Cloudflare Audit Logs

Cloudflare customers can review audit logs for a user account, filter by who made the change, which zone (domain) was the change was made on, and the timeframe of the change. You can use Cloudflare UI for it but also you are allowed to pull those logs to Coralogix. Once you get the logs you can gain insights and visualize what changes where done recently and you can set alerts on specific ones.

To set the integration:

  1. Open in Coralogix: Settings -> Context Data Plugins
  2. Scroll right and choose Cloudflare tab.
  3. Fill the table:

  • Integration Name: It can be any name for your integration
  • Authentication email – E-mail address you used for login to Cloudflare
  • Cloudflare API Key – Cloudflare UI -> My Profile -> API Tokens -> Global API Key
  • Account Name – It can be the Cloudflare Account Name or you can provide any other name which will be your subsystem name in Coralogix
  • Account ID – Choose the account in Cloudlfare and in the right column there is a section API where you will find the Account ID
By default logs will be retrieved from Cloudflare every hour but once logs are indexed they will have the Cloudflare timestamp.