Skip to content

[Email Security] Logs #18277

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Nov 20, 2024
Merged

[Email Security] Logs #18277

Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
cb758e5
[Email Security] Logs
Maddy-Cloudflare Nov 19, 2024
c5468c0
[Email Security] Adding prereq
Maddy-Cloudflare Nov 20, 2024
c4ebb90
Update src/content/docs/cloudflare-one/insights/email-monitoring/emai…
Maddy-Cloudflare Nov 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
60 changes: 60 additions & 0 deletions src/content/docs/cloudflare-one/insights/email-monitoring/email-security-logs.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
---
title: Email Security logs
pcx_content_type: how-to
sidebar:
order: 5
---

Email Security allows you to configure Logpush to send detection data to an endpoint of your choice.

## Prerequisites

Before you can enable Logpush for Email Security, you will have to:

1. Create an [R2 bucket](/r2/get-started/#2-create-a-bucket).
2. Once you have created your R2 bucket, [create an API token](/r2/api/s3/tokens/). Under **Permissions**, ensure you select **Admin Read & Write**.
3. Once you have created your R2 API Token, the dashboard will display an **Access Key ID**, and **Secret Access Key**. Save these two, as you will need them to set up Logpush later.

## Enable Logpush jobs

To enable Logpush for Email Security:

1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/).
2. Select **Analytics & Logs** > **Logpush**.
2. Select **Create a Logpush job**, then select **S3-Compatible**.
3. Enter the **destination details**:
- **Bucket (required)**: Enter the bucket name.
- **Endpoint URL**: Enter your endpoint URL. To find your endpoint URL:
- On the Cloudflare dashboard, go to **R2 Object Storage** > **Overview** > Select your bucket.
- Go to Settings, and copy and paste the **S3 API** URL.
- **Bucket region**: Enter the region of your bucket. To find the bucket region:
- On the dashboard, go to **R2 Object Storage** > **Overview** > Select your bucket.
- Go to **Settings**, and find your region in **Location**.
- **Access Key ID**: Enter the Access Key ID you created as a [prerequisite](/cloudflare-one/insights/email-monitoring/email-security-logs/#prerequisites).
- **Secret Access Key**: Enter the Secret Access Key you created as a [prerequisite](/cloudflare-one/insights/email-monitoring/email-security-logs/#prerequisites).
4. Select **Continue**.

Your destination has now been configured.

To view the job you created:

1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/).
2. Go to **R2 Object Storage**, select your bucket.
3. Select **Objects**.

## Audit logs

Once you have configured your destination, you can audit logs:

1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/).
2. Select **Analytics & Logs** > **Logpush**.
3. Select **Audit logs**.
4. Under **Configure logpush job**:
- **Job name**: Enter the job name.
- **If logs match**: Select **Filtered logs**:
- **Field**: Choose `ResourceType`.
- **Operator**: Choose `starts with`.
- **Value**: Enter `email_security`.
5. Select **Submit**.

Your job has now been created successfully.
Loading