How do I use Audit Logs?

Audit logs provide a history of changes made to your Cloudflare account's settings such as DNS, WAF, and other Cloudflare products. Audit Logs are available on all plans types including free subscriptions. There are audit logs captured for both users and organizations.

 

Where are they located?

For individual users the audit logs are available at:

Cloudflare Dashboard > Select Account at Top Right > Account Settings > Audit Logs

For organizations the audit logs are available at:

Cloudflare Dashboard >Select Account at Top Right >  Account Settings > Audit Logs

 

What do they look like?

Audit logs, as shown below, give a historical listing of changes made to your account for a certain time period. These logs can be searched by user email or by domain. Audit logs are also downloadable in a CSV format.

Screenshot_from_2017-11-20_16-02-49.png

 

What is captured?

The majority of Cloudflare setting changes are included in audit logs barring some exceptions outlined below. Audit logs include account level actions like login and logout, as well as most setting changes to DNS, Crypto, Firewall, Speed, Caching, Page Rules, Network, and Traffic features.

 

What is not captured?

Most new beta features aren't yet going to show up in your audit logs. Once a feature is out of beta audit logs for it should be available.

 

Is there an API endpoint?

Yes, it is detailed here: Audit Logs API endpoint

Still not finding what you need?

The Cloudflare team is here to help. 95% of questions can be answered using the search tool, but if you can’t find what you need, submit a support request.

Powered by Zendesk