diff --git a/src/content/docs/analytics/analytics-integrations/datadog.mdx b/src/content/docs/analytics/analytics-integrations/datadog.mdx index d245e858a503f5..20bae3cb622326 100644 --- a/src/content/docs/analytics/analytics-integrations/datadog.mdx +++ b/src/content/docs/analytics/analytics-integrations/datadog.mdx @@ -1,9 +1,8 @@ --- -pcx_content_type: how-to +pcx_content_type: tutorial title: Datadog sidebar: order: 98 - --- This tutorial explains how to analyze Cloudflare metrics using the [Cloudflare Integration tile for Datadog](https://docs.datadoghq.com/integrations/cloudflare/). @@ -12,10 +11,10 @@ This tutorial explains how to analyze Cloudflare metrics using the [Cloudflare I Before viewing the Cloudflare dashboard in Datadog, note that this integration: -* Is available to all Cloudflare customer plans (Free, Pro, Business and Enterprise) -* Is based on the Cloudflare Analytics API -* Provides Cloudflare web traffic and DNS metrics only -* Does not feature data coming from request logs stored in Cloudflare Logs +- Is available to all Cloudflare customer plans (Free, Pro, Business and Enterprise) +- Is based on the Cloudflare Analytics API +- Provides Cloudflare web traffic and DNS metrics only +- Does not feature data coming from request logs stored in Cloudflare Logs ## Task 1 - Install the Cloudflare App @@ -25,18 +24,18 @@ To install the Cloudflare App for Datadog: 2. Click the **Integrations** tab. -3. In the **search box**, start typing *Cloudflare*. The app tile should appear below the search box. +3. In the **search box**, start typing _Cloudflare_. The app tile should appear below the search box. ![Searching for Cloudflare App in the Datadog Integrations tab](~/assets/images/fundamentals/datadog/screenshots/datadog-integrations.png) 4. Click the **Cloudflare** tile to begin the installation. 5. Next, click **Configuration** and then complete the following: - * **Account name**: (Optional) This can be any value. It has not impact on the site data pulled from Cloudflare. + - **Account name**: (Optional) This can be any value. It has not impact on the site data pulled from Cloudflare. - * **Email**: This value helps keep your account safe. We recommend creating a dedicated Cloudflare user for analytics with the [*Analytics* role](/fundamentals/manage-members/roles/) (read-only). Note that the *Analytics* role is available to Enterprise customers only. + - **Email**: This value helps keep your account safe. We recommend creating a dedicated Cloudflare user for analytics with the [_Analytics_ role](/fundamentals/manage-members/roles/) (read-only). Note that the _Analytics_ role is available to Enterprise customers only. - * **API Key**: Enter your Cloudflare Global API key. For details refer to [API Keys](/fundamentals/api/get-started/keys/). + - **API Key**: Enter your Cloudflare Global API key. For details refer to [API Keys](/fundamentals/api/get-started/keys/). 6. Click **Install Integration**. ![Configuring and installing the Datadog integration](~/assets/images/fundamentals/datadog/screenshots/cloudflare-tile-datadog-fill-details.png) @@ -49,13 +48,13 @@ By default, the dashboard displays metrics for all sites in your Cloudflare acco The dashboard displays the following metrics: -* **Threats** (threats by type, threats by country) -* **Requests** (total requests, cached requests, uncached requests, top countries by request, requests by IP class, top content types) -* **Bandwidth** (total bandwidth, encrypted and unencrypted traffic cached bandwidth, uncached bandwidth) -* **Caching** (Cache hit rate, request caching rate over time) -* **HTTP response status errors** -* **Page views** -* **Search Engine Bot Traffic** -* **DNS** (DNS queries, response time, top hostnames, queries by type, stale vs. uncached queries) +- **Threats** (threats by type, threats by country) +- **Requests** (total requests, cached requests, uncached requests, top countries by request, requests by IP class, top content types) +- **Bandwidth** (total