After creating the Spectrum application I cannot visualize any insights, traffic, events. But the application is pointing to its IP correctly
I generated some traffic to try to see some events from the dashboard but I am not able to see anything
Spectrum traffic is visible under the account network analytics here…
https://dash.cloudflare.com/?to=/:account/network-analytics/all-traffic
You can use GraphQL to get this data yourself, or assuming you have an Enterprise plan, you can use Logpush to report for Spectrum.
Hi @sjr Thanks for your response.
I am expecting to see some information similar to Security - Events or Security - Analytics when you filter by host and are able to see logs from the specific host. Is this something I can get from a Spectrum app as well?
You can filter by source/destination ip/port, source data centre, TTL and other packet level stuff. The concept of a “host” isn’t used for Spectrum (apart from HTTP applications which can pass through the WAF) as, unlike HTTP where there is a host header, Spectrum is just working at the TCP/UDP layer where all Cloudflare can see is the packet header.
@sjr
The reason we are using Spectrum for this application is to assign a static IP address to it. I originally declared the app as a TCP type.
Now I would like to have and use this application with the available features on the WAF (treat is as an HTTP app at the same time).Does that mean that I have to change the Application Type for HTTPS maybe? Or how does this work?
WAF IP access rules with allow or block affect all application types - we use a subdomain setup to separate our Spectrum applications from the normal Cloudflare proxied HTTP applications for this reason.
If you want to use the usual Cloudflare proxy features such as the CDN, Workers, etc, then the application type must be HTTP/HTTPS so the Cloudflare pipeline is used. Other application types will just forward packets to your origin.
Note that unless you paid for a static IP, the Spectrum IP address is not guaranteed to stay the same. While they are very very sticky (some applications I have are nearly 3 years old and they haven’t changed), they may change if Cloudflare needs them to.
So, what would be your recommendation in this case @sjr
Should I create a new HTTP/HTTPS type application with Spectrum, manage it from there and be able to apply/visualize proxy features? Or maybe create a sub domain with this app and have the same app in Spectrum and DNS record (not sure if I can have it declared it on both Spectrum and usual subdomain at the same time)?
If your aim is to use Spectrum for an HTTP/S application due to the sticky IP address, then configure it as an HTTP/S application so you can use the Cloudflare pipeline would be my suggestion. I’ve never done one of those, all my applications are custom UDP and then we run our SMTP/IMAP TCP through Spectrum because we can.
@sjr great. I will plan something and see how that goes.
Regarding the static IP and the possibility that in some point the IP could change, I believe if the case, you will receive a pre notification from Cloudflare about it and not just notice early in the morning that your IP has suddenly change
The IPs are officially “dynamic”, so in the event of change there’s no reason to expect Cloudflare to tell you in advance. My guess is any change will likely be due to some system reset on the Cloudflare end or requirement to change the IP block.
Make sure your implementation can cope with unexpected IP address changes to protect against the worst (using DNS in most cases). If you can’t then you’ll need to consider getting a static IP or BYOIP.