Enabling log retention
By default, your HTTP request logs are not retained. When using the Logpull API for the first time, you will need to enable retention. You can also turn off retention at any time. Note that after retention is turned off, previously saved logs will be available until the retention period expires (refer to Data retention period).
There are two endpoints for managing log retention:
GET /logs/control/retention/flag
- returns the current status of retentionPOST /logs/control/retention/flag
- turns retention on or off
Required API token permissions
At least one of the following token permissions
is required:
Logs Write
Logs Read
curl "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/logs/control/retention/flag" \ --request GET \ --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN"
curl.exe "https://api.cloudflare.com/client/v4/zones/{zone_id}/logs/control/retention/flag" ^--header "Authorization: Bearer <API_TOKEN>"
$uri = "https://api.cloudflare.com/client/v4/zones/{zone_id}/logs/control/retention/flag"$headers = @{"Authorization" = "Bearer <API_TOKEN>"}Invoke-RestMethod -Uri $uri -Method Get -Headers $headers
If the zone has log retention enabled you get the value true
, whereas a value of false
is returned when it is disabled.
Required API token permissions
At least one of the following token permissions
is required:
Logs Write
curl "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/logs/control/retention/flag" \ --request POST \ --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ --json '{ "flag": true }'
curl.exe "https://api.cloudflare.com/client/v4/zones/{zone_id}/logs/control/retention/flag" ^--request POST ^--header "Authorization: Bearer <API_TOKEN>" ^--header "Content-Type: application/json" ^--data "{""flag"": true}"
$uri = "https://api.cloudflare.com/client/v4/zones/{zone_id}/logs/control/retention/flag"$headers = @{"Authorization" = "Bearer <API_TOKEN>"}$bodyFlag = @{flag = $true} | ConvertTo-JsonInvoke-RestMethod -Uri $uri -Method Post -Headers $headers -Body $bodyFlag -ContentType "application/json"
{ "flag": true}
Required API token permissions
At least one of the following token permissions
is required:
Logs Write
curl "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/logs/control/retention/flag" \ --request POST \ --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ --json '{ "flag": false }'
curl.exe "https://api.cloudflare.com/client/v4/zones/{zone_id}/logs/control/retention/flag" ^--header "Authorization: Bearer <API_TOKEN>" ^--header "Content-Type: application/json" ^--data "{""flag"": false}"
$uri = "https://api.cloudflare.com/client/v4/zones/{zone_id}/logs/control/retention/flag"$headers = @{"Authorization" = "Bearer <API_TOKEN>"}$bodyFlag = @{flag = $false} | ConvertTo-JsonInvoke-RestMethod -Uri $uri -Method Post -Headers $headers -Body $bodyFlag -ContentType "application/json"
{ "flag": false}
Turning log retention on or off is recorded in Cloudflare Audit Logs.
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Products
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark
-