Learn how Magic Transit and Bring-Your-Own-IP (BYOIP) Cloudflare Spectrum customers use account-level Network Analytics to explore Layer 3 and 4 traffic and attack details.
Network Analytics provides near real-time visibility into network- and transport-layer traffic patterns and DDoS attacks for a customizable timeframe ranging from 30 minutes up to the last 60 days. Network Analytics are available to Enterprise customers that use Cloudflare Magic Transit or Bring-Your-Own-IP for Cloudflare Spectrum.
Network Analytics customers also have access to packet-level data. Use the GraphQL Analytics API to select specific data sets and metrics of interest, filter and aggregate the data along various dimensions, and integrate the results with other applications.
Network Analytics accelerates reporting and investigation of malicious traffic and allows filtering by:
- Source and destination IP and port
- Attack size, type, rate, and duration
- TCP flags and action taken by Cloudflare
Network Analytics helps quickly identify information such as:
- Potential downtime and bandwidth spared by Cloudflare
- Attack location (Cloudflare data center and ASN)
- Top attack vectors reaching the network
Analytics are displayed at a sampling rate of 1/8192 packets. Also, the UI shows a maximum of 500 attack logs and paginates 10 results per page. The analytics API is not limited to 500 results.
View Network Analytics
Network Analytics are found in the Cloudflare UI via the following steps:
- Request your Cloudflare Account Team enable Network Analytics.
- Log in to your Cloudflare account.
- If you have multiple accounts, select the appropriate account from the account list.
- Click on Network Analytics beside the list of domains.