This Splunk Technical Add-on allows collection of Audit events on a scheduled interval from Cloudfare's API.
Full documentation coming Soon.
Create a custom token with the following permissions.
Setting | Item | Permission |
---|---|---|
Account | Access: Audit Logs | Read |
Account | Account Settings | Read |
*Include All accounts
for Account Resources.
- Set Client IP address Filtering and TTL as needed.
This Technical Add-on (TA) is not affiliated with Cloudflare, Inc. and is not sponsored or sanctioned by the Cloudflare team. Cloudflare is and the Cloudflare web badges are registered trademarks of Cloudflare, Inc. Please visit https://www.cloudflare.com/ for more information about Cloudflare.
Info | Description |
---|---|
ta_cloudflare_audit | 0.0.2 - Splunkbase - TBD | GitHub |
Please open an issue or feature request on Github.