Cloudflare customers can review audit logs for a user account, filter by who made the change, which zone (domain) was the change was made on, and the timeframe of the change. You can use Cloudflare UI for it but also you are allowed to pull those logs to Coralogix. Once you get the logs you can gain insights and visualize what changes where done recently and you can set alerts on specific ones.
To set the integration please contact Coralogix support through chat in our website www.coralogix.com or send us an email to email@example.com with the following information:
- API Key – Cloudflare -> My Profile -> API Tokens -> Global API Key
- Authentication email – E-mail address you used for login to Cloudflare
- Account ID – Choose the account and in the right column there is a section API where you will find the Account ID
You can test if your credentials are correct by retrieving audit logs with the following curl command:
curl --location --request GET 'https://api.cloudflare.com/client/v4/accounts/<Account ID>/audit_logs?direction=desc&page=1&per_page=1' \ --header 'X-Auth-Email: <Authentication email>' \ --header 'X-Auth-Key: <API Key>' \ --header 'Content-Type: application/json'
- Account Name – It can be the Account Name or you can provide any other name which will be your subsystem name in Coralogix
- Company ID – Coralogix -> Settings -> Send your logs; in the left top corner