Skip to content

Commit e67e465

Browse files
maxvpmaxvp
authored
[Gateway] Network and HTTP logs update (cloudflare#17385)
1 parent 95bfe7f commit e67e465

File tree

2 files changed

+61
-40
lines changed

2 files changed

+61
-40
lines changed

src/content/changelogs/gateway.yaml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,10 @@ productLink: "/cloudflare-one/policies/gateway/"
55
productArea: Cloudflare One
66
productAreaLink: /cloudflare-one/changelog/
77
entries:
8+
- publish_date: "2024-10-04"
9+
title: Expanded Gateway log fields
10+
description: |-
11+
Gateway now offers new fields in [activity logs](/cloudflare-one/insights/logs/gateway-logs/) for DNS, network, and HTTP policies to provide greater insight into your users' traffic routed through Gateway.
812
- publish_date: "2024-09-30"
913
title: File sandboxing
1014
description: |-

src/content/docs/cloudflare-one/insights/logs/gateway-logs/index.mdx

Lines changed: 57 additions & 40 deletions
Original file line numberDiff line numberDiff line change
@@ -134,19 +134,20 @@ Gateway will only log failed connections in [network session logs](/logs/referen
134134
| Field | Description |
135135
| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- |
136136
| **Source IP** | IP address of the user sending the packet. |
137-
| **Source internal IP** | Private IP address assigned by the user's local network. |
137+
| **Source Internal IP** | Private IP address assigned by the user's local network. |
138138
| **Destination IP** | IP address of the packet's target. |
139139
| **Action** | The Gateway [Action](/cloudflare-one/policies/gateway/dns-policies/#actions) taken based on the first rule that matched (such as Allow or Block). |
140140
| **Session ID** | ID of the unique session. |
141141
| **Time** | Date and time of the session. |
142142

143143
#### Matched policies
144144

145-
| Field | Description |
146-
| ---------------------- | ----------------------------------------------------- |
147-
| **Policy name** | Name of the matched policy. |
148-
| **Policy ID** | ID of the policy enforcing the decision Gateway made. |
149-
| **Policy description** | Description of the matched policy. |
145+
| Field | Description |
146+
| ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------- |
147+
| **DNS location** | [User-configured location](/cloudflare-one/connections/connect-devices/agentless/dns/locations/) from where the DNS query was made. |
148+
| **Policy name** | Name of the matched policy. |
149+
| **Policy ID** | ID of the policy enforcing the decision Gateway made. |
150+
| **Policy description** | Description of the matched policy. |
150151

151152
#### Identities
152153

@@ -160,20 +161,25 @@ Gateway will only log failed connections in [network session logs](/logs/referen
160161

161162
#### Network query details
162163

163-
| Field | Description |
164-
| ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- |
165-
| **Source IP** | IP address of the user sending the packet. |
166-
| **Source port** | Source port number for the packet. |
167-
| **Source country** | Country code for the packet source. |
168-
| **Destination IP** | IP address of the packet's target. |
169-
| **Destination port** | Destination port number for the packet. |
170-
| **Destination country** | Destination port number for the packet. |
171-
| **Protocol** | Protocol over which the packet was sent. |
172-
| **Detected protocol** | The detected [network protocol](/cloudflare-one/policies/gateway/network-policies/protocol-detection/). |
173-
| **SNI** | Host whose Server Name Indication (SNI) header Gateway will filter traffic against. |
174-
| **Virtual network** | [Virtual network](/cloudflare-one/connections/connect-networks/private-net/cloudflared/tunnel-virtual-networks/) that the client is connected to. |
175-
| **Category details** | Category or categories associated with the packet. |
176-
| **Proxy PAC endpoint** | [PAC file proxy endpoint](/cloudflare-one/connections/connect-devices/agentless/pac-files/) Gateway forwarded traffic to, if applicable. |
164+
| Field | Description |
165+
| ---------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- |
166+
| **Source IP** | IP address of the user sending the packet. |
167+
| **Source port** | Source port number for the packet. |
168+
| **Source country** | Country code for the packet source. |
169+
| **Source IP continent** | Continent code of the source IP address. |
170+
| **Source IP country** | Country code of the source IP address. |
171+
| **Destination IP** | IP address of the packet's target. |
172+
| **Destination port** | Destination port number for the packet. |
173+
| **Destination IP continent** | Continent code of the IP address for the packet's destination. |
174+
| **Destination IP country** | Country code of the IP address for the packet's destination. |
175+
| **Transport protocol** | Protocol over which the packet was sent. |
176+
| **Detected Protocol** | The detected [network protocol](/cloudflare-one/policies/gateway/network-policies/protocol-detection/). |
177+
| **SNI** | Host whose Server Name Indication (SNI) header Gateway will filter traffic against. |
178+
| **Virtual Network** | [Virtual network](/cloudflare-one/connections/connect-networks/private-net/cloudflared/tunnel-virtual-networks/) that the client is connected to. |
179+
| **Category details** | Category or categories associated with the packet. |
180+
| **Proxy endpoint** | [PAC file proxy endpoint](/cloudflare-one/connections/connect-devices/agentless/pac-files/) Gateway forwarded traffic to, if applicable. |
181+
| **Application ID** | ID of the application that matched the domain. |
182+
| **Application name** | Name of the application that matched the domain. |
177183

