Allow Free Users to use the "Log" Action under WAF

It would be really useful if Free Users can use the “Log” Action under WAF.

Currently this feature is only available for Enterprise Users.

Having access to Logs is crucial for debugging and inspecting traffic.

By reviewing the logs, we can set up custom WAF rules, but without access to that data inside Cloudflare, it’s difficult to build custom API integrations.

Blocked requests are already logged, and allowed requests can be logged by your origin server. What information does the Cloudflare WAF log that your web-server cannot?

1 Like

We want to have it all centralized. Of course we can inspect the “Blocked” traffic querying Cloudflare API, but ideally, we should be able to query Cloudflare to get the “Log” traffic as well.

Plus Cloudflare collects more datapoints than a normal nginx logging system. This tool seems to be able to pull Cloudflare Logs: Logflare - But not sure how they are doing it (without having an Enterprise plan).

Gotcha. The “Log” action is meant as a way to test new WAF rules before deploying them, rather than as a general logging solution. Cloudflare offers products called “Logpush” (for pushing logs to a custom destination) and “Logpull” (logs are kept on Cloudflare’s servers for a limited time). Both of these are only available to Enterprise customers, but they may be made available to the other plans in the future.

I believe Logflare is using a custom solution built on Cloudflare Workers which doesn’t require an Enterprise plan.

2 Likes

So I have installed Logflare to test it out. Apparently they use “Cloudflare Workers” to retrieve Logs data. However, after giving authorization, I don’t see any Cloudflare Workers auto-created in my Cloudflare account.

Any ideas how Logflare is using Cloudflare Workers to retrieve FULL log data?

Logflare uses Cloudflare Apps. You can’t view or edit the Worker it created.