envoy_access_log
body:
string_value: "%REQ(:METHOD)% %REQ(:PATH)% %RESPONSE_CODE%"
FAQ
Why add resource_detectors instead of propagating resource_attributes?
The resource_attributes field in the old common_config was a one-off pattern that no other signal uses. By adopting resource_detectors, access logs now follow the same configuration style as tracing and metrics:
How do I set service.name consistently across all signals?
Use the OTEL_RESOURCE_ATTRIBUTES environment variable with the environment resource detector:
OTEL_RESOURCE_ATTRIBUTES=service.name=my-envoy envoy -c config.yaml
Then configure all signals to use the environment detector:
resource_detectors:
- name: envoy.tracers.opentelemetry.resource_detectors.environment
typed_config:
"@type": type.googleapis.com/envoy.extensions.tracers.opentelemetry.resource_detectors.v3.EnvironmentResourceDetectorConfig
This is the OTel-standard way to configure resource attributes and eliminates the need to duplicate service.name in multiple config sections.
Screenshots
As a reminder, PRs marked as draft will not be automatically assigned reviewers, or be handled by maintainer-oncall triage.
Please mark your PR as ready when you want it to be reviewed!
:cat:
Caused by: https://github.com/envoyproxy/envoy/pull/42445 was opened by codefromthecrypt.
![repokitteh-read-only[bot] avatar](https://avatars.githubusercontent.com/in/16729?v=4 "Published by a pub.dev verified publisher"){kind=small}
CC @envoyproxy/api-shepherds: Your approval is needed for changes made to (api/envoy/|docs/root/api-docs/).
envoyproxy/api-shepherds assignee is @mattklein123
CC @envoyproxy/api-watchers: FYI only for changes made to (api/envoy/|docs/root/api-docs/).
:cat:
Caused by: https://github.com/envoyproxy/envoy/pull/42445 was opened by codefromthecrypt.
@wbpcode @Kludex fyi this is for extending otel logging from grpc-only in envoy to also http as many backends prefer or only support http OTLP
noticed other examples use httpbingo not httpbin, since no one has reviewed yet I switched to the former and updated the screenshots🤞
@TAOXUY this might be interesting to you. I'm happy to continue and do metrics after this once merged
Thanks for the tips and attention folks. I will pare down per guidance tomorrow utc+8
One note is that the minimum viable implementation must include a service name from somewhere.
If the primary aggregation field is missing, we still require an intermediate collector to put it back. This would defeat the purpose or lock this into a subsequent PR which would absorb more time for everyone.
If the resource env is not acceptable for this pr does that mean we want an explicit service name field instead?
ahh I better understand now. What I will do is just use resource_attributes here because we can, and indeed don't need env support yet. So there's no real conflict. sorry for misunderstanding earlier. revisions on the way soon.
ok I think I got all the feedback, also updated the PR desc with new screenshots which are the same, just proving still works
CC @envoyproxy/coverage-shephards: FYI only for changes made to (test/coverage.yaml).
envoyproxy/coverage-shephards assignee is @RyanTheOptimist
:cat:
Caused by: https://github.com/envoyproxy/envoy/pull/42445 was synchronize by codefromthecrypt.
sorry took me a while to figure out how to adjust for coverage etc 96% is a tough bar until found the exceptions file ;)