178184
## HTTP logs
179185

@@ -203,11 +209,14 @@ When an HTTP request results in an error, Gateway logs the first 512 bytes of th
203209

204210
#### Matched policies
205211

206-
| Field | Description |
207-
| ---------------------- | ---------------------------------- |
208-
| **Policy name** | Name of the matched policy. |
209-
| **Policy ID** | ID of the matched policy. |
210-
| **Policy description** | Description of the matched policy. |
212+
| Field | Description |
213+
| ------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- |
214+
| **DNS location** | [User-configured location](/cloudflare-one/connections/connect-devices/agentless/dns/locations/) from where the DNS query was made. |
215+
| **Policy name** | Name of the matched policy. |
216+
| **Policy ID** | ID of the matched policy. |
217+
| **Policy description** | Description of the matched policy. |
218+
| **Matched category ID** | ID of the category matched in the policy. |
219+
| **Matched category name** | Name of the category matched in the policy. |
211220

212221
#### Identities
213222

@@ -221,21 +230,29 @@ When an HTTP request results in an error, Gateway logs the first 512 bytes of th
221230

222231
#### HTTP query details
223232

224-
| Field | Description |
225-
| -------------------------- | ----------------------------------------------------------------------------------------------------------- |
226-
| **HTTP version** | HTTP version of the origin that Gateway connected to on behalf of the user. |
227-
| **HTTP method** | HTTP method used for the request (such as `GET` or `POST`). |
228-
| **HTTP status code** | [HTTP status code](/support/troubleshooting/http-status-codes/http-status-codes/) returned in the response. |
229-
| **URL** | Full URL of the HTTP request. |
230-
| **Referer** | Referer request header containing the address of the page making the request. |
231-
| **Source IP** | Public source IP address of the HTTP request. |
232-
| **Source port** | Port that was used to make the HTTP request. |
233-
| **Source IP country** | Country code of the HTTP request. |
234-
| **Destination IP** | Public IP address of the destination requested. |
235-
| **Destination port** | Port of the destination requested. |
236-
| **Destination IP country** | Country code of the destination requested. |
237-
| **Blocked file reason** | Reason why the file was blocked if a file transfer occurred or was attempted. |
238-
| **Category details** | Category the blocked file belongs to. |
233+
| Field | Description |
234+
| ---------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- |
235+
| **HTTP Version** | HTTP version of the origin that Gateway connected to on behalf of the user. |
236+
| **HTTP Method** | HTTP method used for the request (such as `GET` or `POST`). |
237+
| **HTTP Status Code** | [HTTP status code](/support/troubleshooting/http-status-codes/http-status-codes/) returned in the response. |
238+
| **URL** | Full URL of the HTTP request. |
239+
| **Referer** | Referer request header containing the address of the page making the request. |
240+
| **Source IP** | Public source IP address of the HTTP request. |
241+
| **Source Port** | Port that was used to make the HTTP request. |
242+
| **Source IP continent** | Continent code of the HTTP request. |
243+
| **Source IP country** | Country code of the HTTP request. |
244+
| **Destination IP** | Public IP address of the destination requested. |
245+
| **Destination Port** | Port of the destination requested. |
246+
| **Destination IP continent** | Continent code of the destination requested. |
247+
| **Destination IP country** | Country code of the destination requested. |
248+
| **Blocked file reason** | Reason why the file was blocked if a file transfer occurred or was attempted. |
249+
| **Category details** | Detailed information on the category the blocked file belongs to. |
250+
| **Application ID** | ID of the application that matched the domain. |
251+
| **Application name** | Name of the application that matched the domain. |
252+
| **Categories** | [Content categories](/cloudflare-one/policies/gateway/domain-categories/) that the domain belongs to. |
253+
| **Proxy endpoint** | [PAC file proxy endpoint](/cloudflare-one/connections/connect-devices/agentless/pac-files/) Gateway forwarded traffic to, if applicable. |
254+
| **Virtual Network** | [Virtual network](/cloudflare-one/connections/connect-networks/private-net/cloudflared/tunnel-virtual-networks/) that the client is connected to. |
255+
| **Sandbox scanned** | Status of the [file quarantine](/cloudflare-one/policies/gateway/http-policies/file-sandboxing/). |
239256

240257
#### File detection details
241258

0 commit comments

Comments
 (0)