Server Logs Analytics

Cloudflare Integration (Logpush)

Ansehn's Cloudflare Logpush integration streams your Cloudflare HTTP request logs directly to Ansehn in real time — no code, no scripts, no maintenance. Once connected, Ansehn automatically detects and surfaces AI crawler activity (GPTBot, OAI-SearchBot, ClaudeBot, PerplexityBot, Gemini, Google-Extended, and more) across your domain.

Logpush is a Cloudflare Enterprise feature. On Free, Pro, or Business plans, use the Cloudflare Worker integration instead — it works on every plan.

[!INFO] Which method should I use?

Method

Best for

Setup effort

Manual Upload

One-time analysis, quick checks, any web server

Low — upload a .log/.txt file

AWS CloudFront

Continuous monitoring of CloudFront distributions

Medium — one-time AWS setup

Cloudflare Logpush (this page)

Continuous, code-free monitoring on Cloudflare Enterprise

Low — configure a Logpush job in the dashboard

Cloudflare Worker

Continuous monitoring on any Cloudflare plan

Medium — deploy a small Worker

Custom Log API

Continuous, automated monitoring from any system

Medium — point a log drain or script at our endpoint


How it works

Cloudflare (your zone)
        │
        │  HTTP request logs (gzipped NDJSON, batched)
        ▼
Cloudflare Logpush  →  https://ingest.ansehn.com/v1/logs/cloudflare_logpush
        │
        │  API key auth · AI crawler detection · validation
        ▼
Your Server Logs & Our Pages Analytics

Cloudflare batches your zone's HTTP request logs and pushes them to Ansehn over HTTPS. Ansehn authenticates the request, detects AI crawler traffic by User-Agent, stores only the recognized AI crawler rows, and drops everything else before it is ever persisted. Because delivery happens entirely on Cloudflare's platform, zero latency is added to your visitors' requests.


Prerequisites

  • A Cloudflare account on the Enterprise plan (Logpush is Enterprise-only). On other plans, use the Cloudflare Worker integration.

  • Your domain proxied through Cloudflare (orange cloud enabled — see Step 6).

  • An Ansehn account with an active project for the domain you want to monitor.

  • An API key with the logs:ingest scope (see Step 1).


Step-by-step setup

Step 1 — Generate an API key in Ansehn

[!INFO] API key generation is available in your dashboard under Project Settings → API Keys.

  1. Navigate to Projects → [Your Project] → Settings → API Keys

  2. Click + New API Key

  3. Give the key a descriptive name (e.g., Production Cloudflare)

  4. Under Scopes, select logs:ingest

  5. Under Project, select the project for the domain you want to monitor

  6. Click Generate and copy the key immediately — it is only shown once

Your key will look like: ank_a1b2c3d4e5f6...

The key is scoped to a single project. Ansehn derives the project from the key itself, so you never send a project ID — logs are always attributed to the project the key belongs to.

Step 2 — Create a Logpush job

  1. In the Cloudflare dashboard, select your domain

  2. Go to Analytics & Logs → Logpush

  3. Click Create a Logpush job and choose the HTTP destination

Step 3 — Set the destination URL

Enter the following endpoint. Cloudflare converts any header_* query parameter into a real request header, which is how your API key is delivered securely:

https://ingest.ansehn.com/v1/logs/cloudflare_logpush?header_x-ansehn-api-key=ank_your_key

Replace ank_your_key with the key from Step 1. A Bearer variant also works:

https://ingest.ansehn.com/v1/logs/cloudflare_logpush?header_authorization=Bearer%20ank_your_key

When you create the job, Cloudflare sends a one-time validation request to the destination. Ansehn acknowledges it automatically — no action is needed on your side.

Step 4 — Filter to your domain

Under If logs match…, select Filtered logs and add a filter where ClientRequestHost equals your domain (e.g., www.example.com).

[!WARNING] Use your domain in the filter — not www.example.com, which is only an example. This keeps the job scoped to the site you want to monitor.

Step 5 — Select the dataset and fields

Choose the HTTP requests dataset and select exactly the following fields. Ansehn uses these to parse your logs correctly; rows missing a required field are skipped.