bandwidth, encrypted and unencrypted traffic cached bandwidth, uncached bandwidth) +- **Caching** (Cache hit rate, request caching rate over time) +- **HTTP response status errors** +- **Page views** +- **Search Engine Bot Traffic** +- **DNS** (DNS queries, response time, top hostnames, queries by type, stale vs. uncached queries) ![Dashboard displaying metrics for a site on a Cloudflare account](~/assets/images/fundamentals/datadog/dashboards/cloudflare-dashboard-datadog.png) diff --git a/src/content/docs/analytics/analytics-integrations/graylog.mdx b/src/content/docs/analytics/analytics-integrations/graylog.mdx index ef2679e1887e01..7601eebed45139 100644 --- a/src/content/docs/analytics/analytics-integrations/graylog.mdx +++ b/src/content/docs/analytics/analytics-integrations/graylog.mdx @@ -1,5 +1,5 @@ --- -pcx_content_type: how-to +pcx_content_type: tutorial title: Graylog sidebar: order: 102 diff --git a/src/content/docs/analytics/analytics-integrations/looker.mdx b/src/content/docs/analytics/analytics-integrations/looker.mdx index eb1e341a1bfc59..f7ad355d822f2f 100644 --- a/src/content/docs/analytics/analytics-integrations/looker.mdx +++ b/src/content/docs/analytics/analytics-integrations/looker.mdx @@ -1,9 +1,8 @@ --- -pcx_content_type: how-to +pcx_content_type: tutorial title: Looker sidebar: order: 102 - --- This tutorial explains how to analyze [Cloudflare Logs](https://www.cloudflare.com/products/cloudflare-logs/) using the [Cloudflare Log Analytics for Looker](https://marketplace.looker.com/marketplace/detail/cloudflare-log-analytics). @@ -18,17 +17,15 @@ This tutorial uses Cloudflare Logpush to send logs to [Google Cloud Storage Buck Before sending your Cloudflare log data to Looker, make sure that you: -* Have an existing Looker account -* Have a Cloudflare Enterprise account with Cloudflare Logs enabled -* Configure [Logpush](/logs/about/) or [Logpull](/logs/logpull/) -* Load your data in a [database supported by Looker](https://looker.com/solutions/other-databases) +- Have an existing Looker account +- Have a Cloudflare Enterprise account with Cloudflare Logs enabled +- Configure [Logpush](/logs/about/) or [Logpull](/logs/logpull/) +- Load your data in a [database supported by Looker](https://looker.com/solutions/other-databases) :::note[Note] - Cloudflare logs are HTTP/HTTPS request logs in JSON format and are gathered from our 200+ data centers globally. By default, timestamps are returned as UNIX nanosecond integers. We recommend using the RFC 3339 format for sending logs to Looker. - ::: ## Task 1 - Connect your Database to Looker @@ -43,7 +40,7 @@ To create your new LookML project: 1. Log in to your Looker account. -2. In the menu bar, click **Develop** and make sure **Development Mode** is set to *ON*. +2. In the menu bar, click **Develop** and make sure **Development Mode** is set to _ON_. 3. Next, also under **Develop**, click **Manage LookML Projects**. @@ -53,7 +50,7 @@ To create your new LookML project: 6. For **Starting Point**, choose \*Clone Public Git Repository\*\*.\*\*\* -7. Enter the *cloudflare\_block* URL for the public Git repository `git://github.com/llooker/cloudflare_block.git`. +7. Enter the _cloudflare_block_ URL for the public Git repository `git://github.com/llooker/cloudflare_block.git`. 8. Click **Create Project**. Looker will pull all of the repository files into a new LookML project. @@ -66,7 +63,7 @@ To create your new LookML project: To update the connection name in the LookML files: -1. In your LookML **cloudflare\_looker** model file, replace the **connection** name with yours, for example: +1. In your LookML **cloudflare_looker** model file, replace the **connection** name with yours, for example: `connection: "bigquery_lpr"`. 