Re: Cloudflare integration with Splunk Enterprise ...

ibrahim1 · ‎08-14-2024

Hello,

I want to integrate Cloudflare with our Splunk Enterprise via logpull method of Cloudflare. In this method, via rest api I'll pull the logs from Cloudflare every 1 hour.

Can someone please help me, how can I do that? Is there any add-on or app that I can use for calling the rest api? or is there any other methods that I can use?

deepakc · ‎08-14-2024

Getting data in requires a number of steps and investigation work.

Some high level notes/tips

1. The first thing you need to do is to determine what data you want from Cloudflare, they offer a number of services right?.

2. Investigate what options they provide in getting the data you want, logs, API, syslog etc.

3. You then look and explore Splunkbase (type in Cloudflare) and see if there is a Add-on (this is what typically helps you collect the data) you will need to do some homework and find out if it meets your methods of getting the data from step 2. Once you have this you need to Deploy the TA as per the instructions and connect to the data source.

Cloudflare integration with Splunk Enterprise (on-prem)

heavy forwarder

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

May 2026 Splunk Expert Sessions: Security & Observability

Join the Conversation