docs: add a blurb on the JA3 to access_logs (#37830)

This PR adds a blurb on the usage of `%TLS_JA3_FINGERPRINT%` in access logs to log the recorded JA3 fingerprint from the TLS Inspector. Signed-off-by: Rohit Agrawal <[email protected]> Co-authored-by: phlax <[email protected]>
envoyproxy · Dec 29, 2024 · d824532 · d824532
1 parent 2bbf893
commit d824532
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/docs/root/configuration/observability/access_log/usage.rst b/docs/root/configuration/observability/access_log/usage.rst
@@ -1215,6 +1215,14 @@ UDP
   UDP
     Not implemented ("-").
 
+%TLS_JA3_FINGERPRINT%
+  HTTP/TCP/Thrift
+    The JA3 fingerprint (MD5 hash) of the TLS Client Hello message from the downstream connection.
+    Provides a way to fingerprint TLS clients based on various Client Hello parameters like cipher suites,
+    extensions, elliptic curves, etc. Will be ``-`` if TLS is not used or the handshake is incomplete.
+  UDP
+    Not implemented (``-``).
+
 .. _config_access_log_format_downstream_peer_cert_v_start:
 
 %DOWNSTREAM_PEER_CERT_V_START%