Access Log Middleware
The Access Log Middleware (accessLog) enables you to enrich access logs with custom request attributes such as headers, query parameters, cookies, and other contextual data. This helps improve observability, traceability, and debugging across your services.
Overview
By default, access logs typically contain basic information such as request method, path, status code, and response time. The accessLog middleware allows you to extend those logs with additional request-level data that is critical for:
- Debugging production issues
- Tracking client behavior
- Correlating requests across systems
- Enhancing security and audit logging
- Improving monitoring and analytics
Basic Configuration
- name: custom-logger
type: accessLog
paths:
- "/.*"
rule:
headers:
- CF-IPCountry
query:
- debug
- source
cookies:
- session_id
This configuration logs:
- The
CF-IPCountryrequest header (useful for geo-location) - The
debugandsourcequery parameters - The
session_idcookie value
Supported Log Fields
The middleware can extract values from multiple parts of the incoming request.
Headers
rule:
headers:
- X-Request-ID
- User-Agent
Logs the specified HTTP request headers.
Query Parameters
rule:
query:
- page
- limit
Logs values from the request query string.
Cookies
rule:
cookies:
- session_id
- auth_token
Logs selected cookies for traceability or session analysis.
Path-Based Logging
You can limit logging enrichment to specific paths:
paths:
- /api/*
- /admin/*
This helps reduce log noise and control sensitive data exposure.
Log Output Behavior
- Missing fields are logged as empty or null values
- Values are captured at request time
- Fields are appended to existing access log entries
- The logging format depends on your gateway’s global log configuration
Example: Observability-Focused Logging
- name: observability-logger
type: accessLog
paths:
- /api/*
rule:
headers:
- X-Request-ID
- User-Agent
- CF-IPCountry
query:
- version
cookies:
- session_id