/plushcap/analysis/cloudflare/network-analytics-logs

Integrating Network Analytics Logs with your SIEM dashboard

What's this blog post about?

Cloudflare has introduced Network Analytics Logs, allowing customers on the Enterprise plan to gain near real-time visibility into their network traffic and DDoS attacks. The logs include packet samples of traffic dropped and passed by various systems such as Network-layer DDoS Protection Ruleset, Advanced TCP Protection, and Magic Firewall. These logs can be fed directly into storage services or network monitoring tools like Kentik and Splunk. Setting up the logs requires creating a Cloudflare API token, a Splunk Cloud HTTP Event Collector (HEC) token, and enabling a Cloudflare Logpush job.

Company
Cloudflare

Date published
May 17, 2022

Author(s)
Omer Yoachimik, Kyle Bowman

Word count
1190

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.