2. Check if any table names need to be updated to your database connection names as well. If you decide to rename the filenames for explore, model name, and view, make sure to update all mentions within the other files. Otherwise, you might encounter errors. @@ -115,40 +112,40 @@ All dashboard have a set of filters that you can apply to the entire dashboard, ![List of the available filters from the Looker dashboard](~/assets/images/fundamentals/looker/screenshots/cloudflare-looker-dashboard-filters.png) -The default time interval is set to 24 hours. Note that for correct calculations, by default, filters exclude Worker subrequests (**WorkerSubrequest** = *false*) and purge requests (**ClientRequestMethod** is not *PURGE*). +The default time interval is set to 24 hours. Note that for correct calculations, by default, filters exclude Worker subrequests (**WorkerSubrequest** = _false_) and purge requests (**ClientRequestMethod** is not _PURGE_). Available Filters: -* Date (EdgeStartTimestamp) +- Date (EdgeStartTimestamp) -* Device type +- Device type -* Country +- Country -* Client IP +- Client IP -* Hostname +- Hostname -* Request URI +- Request URI -* Origin Response Status +- Origin Response Status -* Edge response status +- Edge response status -* Origin IP +- Origin IP -* User Agent +- User Agent -* RayID +- RayID -* Worker Subrequest +- Worker Subrequest -* Client Request Method +- Client Request Method With the following pre-set filter values in the Looker dashboards all workers subrequests and client request method PURGE are excluded from the calculations: -* **WorkerSubrequest** set to value *False* +- **WorkerSubrequest** set to value _False_ -* **ClientRequestMethod** does not equal to *PURGE* +- **ClientRequestMethod** does not equal to _PURGE_ You can always adjust your default filter values according to your needs. diff --git a/src/content/docs/analytics/analytics-integrations/new-relic.mdx b/src/content/docs/analytics/analytics-integrations/new-relic.mdx index a0ee2e5fd0d190..ddc75f6d7b889d 100644 --- a/src/content/docs/analytics/analytics-integrations/new-relic.mdx +++ b/src/content/docs/analytics/analytics-integrations/new-relic.mdx @@ -1,9 +1,8 @@ --- -pcx_content_type: how-to +pcx_content_type: tutorial title: New Relic sidebar: order: 103 - --- This tutorial explains how to analyze Cloudflare metrics using the [New Relic One Cloudflare Quickstart](https://newrelic.com/instant-observability/cloudflare/fc2bb0ac-6622-43c6-8c1f-6a4c26ab5434). @@ -12,9 +11,9 @@ This tutorial explains how to analyze Cloudflare metrics using the [New Relic On Before sending your Cloudflare log data to New Relic, make sure that you: -* Have a Cloudflare Enterprise account with Cloudflare Logs enabled. -* Have a New Relic account. -* Configure [Logpush to New Relic](/logs/get-started/enable-destinations/new-relic/). +- Have a Cloudflare Enterprise account with Cloudflare Logs enabled. +- Have a New Relic account. +- Configure [Logpush to New Relic](/logs/get-started/enable-destinations/new-relic/). ## Task 1 - Install the Cloudflare Network Logs quickstart diff --git a/src/content/docs/analytics/analytics-integrations/splunk.mdx b/src/content/docs/analytics/analytics-integrations/splunk.mdx index 94964393aa7575..6c82f03ca676fa 100644 --- a/src/content/docs/analytics/analytics-integrations/splunk.mdx +++ b/src/content/docs/analytics/analytics-integrations/splunk.mdx @@ -1,12 +1,11 @@ --- -pcx_content_type: how-to +pcx_content_type: tutorial title: Splunk sidebar: order: 104 - --- -import { Render } from "~/components" +import { Render } from "~/components"; This tutorial explains how to analyze [Cloudflare Logs](https://www.cloudflare.com/products/cloudflare-logs/) using the [Cloudflare App for Splunk](https://splunkbase.splunk.com/app/4501/). @@ -14,16 +13,16 @@ This tutorial explains how to analyze [Cloudflare Logs](https://www.cloudflare.c Before sending your Cloudflare log data to Splunk, ensure that you: -* Have an existing Splunk Enterprise or Cloud account -* Have a Cloudflare Enterprise account -* Consult the [Splunk documentation](https://splunkbase.splunk.com/app/4501/) for the Cloudflare App +- Have an existing Splunk Enterprise or Cloud account +- Have a Cloudflare Enterprise account +- Consult the [Splunk documentation](https://splunkbase.splunk.com/app/4501/) for the Cloudflare App ## Task 1 - Install and Configure the Cloudflare App for Splunk To install the [Cloudflare App for Splunk](https://splunkbase.splunk.com/app/4501/): 1. Log in to your Splunk instance. -2. Under **Apps** > **Find More Apps**, search for *Cloudflare App for Splunk.