Cloudflare Gateway DNS

Cloudflare Gateway DNS logs capture DNS queries made through Cloudflare’s secure DNS filtering service, which provides protection against malware, phishing, and unauthorized content access. These logs include details such as the domain names requested, the user or device making the request, and whether the request was blocked or allowed based on security policies. The logs are valuable for monitoring web traffic, enforcing content filtering, and detecting potentially malicious or risky domains.

Ingest Methods

Setup the ingestion of this source using one of the following guides.

• AWS S3 Bucket
• AWS S3 Bucket with Custom SQS
• Azure Blob Storage
• Google Cloud Storage

arn:aws:sns:<REGION>:253602268883:runreveal_cf_gateway_dns

Setup

Setting up Cloudflare gateway DNS logs requires the use of Cloudflare Logpush.

Navigate to the Logpush setup page in your Cloudflare account and create a new logpush job that sends gateway DNS logs to your storage bucket.

Once created Cloudflare will begin to push logs to your bucket and RunReveal will start to ingest them.