Cloudflare Docs
Logs
Cloudflare Docs
Logs
Edit this page
Report an issue with this page
Log into the Cloudflare dashboard
Set theme to dark (⇧+D)
  1. Products
  2. Logs
  3. ...
  4. Enable destinations
  5. Enable Microsoft Azure

Enable Logpush to Microsoft Azure

Cloudflare Logpush supports pushing logs directly to Microsoft Azure via the Cloudflare dashboard or via API.

​​ Manage via the Cloudflare dashboard

Enable Logpush to Microsoft Azure via the dashboard.

To enable the Cloudflare Logpush service:

  1. Log in to the Cloudflare dashboard.

  2. Select the Enterprise account or domain you want to use with Logpush.

  3. Go to Analytics & Logs > Logs.

  4. Select Add Logpush job.

  5. In Select data set, choose the dataset to push to a storage service, and select Next.

  6. In Select data fields:

    • Select the data fields to include in your logs. Add or remove fields later by modifying your settings in Logs > Logpush.
    • In Advanced Settings, you can change the Timestamp format (RFC3339(default),Unix, or UnixNano), Sampling rate and enable redaction for CVE-2021-44228.
    • Under Filters you can select the events to include and/or remove from your logs. For more information, refer to Filters. Not all datasets have this option available.

  1. In Select a destination, choose Microsoft Azure.

  2. Enter or select the following destination information:

    • SAS URL
    • Blob container subpath (optional)
    • Daily subfolders

  3. Select Validate access.

  4. Enter the Ownership token (included in a file or log Cloudflare sends to your provider) and select Prove ownership. To find the ownership token, select Open in the Overview tab of the ownership challenge file.

  5. Select Save and Start Pushing to finish enabling Logpush.

Once connected, Cloudflare lists Microsoft Azure as a connected service under Logs > Logpush. Edit or remove connected services from here.

​​ Create and get access to a Blob Storage container

Cloudflare uses a shared access signature (SAS) token to gain access to your Blob Storage container. You will need to provide Write permission and an expiration period of at least five years, which will allow you to not worry about the SAS token expiring.

Ensure Log Share permissions are enabled, before attempting to read or configure a Logpush job. For more information refer to the Roles section.

To enable Logpush to Azure:

  1. Create a Blob Storage container. Refer to instructions from Azure.

  2. Create a shared access signature (SAS) to secure and restrict access to your blob storage container. Use Storage Explorer to navigate to your container and right click to create a signature. Set the signature to expire at least five years from now and only provide write permission.

  3. Provide the SAS URL when prompted by the Logpush API or UI.