LogScale

Last reviewed: over 1 year ago

When Email Security detects a phishing email, the metadata of the detection can be sent directly to Falcon LogScale. For this tutorial, you will need a working Falcon LogScale account. You will also need to create a new Ingest Token in your LogScale account. Ingest Tokens identify repositories and are used to configure data ingestion to your repository. Refer to Falcon LogScale documentation ↗ for more information.

After creating your Ingest Token:

Log in to the Email Security dashboard ↗.
Go to Settings (the gear icon).
Go to Email Configuration > Domains & Routing > Alert Webhooks.
Select New Webhook.
In App Type, select SIEM.
Choose Crowdstrike from the dropdown, and paste your Ingest Token into the Auth Code section.
In Target, paste the URL https://cloud.community.humio.com/api/v1/ingest/hec/raw.
Select Publish Webhook.

Was this helpful?

Resources
API
New to Cloudflare?
Products
Sponsorships
Open Source

Support
Help Center
System Status
Compliance
GDPR

Company
cloudflare.com
Our team
Careers

Tools
Cloudflare Radar
Speed Test
Is BGP Safe Yet?
RPKI Toolkit
Certificate Transparency

2025 Cloudflare, Inc.
Privacy Policy
Terms of Use
Report Security Issues
Trademark