You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/cloudflare-one/insights/logs/logpush.mdx
+8-6Lines changed: 8 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,11 +5,13 @@ sidebar:
5
5
order: 8
6
6
---
7
7
8
+
import { GlossaryTooltip } from"~/components";
9
+
8
10
:::note
9
11
Only available on Enterprise plans.
10
12
:::
11
13
12
-
With Cloudflare's [Logpush](/logs/logpush/) service, you can configure the automatic export of Zero Trust logs to third-party storage destinations or to security information and event management (SIEM) tools. Once exported, your team can analyze and audit the data as needed.
14
+
With Cloudflare's [Logpush](/logs/logpush/) service, you can configure the automatic export of Zero Trust logs to third-party storage destinations or to third-party <GlossaryTooltipterm="SIEM" >security information and event management (SIEM)</GlossaryTooltip> solutions. Once exported, your team can analyze and audit the data as needed.
13
15
14
16
## Export Zero Trust logs with Logpush
15
17
@@ -29,19 +31,19 @@ To configure Logpush for Zero Trust logs:
29
31
8. (Optional) In **Advanced settings**, choose the timestamp format you prefer and whether you want to enable log sampling.
30
32
9. Select **Submit**.
31
33
32
-
The setup of your Logpush integration is now complete. Logpush will send updated logs every five minutes to your selected destination.
34
+
The setup of your Logpush integration is now complete. Logpush will send updated logs every five minutes to your selected destination. You can configure multiple destinations and add additional fields to your logs by returning to the **Logpush** page.
33
35
34
-
You can configure multiple destinations and add additional fields to your logs by returning to the **Logpush** page.
36
+
For more information on supported destinations, refer to [Enable destinations](/logs/logpush/logpush-job/enable-destinations/).
35
37
36
38
## Zero Trust datasets
37
39
38
40
Refer to [Logpush datasets](/logs/logpush/logpush-job/datasets/) for a list of all available fields.
|[Access Requests](/logs/logpush/logpush-job/datasets/account/access_requests/)| HTTP requests to sites protected by Cloudflare Access |
43
45
|[Audit Logs](/logs/logpush/logpush-job/datasets/account/audit_logs/)| Authentication events through Cloudflare Access |
44
-
|[Browser Isolation User Actions](/logs/logpush/logpush-job/datasets/account/biso_user_actions/)| Data transfer actions performed by a user in the remote browser|
46
+
|[Browser Isolation User Actions](/logs/logpush/logpush-job/datasets/account/biso_user_actions/)| Data transfer actions performed by a user in the remote browser |
45
47
|[CASB Findings](/logs/logpush/logpush-job/datasets/account/casb_findings/)| Security issues detected by Cloudflare CASB |
46
48
|[Device Posture Results](/logs/logpush/logpush-job/datasets/account/device_posture_results/)| Device posture status from the WARP client |
47
49
|[DLP Forensic Copies](/logs/logpush/logpush-job/datasets/account/dlp_forensic_copies/)| Entire HTTP requests or payloads of HTTP requests captured by [Cloudflare DLP](/cloudflare-one/policies/data-loss-prevention/dlp-policies/logging-options/)|
Enable pushing logs to your storage service, <GlossaryTooltipterm="SIEM">SIEM solution</GlossaryTooltip>, or log management provider.
12
11
13
12
:::note
14
-
15
-
16
-
Note that you will need to allowlist IP addresses to accept incoming Cloudflare Logpush traffic. Refer to [Cloudflare IPs](https://www.cloudflare.com/ips/) for the complete list of IPs.
17
-
18
-
13
+
Note that you will need to allowlist IP addresses to accept incoming Cloudflare Logpush traffic. Refer to [Cloudflare IPs](https://www.cloudflare.com/ips/) for the complete list of IPs.
0 commit comments