How to Fix Empty Cloudflare Firewall Security Logs


You probably have successfully set up your site, but you are wondering why there aren’t any security logs available? There is one simple explanation for this. Log events are only generated for requests matching a firewall rule. To have every allowed request logged you need to create a rule which matches all allowed requests. You may however see a few blocked requests matching pre-defined rules by Cloudflare.

Create Firewall Rule

Select your Cloudflare site and navigate to the Security tab and navigate to WAF (Web Application Firewall). Click on Create firewall rule.
Give you rule a name. In the Field dropdown select a condition. You could only log requests from certain countries for example but in my case I want to log everything, so I will select IP Source Address. Since we have to make sure that every request matches this rule I select does not equal in the Operator dropdown. In the Value field I will use a dummy IP for example You can also use any local IP address. Last but not least select Allow in the action dropdown.

Keep in mind that this rule does not prevent other Cloudflare products like Bot Fight Mode, IP Access Rules or Managed Rulesets from evaluating the request. If you want to use block rules make sure that they have a higher priority otherwise they won’t match.

Example Rule

Example Firewall Rule


You can now view all allowed requests. Logs might take some time to show up in your Overview.