How to get access and gateway logs from cloudflare for teams to splunk

how to get access and gateway logs from cloudflare for teams to splunk

i have already configured log push to splunk from dash.cloudflare.com but still can not see logs for access and gateway from cloudflare for teams

You will need to create a logpush job to push your logs to splunk. You will need an enterprise account for logpush.

1 Like

Gateway logs are configured via dash.teams.cloudflare.com, and yes you need a Teams Enterprise subscription to configure Gateway Logpush.

For Access logs, there’s no Logpush option. You need to call the API to download the Access logs. By the way, I wrote a script that helps you to download Cloudflare Access logs at a regular interval: GitHub - erictung1999/cf-logs-downloader: A little tool to pull/download HTTP or Cloudflare Access logs from Cloudflare and save it on local storage.

I don’t have specific instructions on how to collect logs stored on local storage and send to Splunk, so probably you need to figure out how to do that.

1 Like