Learn more about Cloudflare Audit Logs that summarize the history of changes made within your Cloudflare account.
Overview
Audit logs summarize the history of changes made within your Cloudflare account. Audit logs include account level actions like login and logout, as well as setting changes to DNS, Crypto, Firewall, Speed, Caching, Page Rules, Network, and Traffic features, etc. Audit Logs are available on all plan types and are captured for both individual users and for multi-user organizations.
Audit logs are found within the Cloudflare dashboard for your account (also available via the Audit Logs API endpoint):
- Log in to the Cloudflare dashboard.
- Select the appropriate Cloudflare account.
- Select old or new Navigation.
In the old navigation:
- Go to your account homepage.
- Click Audit Log.
In the new Navigation:
- Go to your account homepage.
- In the navigation menu, expand Manage Account.
- Click Audit Log.
the left pane view should look like the following:
Audit Logs are searchable by user email or domain and are downloadable in a CSV format via the Download CSV button. To filter logs by date range, click the date range beneath the Audit Log heading.
Retention
To maintain Audit Logs query performance, the public Audit Logs API was modified on Jun 30 2019 to return records with a maximum age of 18 months.
If you'd like to download historical audit log data, we recommend scripting against the Audit Logs API to pull each day's log and store.
Cloudflare will maintain full Audit Logs for the life of a Customer's account and potentially longer if required by law or to otherwise comply with regulatory obligations.