Skip to content

Add L4 stats docs for Rulesets and Workers #29163

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
pedrosousa merged 1 commit into from
Mar 24, 2026
+51 −3
Merged

Add L4 stats docs for Rulesets and Workers #29163

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 15 additions & 1 deletion src/content/docs/workers/runtime-apis/request.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -227,6 +227,14 @@ All plans have access to:

* If Cloudflare replaces the value of the `Accept-Encoding` header, the original value is stored in the `clientAcceptEncoding` property, for example, `"gzip, deflate, br"`.

* `clientQuicRtt` number | undefined

* The smoothed round-trip time (RTT) between Cloudflare and the client for QUIC connections, in milliseconds. Only present when the client connected over QUIC (HTTP/3). For example, `42`.

* `clientTcpRtt` number | undefined

* The smoothed round-trip time (RTT) between the client and Cloudflare for TCP connections, in milliseconds. Only present when the client connected over TCP (HTTP/1 and HTTP/2). For example, `22`.

* `colo` string

* The three-letter [`IATA`](https://en.wikipedia.org/wiki/IATA_airport_code) airport code of the data center that the request hit, for example, `"DFW"`.
Expand All @@ -235,6 +243,12 @@ All plans have access to:

* Country of the incoming request. The two-letter country code in the request. This is the same value as that provided in the `CF-IPCountry` header, for example, `"US"`.

* `edgeL4` Object | undefined

* Layer 4 transport statistics for the connection between the client and Cloudflare. Contains the following property:
* `deliveryRate` number - The most recent data delivery rate estimate for the connection, in bytes per second. For example, `123456`.


* `isEUCountry` string | null

* If the country of the incoming request is in the EU, this will return `"1"`. Otherwise, this property is either omitted or `false`.
Expand Down Expand Up @@ -454,4 +468,4 @@ Incoming `Request` objects passed to the [`fetch()` handler](/workers/runtime-ap
* [Examples: Modify request property](/workers/examples/modify-request-property/)
* [Examples: Accessing the `cf` object](/workers/examples/accessing-the-cloudflare-object/)
* [Reference: `Response`](/workers/runtime-apis/response/)
* Write your Worker code in [ES modules syntax](/workers/reference/migrate-to-module-workers/) for an optimized experience.
* Write your Worker code in [ES modules syntax](/workers/reference/migrate-to-module-workers/) for an optimized experience.
38 changes: 36 additions & 2 deletions src/content/fields/index.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -804,7 +804,7 @@
description: |-
This field is only filled in if the request includes a client certificate for [mTLS authentication](/ssl/client-certificates/enable-mtls/).
example_value: |-
"Mar 21 13:35:00 2022 GMT"

Check warning on line 807 in src/content/fields/index.yaml

View workflow job for this annotation

GitHub Actions / Semgrep

semgrep.style-guide-potential-date-year 

Potential year found. Documentation should strive to represent universal truth, not something time-bound. (add [skip style guide checks] to commit message to skip)

Check warning on line 807 in src/content/fields/index.yaml

View workflow job for this annotation

GitHub Actions / Semgrep

semgrep.style-guide-potential-date-month 

Potential month found. Documentation should strive to represent universal truth, not something time-bound. (add [skip style guide checks] to commit message to skip)

- name: cf.tls_client_auth.cert_not_after
data_type: String
Expand All @@ -814,7 +814,7 @@
description: |-
This field is only filled in if the request includes a client certificate for [mTLS authentication](/ssl/client-certificates/enable-mtls/).
example_value: |-
"Mar 21 13:35:00 2023 GMT"

Check warning on line 817 in src/content/fields/index.yaml

View workflow job for this annotation

GitHub Actions / Semgrep

semgrep.style-guide-potential-date-year 

Potential year found. Documentation should strive to represent universal truth, not something time-bound. (add [skip style guide checks] to commit message to skip)

Check warning on line 817 in src/content/fields/index.yaml

View workflow job for this annotation

GitHub Actions / Semgrep

semgrep.style-guide-potential-date-month 

Potential month found. Documentation should strive to represent universal truth, not something time-bound. (add [skip style guide checks] to commit message to skip)

