Cloudflare Logs

The IBM® QRadar® DSM for Cloudflare Logs collects Cloudflare instance events by using the HTTP Receiver protocol or the Amazon AWS S3 REST API protocol.

Integrate Cloudflare Logs with QRadar by using the HTTP Receiver protocol

To integrate Cloudflare Logs with QRadar, complete the following steps:
  1. If automatic updates are not enabled, RPMs are available for download from the IBM support website (http://www.ibm.com/support). Download and install the most recent version of the following RPMs on your QRadar Console:
    • Protocol Common RPM
    • HTTP Receiver Protocol RPM
    • DSM Common RPM
    • Cloudflare Logs DSM RPM
  2. Configure your Cloudflare instance to send events to QRadar. For more information, see Configure Cloudflare to send events to QRadar when you use the HTTP Receiver protocol.
  3. If QRadar does not automatically detect the log source, add a Cloudflare Logs log source on the QRadar Console. For more information, see HTTP Receiver log source parameters for Cloudflare Logs.

Integrate Cloudflare Logs with QRadar by using the Amazon AWS S3 REST API protocol

To integrate Cloudflare Logs with QRadar, complete the following steps:
  1. If automatic updates are not enabled, RPMs are available for download from the IBM support website (http://www.ibm.com/support). Download and install the most recent version of the following RPMs on your QRadar Console:
    • Protocol Common RPM
    • Amazon AWS S3 REST API Protocol RPM
    • DSM Common RPM
    • Cloudflare Logs DSM RPM
  2. Configure your Cloudflare instance to send events to QRadar. For more information, see Configuring Cloudflare Logs to forward logs to send events to QRadar when you use the Amazon S3 REST API protocol .
  3. If QRadar does not automatically detect the log source, add a Cloudflare Logs log source on the QRadar Console. For more information, see Amazon REST S3 REST API log source parameters for Cloudflare Logs.