Logs

Subscribe to RSS
Logpush Health Dashboards

We’re excited to introduce Logpush Health Dashboards, giving customers real-time visibility into the status, reliability, and performance of their Logpush jobs. Health dashboards make it easier to detect delivery issues, monitor job stability, and track performance across destinations. The dashboards are divided into two sections:

• Upload Health: See how much data was successfully uploaded, where drops occurred, and how your jobs are performing overall. This includes data completeness, success rate, and upload volume.

• Upload Reliability – Diagnose issues impacting stability, retries, or latency, and monitor key metrics such as retry counts, upload duration, and destination availability.

Health Dashboards can be accessed from the Logpush page in the Cloudflare dashboard at the account or zone level, under the Health tab. For more details, refer to our Logpush Health Dashboards documentation, which includes a comprehensive troubleshooting guide to help interpret and resolve common issues.

Logpush Permission Update for Zero Trust Datasets

Permissions for managing Logpush jobs related to Zero Trust datasets (Access, Gateway, and DEX) have been updated to improve data security and enforce appropriate access controls.

To view, create, update, or delete Logpush jobs for Zero Trust datasets, users must now have both of the following permissions:

• Logs Edit
• Zero Trust: PII Read

Azure Sentinel Connector

Logpush now supports integration with Microsoft Sentinel ↗.The new Azure Sentinel Connector built on Microsoft’s Codeless Connector Framework (CCF), is now avaialble. This solution replaces the previous Azure Functions-based connector, offering significant improvements in security, data control, and ease of use for customers. Logpush customers can send logs to Azure Blob Storage and configure this new Sentinel Connector to ingest those logs directly into Microsoft Sentinel.

This upgrade significantly streamlines log ingestion, improves security, and provides greater control:

• Simplified Implementation: Easier for engineering teams to set up and maintain.
• Cost Control: New support for Data Collection Rules (DCRs) allows you to filter and transform logs at ingestion time, offering potential cost savings.
• Enhanced Security: CCF provides a higher level of security compared to the older Azure Functions connector.
• ata Lake Integration: Includes native integration with Data Lake.

Find the new solution here ↗ and refer to the Cloudflare's developer documention ↗for more information on the connector, including setup steps, supported logs and Microsfot's resources.

Dedicated Egress IP for Logpush

Cloudflare Logpush can now deliver logs from using fixed, dedicated egress IPs. By routing Logpush traffic through a Cloudflare zone enabled with Aegis IP, your log destination only needs to allow Aegis IPs making setup more secure.

Highlights:

• Fixed egress IPs ensure your destination only accepts traffic from known addresses.
• Works with any supported Logpush destination.
• Recommended to use a dedicated zone as a proxy for easier management.

To get started, work with your Cloudflare account team to provision Aegis IPs, then configure your Logpush job to deliver logs through the proxy zone. For full setup instructions, refer to the Logpush documentation.

IBM Cloud Logs as Logpush destination

Cloudflare Logpush now supports IBM Cloud Logs as a native destination.

Logs from Cloudflare can be sent to IBM Cloud Logs ↗ via Logpush. The setup can be done through the Logpush UI in the Cloudflare Dashboard or by using the Logpush API. The integration requires IBM Cloud Logs HTTP Source Address and an IBM API Key. The feature also allows for filtering events and selecting specific log fields.

For more information, refer to Destination Configuration documentation.

Custom fields raw and transformed values support

Custom Fields now support logging both raw and transformed values for request and response headers in the HTTP requests dataset.

These fields are configured per zone and apply to all Logpush jobs in that zone that include request headers, response headers. Each header can be logged in only one format—either raw or transformed—not both.

By default:

• Request headers are logged as raw values
• Response headers are logged as transformed values

These defaults can be overidden to suit your logging needs.

For more information refer to Custom fields documentation

One-click Logpush Setup with R2 Object Storage

We’ve streamlined the Logpush setup process by integrating R2 bucket creation directly into the Logpush workflow!

Now, you no longer need to navigate multiple pages to manually create an R2 bucket or copy credentials. With this update, you can seamlessly configure a Logpush job to R2 in just one click, reducing friction and making setup faster and easier.

This enhancement makes it easier for customers to adopt Logpush and R2.

For more details refer to our Logs documentation.

New fields added to Gateway-related datasets in Cloudflare Logs

Cloudflare has introduced new fields to two Gateway-related datasets in Cloudflare Logs:

• Gateway HTTP: ApplicationIDs, ApplicationNames, CategoryIDs, CategoryNames, DestinationIPContinentCode, DestinationIPCountryCode, ProxyEndpoint, SourceIPContinentCode, SourceIPCountryCode, VirtualNetworkID, and VirtualNetworkName.

• Gateway Network: ApplicationIDs, ApplicationNames, DestinationIPContinentCode, DestinationIPCountryCode, ProxyEndpoint, SourceIPContinentCode, SourceIPCountryCode, TransportProtocol, VirtualNetworkID, and VirtualNetworkName.