Cloudflare Docs
Visit WAF on GitHub
Set theme to dark (⇧+D)

Monitor exposed credentials events

The Firewall Activity log contains entries for requests with exposed credentials identified by rules with the Log action.

Check for exposed credentials events in the Firewall Analytics dashboard (Security > Overview tab), filtering by a specific Rule ID. For more information on filtering firewall events, refer to Adjusting displayed data.