Cloudflare Logpush is a feature that allows you to push HTTP request logs and other Cloudflare-generated logs directly to your desired storage, analytics, and monitoring solutions like Axiom. The integration with Axiom aims to provide real-time insights into web traffic, and operational issues, thereby helping to monitor and troubleshoot effectively.

What’s Cloudflare Logpush?

Cloudflare Logpush enables Cloudflare users to automatically export their logs in JSON format to a variety of endpoints. This feature is incredibly useful for analytics, auditing, debugging, and monitoring the performance and security of websites. Types of logs you can export include HTTP request logs, firewall events, and more.

Installing Cloudflare Logpush app

Prerequisites

  • An active Cloudflare Enterprise account
  • API token or global API key

Logpush on zones

You can create a token that has access to a single zone, single account or a mix of all these, depending on your needs. For account access, the token must have theses permissions:

  • Logs: Edit
  • Account settings: Read

For the zones, only edit permission is required for logs.

Steps

  • Log in to Cloudflare, go to your Cloudflare dashboard, and then select the Enterprise zone (domain) you want to enable Logpush for.

  • Optionally, set filters and fields. You can filter logs by field (like Client IP, User Agent, etc.) and set the type of logs you want (for example, HTTP requests, firewall events).

  • In Axiom, click Settings, select Apps, and install the Cloudflare Logpush app with the token you created from the profile settings in Cloudflare.

Install CloudFlare Logpush App

  • You see your available accounts and zones. Select the Cloudflare datasets you want to subscribe to.

Install CloudFlare Logpush App

  • The installation uses the Cloudflare API to create Logpush jobs for each selected dataset.

  • After the installation completes, you can find the installed Logpush jobs at Cloudflare.

For zone-scoped Logpush jobs:

CloudFlare Logpush on zone level

For account-scoped Logpush jobs:

CloudFlare Logpush on account level

  • In the Axiom, you can see your Cloudflare Logpush dashboard.

Using Axiom with Cloudflare Logpush offers a powerful solution for real-time monitoring, observability, and analytics. Axiom can help you gain deep insights into your app’s performance, errors, and app bottlenecks.

Benefits of using the Axiom Cloudflare Logpush Dashboard

  • Real-time visibility into web performance: One of the most crucial features is the ability to see how your website or app is performing in real-time. The dashboard can show everything from page load times to error rates, giving you immediate insights that can help in timely decision-making.

CloudFlare Logpush on account level

  • Actionable insights for troubleshooting: The dashboard doesn’t just provide raw data; it provides insights. Whether it’s an error that needs immediate fixing or performance metrics that show an error from your app, having this information readily available makes it easier to identify problems and resolve them swiftly.

CloudFlare Logpush on account level

  • DNS metrics: Understanding the DNS requests, DNS queries, and DNS cache hit from your app is vital to track if there’s a request spike or get the total number of queries in your system.

DNS metrics

  • Centralized logging and error tracing: With logs coming in from various parts of your app stack, centralizing them within Axiom makes it easier to correlate events across different layers of your infrastructure. This is crucial for troubleshooting complex issues that may span multiple services or components.

Centralized logging and error tracing

Supported Cloudflare Logpush Datasets

Axiom supports all the Cloudflare account-scoped datasets.

Zone-scoped

  • DNS logs
  • Firewall events
  • HTTP requests
  • NEL reports
  • Spectrum events

Account-scoped

  • Access requests
  • Audit logs
  • CASB Findings
  • Device posture results
  • DNS Firewall Logs
  • Gateway DNS
  • Gateway HTTP
  • Gateway Network
  • Magic IDS Detections
  • Network Analytics Logs
  • Workers Trace Events
  • Zero Trust Network Session Logs