[Email Security] Logs (#21158)

Maddy-Cloudflare · Oxyjun · web-flow · commit cacde614d93a · 2025-04-10T10:54:37.000+01:00
* [Email Security] Detection logs

* Update

* Update src/content/docs/cloudflare-one/insights/logs/enable-logs.mdx

Co-authored-by: Jun Lee &lt;junlee@cloudflare.com&gt;

* removing space

---------

Co-authored-by: Jun Lee &lt;junlee@cloudflare.com&gt;
diff --git a/src/content/docs/cloudflare-one/email-security/outbound-dlp.mdx b/src/content/docs/cloudflare-one/email-security/outbound-dlp.mdx
@@ -5,7 +5,6 @@ sidebar:
   order: 7
 ---
 
-
 :::note[Compatibility]
 Outbound DLP is only compatible with Microsoft 365. You need to have Microsoft E3 or E5 license to enable Outbound DLP.
 :::
diff --git a/src/content/docs/cloudflare-one/insights/logs/enable-logs.mdx b/src/content/docs/cloudflare-one/insights/logs/enable-logs.mdx
@@ -7,13 +7,21 @@ sidebar:
 
 Email Security allows you to configure Logpush to send detection data to an endpoint of your choice.
 
-## Prerequisites
+## Enable detection logs
 
-Before you can audit logs for Email Security, you will have to enable logpush jobs to your storage destination. Refer to [Enable destinations](/logs/get-started/enable-destinations/) to enable logs on destinations such as Cloudflare R2, HTTP, Amazon S3, and more.
+Detection logs generate logs made by Email Security and some of the metadata associated with the detection.
 
-## Enable detection logs
+To enable detection logs, refer to [Enable destinations](/logs/get-started/enable-destinations/).
+
+If you enable detection logs using [R2](/r2/), choose **Email security alerts** when configuring the **Dataset**.
+
+## Enable user action logs
+
+User action logs allow you to view logs regarding all actions taken via the [API](/api/resources/email_security/) or the dashboard.
+
+Before you can enable audit logs for Email Security, you will have to enable logpush jobs to your storage destination. Refer to [Enable destinations](/logs/get-started/enable-destinations/) to enable logs on destinations such as Cloudflare R2, HTTP, Amazon S3, and more.
 
-Once you have configured your destination, you can set up audit logs for detections:
+Once you have configured your destination, you can set up audit logs for user action:
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/).
 2. Select **Analytics & Logs** > **Logpush**.
