LIVE WebinarTaking Action on Your Security Alerts with Panther and Tines Register Now

Cloudflare

Inspect network traffic for signs of suspicious behavior

Request a DemoRead the Docs

App Info

Gain complete visibility into your network traffic with Panther’s Cloudflare integration.

Cloudflare logs include HTTP requests, firewall events, and Cloudflare Spectrum events. These logs are helpful for troubleshooting, identifying configuration adjustments, and improving the reliability and security of your applications. Panther can collect, normalize, and analyze Cloudflare logs to help you identify suspicious activity in real-time. Your normalized data is then retained to power future security investigations in a serverless data lake powered by AWS or the cloud-native data platform, Snowflake.

Use Cases

Common security use cases for Cloudflare with Panther include:

  • Analyze detailed web traffic attributes or monitor and get alerted for specific events
  • Track and analyze user behaviors such as visits or logins
  • Troubleshoot server failures and redirects in your code

How it Works

The integration is simple and fast:

  • Configure Cloudflare to send logs to S3 using the Cloudflare LogPush service
  • Add your S3 Bucket as a data source in Panther
  • Panther parses, normalizes, and analyzes your log data in real-time
  • As rules are triggered, alerts are sent to your configured destinations
  • Normalized logs can be searched from Panther’s Data Explorer (Enterprise only)
  • Sit back and monitor your activity!

Learn more about Panther's supported log schema for Cloudflare.

Run Panther

Learn how to secure your cloud, network, applications, and endpoints with Panther Enterprise.