Home / Companies / Cloudflare / Blog / Post Details
Content Deep Dive

Investigating multi-vector attacks in Log Explorer

Blog post from Cloudflare

Post Details
Company
Date Published
Author
Jen Sells, Claudio Jolowicz, and Nico Gutierrez
Word Count
2,266
Company Posts That Month
37
Language
English
Hacker News Points
-
Post removed?
No
Summary

Cloudflare's Log Explorer serves as a comprehensive tool for cybersecurity forensics, providing 360-degree visibility by integrating 14 new datasets that cover the entire surface of Cloudflare's Application Services and Cloudflare One product portfolios. It centralizes raw logs from application-layer HTTP requests, network-layer DDoS and Firewall logs, and Zero Trust Access events into a unified interface, allowing security analysts to quickly investigate and correlate data across multiple sources, significantly reducing Mean Time to Detect (MTTD) and unmasking sophisticated, multi-layered attacks. By functioning as a "flight recorder," Log Explorer captures every interaction and potential threat before requests reach a user's infrastructure, offering granular insights through zone-scoped and account-scoped logs that track everything from website traffic and security events to internal security and network activity. The tool's extensibility, driven by a JSON Schema-based ingestion pipeline, enables the integration of additional data sources, positioning Log Explorer as a potential single pane of glass for correlating Cloudflare's telemetry with third-party logs. Recent architectural upgrades have improved the speed and resilience of data ingestion, reducing latency and enabling faster response times to multi-vector attacks, with future enhancements planned to further augment its capabilities.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Zero Trust 5 153 42 27 +119%
Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.