* +2. Under **Apps** > **Find More Apps**, search for _Cloudflare App for Splunk._ 3. Click **Install**. ![Splunk website with Apps menu expanded and Search & Reporting menu item along with Cloudflare App for Splunk](~/assets/images/fundamentals/splunk/screenshots/splunk-cloudflare-app-for-splunk.png) @@ -33,7 +32,7 @@ To install the [Cloudflare App for Splunk](https://splunkbase.splunk.com/app/450 5. Edit the `cloudflare:json` source type in the Cloudflare App for Splunk. To edit the source type: 1. Click the **Settings** dropdown and select **Source types**. - 2. Uncheck **Show only popular** and search for *cloudflare*. + 2. Uncheck **Show only popular** and search for _cloudflare_. 3. Click **Edit** and change the Regex expression to `([\r\n]+)`. 4. Save your edits. @@ -47,10 +46,10 @@ To install the [Cloudflare App for Splunk](https://splunkbase.splunk.com/app/450 1. Click the **Settings** dropdown and select **Data inputs**. 2. Click **+Add new** and follow the wizard. When prompted, submit the following responses: - * Name: Cloudflare - * Source Type: Select > "cloudflare:json" - * App Context: Cloudflare App for Splunk (cloudflare) - * Index: cloudflare + - Name: Cloudflare + - Source Type: Select > "cloudflare:json" + - App Context: Cloudflare App for Splunk (cloudflare) + - Index: cloudflare 3. At the end of the wizard you will see a **Token Value**. This token authorizes the Cloudflare Logpush job to send data to your Splunk instance. If you forget to copy it now, Splunk allows you to get the value at any time. 8. Verify whether Splunk is using a self-signed certificate. You'll need this information when creating the Logpush job. @@ -63,11 +62,11 @@ To install the [Cloudflare App for Splunk](https://splunkbase.splunk.com/app/450 Where: -* `protocol`: HTTP or HTTPS -* `input`: `input` or `http-inputs` based on whether you have a self-service or managed cloud plan -* `host`: The hostname of your Splunk instance. The easiest way to determine the hostname is to look at the URL you went to when you logged in to Splunk. -* `port`: 443 or 8088 -* `endpoint`: services/collector/raw +- `protocol`: HTTP or HTTPS +- `input`: `input` or `http-inputs` based on whether you have a self-service or managed cloud plan +- `host`: The hostname of your Splunk instance. The easiest way to determine the hostname is to look at the URL you went to when you logged in to Splunk. +- `port`: 443 or 8088 +- `endpoint`: services/collector/raw For example: `https://prd-p-0qk3h.splunkcloud.com:8088/services/collector/raw`. Refer to the [Splunk Documentation](https://docs.splunk.com/Documentation/SplunkCloud/latest/Data/UsetheHTTPEventCollector) for more details and examples. @@ -109,44 +108,44 @@ The following dashboards outlined below are available as part of the Cloudflare #### Cloudflare - Snapshot -*Web Traffic Overview* and *Web Traffic Types*: Get an overview of the most important metrics from your websites and applications on the Cloudflare network. +_Web Traffic Overview_ and _Web Traffic Types_: Get an overview of the most important metrics from your websites and applications on the Cloudflare network. ![Splunk dashboard with Web Traffic Overview metrics](~/assets/images/fundamentals/splunk/dashboards/splunk-cloudflare-snapshot-dashboard.png) #### Cloudflare - Reliability -*Summary* and *Detailed*: Get insights on the availability of your websites and applications. Metrics include origin response error ratio, origin response status over time, percentage of 3xx/4xx/5xx errors over time, and more. +_Summary_ and _Detailed_: Get insights on the availability of your websites and applications. Metrics include origin response error ratio, origin