Logs from the Edge

Cloudflare Workers, a JavaScript environment at the edge, can be used to send traffic logs to arbitrary locations. This post discusses an example implementation of how to achieve this using sub requests. The provided script assumes an Elastic stack setup and sends log data asynchronously to avoid adding latency to the main request. The logToElk function collects various fields from the HTTP request, including some specific to Cloudflare, and then uses a sub request to PUT the log line to the backend ELK stack. This method allows users to import Cloudflare traffic logs into their ELK stack in real time regardless of their plan. Additionally, Argo Tunnel and Access can be used to improve Kibana deployment security.