Documentation Center

Managing Your Cloudflare Data Collection and Events

  Role Availability   Read-Only   Analyst   Manager

After you configure the AlienApp for Cloudflare and have a successful connection, you should make sure that the scheduled collection job is enabled. For each deployed sensor, USM Anywhere includes an out-of-the-box log collection job to support AlienApp for Cloudflare data collection. You can then use rules to manage the eventsAny traffic or data exchange detected by AlienVault products through a Sensor, or through external devices such as a firewall. that USM Anywhere generates and stores, as well as the alarmsAlarms provide notification of an event or sequence of events that require attention or investigation. that it generates from specific types of events.

Important: The Cloudflare service can generate numerous log messages, depending on the traffic and number of the website assets it manages. When you have AlienApp for Cloudflare configured and the log collection job enabled, the number of events produced in USM Anywhere could be excessive and consume large amounts of data storage. To address this, you should add the suggested filtering rule to eliminate standard "HTTP OK" events.