response status over time, percentage of 3xx/4xx/5xx errors over time, and more. ![Splunk dashboard with a high level summary of Reliability metrics](~/assets/images/fundamentals/splunk/dashboards/splunk-cloudflare-reliability-summary-dashboard.png) ![Splunk dashboard with a detailed summary of Reliability metrics](~/assets/images/fundamentals/splunk/dashboards/splunk-cloudflare-reliability-detailed-dashboard.png) #### Cloudflare - Security -*Overview*: Get insights on threats to your websites and applications, including number of threats stopped, threats over time, top threat countries, and more. +_Overview_: Get insights on threats to your websites and applications, including number of threats stopped, threats over time, top threat countries, and more. ![Splunk dashboard with an overview of Security metrics](~/assets/images/fundamentals/splunk/dashboards/splunk-cloudflare-security-overview.png) -*WAF*: Get insights on threat identification and mitigation by our Web Application Firewall, including events like SQL injections, XSS, and more. Use this data to fine tune the firewall to target obvious threats and prevent false positives. +_WAF_: Get insights on threat identification and mitigation by our Web Application Firewall, including events like SQL injections, XSS, and more. Use this data to fine tune the firewall to target obvious threats and prevent false positives. ![Splunk dashboard with an overview of Security metrics for WAF](~/assets/images/fundamentals/splunk/dashboards/splunk-cloudflare-security-waf-dashboard.png) -*Rate Limiting*: Get insights on rate limiting protection against denial-of-service attacks, brute-force login attempts, and other types of abusive behavior targeted at your websites or applications. +_Rate Limiting_: Get insights on rate limiting protection against denial-of-service attacks, brute-force login attempts, and other types of abusive behavior targeted at your websites or applications. ![Splunk dashboard with an overview of Security metrics for Rate Limiting](~/assets/images/fundamentals/splunk/dashboards/splunk-cloudflare-security-rate-limiting-dashboard.png) -*Bots Summary* and *Bots Detailed*: Investigate bot activity on your website to prevent content scraping, checkout fraud, spam registration and other malicious activities. +_Bots Summary_ and _Bots Detailed_: Investigate bot activity on your website to prevent content scraping, checkout fraud, spam registration and other malicious activities. ![Splunk dashboard with a high level summary of Security metrics for Bots](~/assets/images/fundamentals/splunk/dashboards/splunk-cloudflare-security-bot-summary-dashboard.png) ![Splunk dashboard with a detailed summary of Security metrics for Bots](~/assets/images/fundamentals/splunk/dashboards/splunk-cloudflare-security-bots-detailed-dashboard.png) #### Cloudflare - Performance -*Requests and Cache* and *Bandwidth*: Identify and address performance issues and caching misconfigurations. Metrics include total vs. cached bandwidth, saved bandwidth, total requests, cache ratio, top uncached requests, and more. +_Requests and Cache_ and _Bandwidth_: Identify and address performance issues and caching misconfigurations. Metrics include total vs. cached bandwidth, saved bandwidth, total requests, cache ratio, top uncached requests, and more. ![Splunk dashboard with Performance metrics for Requests and Cache](~/assets/images/fundamentals/splunk/dashboards/splunk-cloudflare-performance-requests-and-cache-dashboard.png) ![Splunk dashboard with Performance metrics for Bandwidth](~/assets/images/fundamentals/splunk/dashboards/splunk-cloudflare-performance-bandwidth-dashboard.png) -*Hostname, Content Type, Request Methods, Connection Type*: Get insights into your most popular hostnames, most requested content types, breakdown of request methods, and connection type. +_Hostname, Content Type, Request Methods, Connection Type_: Get insights into your most popular hostnames, most requested content types, breakdown of request