Can I pull CloudFlare Logs from SIEM via API without creating LogPush Job?


So I have generated a token and tested it and all is successful, but I am trying to pull the logs from Cloudflare using the "<Zone-ID>/logs/access " and I am getting this error:

"Error occurred while calling url:<Zone-ID>/logs/access status code: 404 {'success': False, 'errors': [{'code': 7000, 'message': 'No route for that URI'}]}), "

what is my mistake ? or I can’t get logs without creating logpush job?

I don’t think the endpoint …/logs/access exists in the Cloudflare API (hence the 404).

Which logs are you trying to get and what plan are you on?

Enterprise plan I guess, I want to get the audit logs and analytics to integrate it with SIEM solution, to monitor based on them

I want to pull them without creating logPush job, is it possible?

The only alternative to logpush is logpull. I’ve not used it, logpush offers more for us. Both require an enterprise account.

We use logpush heavily, just sending to our own HTTP endpoint where we handle the processing.