Learn how Cloudflare's Audit Logs help track changes within your Cloudflare account or domains.
Audit logs summarize the history of changes made within your Cloudflare account. Audit logs include account level actions like login and logout, as well as setting changes to DNS, Crypto, Firewall, Speed, Caching, Page Rules, Network, and Traffic features, etc. Audit Logs are available on all plan types and are captured for both individual users and for multi-user organizations.
Audit logs are found within the Cloudflare dashboard for your account (also available via the Audit Logs API endpoint):
- Log in to the Cloudflare dashboard.
- Select the appropriate Cloudflare account.
- Click Audit Log in the second navigation bar from the top.
Audit Logs are searchable by user email or domain and are downloadable in a CSV format via the Download CSV button. To filter logs by date range, click the date range beneath the Audit Log heading.
To maintain Audit Logs query performance, the public Audit Logs API was modified on Jun 30 2019 to return records with a maximum age of 18 months.
If you'd like to download historical audit log data, we recommend scripting against the Audit Logs API to pull each day's log and store.
Cloudflare will maintain full Audit Logs for the life of a Customer's account and potentially longer if required by law or to otherwise comply with regulatory obligations.