methods, and connection type. ![Splunk dashboard with Cloudflare Performance metrics including for Hostname, Content Type, Request Methods, Connection Type](~/assets/images/fundamentals/splunk/dashboards/splunk-cloudflare-performance-hostname-dashboard.png) -*Static vs. Dynamic Content*: Get insights into the performance of your static and dynamic content, including slowest URLs. +_Static vs. Dynamic Content_: Get insights into the performance of your static and dynamic content, including slowest URLs. ![Splunk dashboard with Cloudflare Performance metrics for Static vs. Dynamic Content](~/assets/images/fundamentals/splunk/dashboards/splunk-cloudflare-performance-static-vs-dynamic-dashboard.png) ### Filters @@ -157,35 +156,35 @@ All dashboard have a set of filters that you can apply to the entire dashboard, You can use filters to drill down and examine the data at a granular level. Filters include client country, client device type, client IP, client request host, client request URI, client request user agent, edge response status, origin IP, and origin response status. -The default time interval is set to 24 hours. Note that for correct calculations filter will need to exclude Worker subrequests (**WorkerSubrequest** = *false*) and purge requests (**ClientRequestMethod** is not *PURGE*). +The default time interval is set to 24 hours. Note that for correct calculations filter will need to exclude Worker subrequests (**WorkerSubrequest** = _false_) and purge requests (**ClientRequestMethod** is not _PURGE_). Available Filters: -* Time Range (EdgeStartTimestamp) +- Time Range (EdgeStartTimestamp) -* Client Country +- Client Country -* Client Device type +- Client Device type -* Client IP +- Client IP -* Client Request Host +- Client Request Host -* Client Request URI +- Client Request URI -* Client Request User Agent +- Client Request User Agent -* Edge response status +- Edge response status -* Origin IP +- Origin IP -* Origin Response Status +- Origin Response Status -* RayID +- RayID -* Worker Subrequest +- Worker Subrequest -* Client Request Method +- Client Request Method ## Debugging tips @@ -199,94 +198,94 @@ Also, you could compare the list of fields you are getting in Cloudflare Logs wi The available fields are: -* CacheCacheStatus +- CacheCacheStatus -* CacheResponseBytes +- CacheResponseBytes -* CacheResponseStatus +- CacheResponseStatus -* ClientASN +- ClientASN -* ClientCountry +- ClientCountry -* ClientDeviceType +- ClientDeviceType -* ClientIP +- ClientIP -* ClientIPClass +- ClientIPClass -* ClientRequestBytes +- ClientRequestBytes -* ClientRequestHost +- ClientRequestHost -* ClientRequestMethod +- ClientRequestMethod -* ClientRequestPath +- ClientRequestPath -* ClientRequestProtocol +- ClientRequestProtocol -* ClientRequestReferer +- ClientRequestReferer -* ClientRequestURI +- ClientRequestURI -* ClientRequestUserAgent +- ClientRequestUserAgent -* ClientSSLCipher +- ClientSSLCipher -* ClientSSLProtocol +- ClientSSLProtocol -* ClientSrcPort +- ClientSrcPort -* EdgeColoCode +- EdgeColoCode -* EdgeColoID +- EdgeColoID -* EdgeEndTimestamp +- EdgeEndTimestamp -* EdgePathingOp +- EdgePathingOp -* EdgePathingSrc +- EdgePathingSrc -* EdgePathingStatus +- EdgePathingStatus -* EdgeRequestHost +- EdgeRequestHost -* EdgeResponseBytes +- EdgeResponseBytes -* EdgeResponseContentType +- EdgeResponseContentType -* EdgeResponseStatus +- EdgeResponseStatus -* EdgeServerIP +- EdgeServerIP -* EdgeStartTimestamp +- EdgeStartTimestamp -* OriginIP +- OriginIP -* OriginResponseStatus +- OriginResponseStatus -* OriginResponseTime +- OriginResponseTime -* OriginSSLProtocol +- OriginSSLProtocol -* RayID +- RayID -* SecurityAction +- SecurityAction -* SecurityActions +- SecurityActions -* SecurityRuleDescription +- SecurityRuleDescription -* SecurityRuleID +- SecurityRuleID -* SecurityRuleIDs +- SecurityRuleIDs -* SecuritySources +- SecuritySources -* WAFFlags +- WAFFlags -* WAFMatchedVar +- WAFMatchedVar -* WorkerSubrequest +- WorkerSubrequest -* ZoneID +- ZoneID