Access to Firewall Event logs via API?



Hi any plans on opening up Firewall Event log querying via the CF API ?

Thinking it would be useful to be able analyse and parse the Firewall Event log entries locally on the server i.e. grabbing those bad IPs and feeding them into origin server’s local firewall as an extra layer in case folks bypass Cloudflare to hit the origin IPs.

ELS and Firewall Events

Local server firewall policy should be based on white-listing rather than black-listing.


true though for layer 7 based requests to HTTP/HTTPS blocking those IPs that Cloudflare Firewall deems suspect/bad is still nice.


Then maybe better to honeypot those IPs


I certainly agree, would like access to obtain the Firewall events via the API.