- name: cf.tls_client_auth.cert_ski
data_type: String
Expand All @@ -834,7 +834,7 @@
description: |-
This field is only filled in if the request includes a client certificate for [mTLS authentication](/ssl/client-certificates/enable-mtls/).
example_value: |-
"8204924CF49D471E855862706D889F58F6B784D3"

Check warning on line 837 in src/content/fields/index.yaml

View workflow job for this annotation

GitHub Actions / Semgrep

semgrep.style-guide-potential-date-year 

Potential year found. Documentation should strive to represent universal truth, not something time-bound. (add [skip style guide checks] to commit message to skip)

- name: cf.tls_client_extensions_sha1
data_type: String
Expand Down Expand Up @@ -898,13 +898,47 @@
example_value: |-
true

- name: cf.edge.l4.delivery_rate
data_type: Integer
categories: [Request]
keywords:
[request, l4, delivery rate, bandwidth, network, performance, transport]
summary: The most recent data delivery rate estimate for the client connection, in bytes per second.
description: |-
This metric reflects the rate at which data is being successfully delivered over the connection.

Returns `0` when L4 statistics are not available for the request.
example_value: |-
123456
example_block: |-
# Match requests where the delivery rate is below 100 KB/s
cf.edge.l4.delivery_rate < 100000

- name: cf.timings.client_tcp_rtt_msec
data_type: Number
categories: [Request]
keywords: [request, timing, tcp, rtt, performance, latency]
summary: The smoothed TCP round-trip time (RTT) from client to Cloudflare in milliseconds.
summary: The smoothed TCP round-trip time (RTT) between Cloudflare and the client in milliseconds.
description: |-
This field is only populated for TCP (HTTP/1, HTTP/2) connections. For QUIC connections, the value is `0`.
example_value: |-
20
example_block: |-
# Match requests over TCP where the RTT exceeds 200 ms
cf.timings.client_quic_rtt_msec > 200

- name: cf.timings.client_quic_rtt_msec
data_type: Integer
categories: [Request]
keywords: [request, timing, quic, rtt, performance, latency, http3]
summary: The smoothed QUIC round-trip time (RTT) between Cloudflare and the client in milliseconds.
description: |-
This field is only populated for QUIC (HTTP/3) connections. For TCP connections, the value is `0`.
example_value: |-
42
example_block: |-
# Match requests over QUIC where the RTT exceeds 200 ms
cf.timings.client_quic_rtt_msec > 200

- name: cf.timings.edge_msec
data_type: Integer
Expand Down Expand Up @@ -938,7 +972,7 @@
150
example_block: |-
# Matches requests where the origin response time (TTFB) was greater than 2 seconds:
cf.timings.origin_ttfb_msec > 2000

Check warning on line 975 in src/content/fields/index.yaml

View workflow job for this annotation

GitHub Actions / Semgrep

semgrep.style-guide-potential-date-year 

Potential year found. Documentation should strive to represent universal truth, not something time-bound. (add [skip style guide checks] to commit message to skip)

- name: cf.timings.worker_msec
data_type: Integer
Expand Down Expand Up @@ -1072,7 +1106,7 @@
Requires a Cloudflare Enterprise plan with [malicious uploads detection](/waf/detections/malicious-uploads/).
example_block: |-
# Check if requests to a specific endpoint contain any content objects larger than 500 KB (512,000 bytes)
any(cf.waf.content_scan.obj_sizes[*] > 512000) and http.request.uri.path eq "/upload"

Check warning on line 1109 in src/content/fields/index.yaml

View workflow job for this annotation

GitHub Actions / Semgrep

semgrep.style-guide-potential-date-year 

Potential year found. Documentation should strive to represent universal truth, not something time-bound. (add [skip style guide checks] to commit message to skip)

- name: cf.waf.content_scan.obj_types
data_type: Array<String>
Expand Down Expand Up @@ -2205,4 +2239,4 @@

You can use this field to customize the response for a specific type of error (for example, all 1XXX errors or all WAF block actions).

**Note**: This field is only available in [Response Header Transform Rules](/rules/transform/response-header-modification/) and [Custom Errors](/rules/custom-errors/).
**Note**: This field is only available in [Response Header Transform Rules](/rules/transform/response-header-modification/) and [Custom Errors](/rules/custom-errors/).
Loading