Cloudflare

Last Updated: Mar. 30, 2022

Cloudflare Enterprise customers have access to Logpush service which allows you to forward logs to cloud service providers like AWS. In this tutorial, you will find all steps to send logs to Coralogix.

Prerequisites

AWS S3 bucket – Follow the tutorial to send logs from S3 bucket to Coralogix: https://coralogix.com/integrations/data-collection-s3/

Configuration

To enable the Clouflare Logpush service:

Log in to the Cloudflare dashboard
Ensure the Enterprise domain you want to use with Logpush is selected
Select the Analytics app in the top menu
Select the Logs section in the secondary menu
Select Connect a service. A modal window opens where you will need to complete several steps.
Under Select service, pick your Amazon S3 and click Next.
Enter or select the following:
- Bucket path
- Daily subfolders
- Bucket region
Copy the policy from the field below “Grant Cloudflare access to upload files to your bucket”
In new window go to S3 > your bucket name > Permissions > Bucket Policy
Click on the Edit button at the Bucket Policy.
Paste the copied policy and save changes.
In the Cloudflare dashboard, click Validate access.
Follow the on-screen instructions to enter the Ownership token (included in a file Cloudflare sends to your Amazon S3 bucket).

Open a file with token on your Amazon S3 bucket and paste the token into Ownership token field:
Click the “Prove ownership” button.
Next in the Customize log screen, select the data set in which you’re interested (currently HTTP requests or Spectrum events).

You can keep the default fields to include in your log or make changes. You can add or remove fields at a later time by modifying your settings in Logs > Logpush (select the wrench icon).
To finish enabling Logpush, click Save and Start Pushing