#

Field

Description

1

ClientIP

Client IP address

2

ClientRequestHost

Host requested by the client

3

ClientRequestMethod

HTTP request method (GET, POST, etc.)

4

ClientRequestURI

Request path and query

5

ClientRequestUserAgent

Client user agent string

6

ClientRequestReferer

Referrer header

7

EdgeStartTimestamp

Time the edge received the request

8

EdgeEndTimestamp

Time the edge finished responding

9

EdgeResponseStatus

HTTP response status code

10

EdgeResponseBytes

Response size in bytes

11

EdgeResponseContentType

Response content type

12

WorkerSubrequest

Lets Ansehn drop Worker-initiated subrequests so you don't double-count

Step 6 — Confirm timestamp format and batch size

In Advanced options:

  • Timestamp format: keep the default rfc3339. (Ansehn also accepts Unix epoch values, but RFC3339 is recommended for full precision.)

  • max_upload_bytes: set to ≤ 4.5 MB.

  • max_upload_records: set to ≤ 50,000.

These keep each batch within Ansehn's accepted request limits. The Cloudflare defaults almost always fall within this range.

Set the Output format to JSON, then submit the job.

Step 7 — Verify the Cloudflare proxy is enabled

Logpush for HTTP requests only captures traffic that flows through Cloudflare.

  1. Go to your Cloudflare dashboard → DNS → Records

  2. Confirm the Proxy status shows the orange cloud ("Proxied") for your A/AAAA/CNAME records

[!WARNING] If the proxy is off (gray cloud / "DNS only"), Cloudflare never sees the requests and cannot push logs. This is the #1 cause of no data appearing.


What gets stored

Ansehn stores only recognized AI crawler rows. You can safely send all of your HTTP request logs — non-AI-crawler traffic is detected and dropped before it is ever persisted, which keeps your storage footprint and privacy exposure low.

Idempotency is automatic: Ansehn derives a stable key from each batch's contents, so Cloudflare's automatic retries never create duplicate rows.

Response status codes

Condition

Status

Batch accepted (including zero AI crawler rows)

200 OK

Batch of only dropped Worker subrequests

200 OK (zero stored)

Duplicate batch (Cloudflare retry of identical data)

200 OK ("status": "duplicate")

Missing or invalid API key

401 Unauthorized

API key missing the logs:ingest scope

403 Forbidden

Empty batch, or every record malformed

400 Bad Request

Batch too large

413 Payload Too Large

Rate limit exceeded

429 Too Many Requests

Temporary ingest issue

5xx (Cloudflare retries automatically)


Verification

  1. Visit a page on your site (or wait for normal AI crawler traffic).

  2. Allow a few minutes — Logpush batches logs, so data typically appears within minutes up to about an hour depending on your traffic volume.

  3. Open your Ansehn Server Logs dashboard — activity appears under Daily Visits, Top Pages, and Top Crawlers.

  4. The connection status indicator next to the tab bar shows whether logs are flowing and when the last ingest occurred. Hover over it for diagnostics.


Frequently asked questions

**Will this slow down my website?**

No. Logpush runs entirely on Cloudflare's platform, off the critical path. Your visitors experience zero added latency.

**How long does it take for logs to appear?**

Logpush batches logs and forwards them periodically. Expect data within a few minutes up to about an hour, depending on your traffic.

**Do I need to pre-filter to AI crawlers only?**

No. Send all HTTP request logs for your domain — Ansehn detects AI crawler traffic server-side and stores only those rows.

**I'm not on the Enterprise plan — can I still use Cloudflare?**

Yes. Use the [Cloudflare Worker integration](https://docs.ansehn.com/cloudflare-worker), which works on every Cloudflare plan.

**Can I connect multiple domains to the same Ansehn project?**

Yes. Create one Logpush job per zone, each pointing at the endpoint with an API key for the target project.


Troubleshooting

Symptom

Meaning

Fix

No data appears

Cloudflare proxy is disabled, or the host filter doesn't match

Enable the orange cloud (Step 7); confirm the ClientRequestHost filter matches your domain

Logpush job shows errors

API key invalid, expired, or lacks logs:ingest scope

Regenerate the key in Project Settings → API Keys and update the destination URL

200 OK but no crawler data

The batch contained no recognized AI crawler User-Agents

Confirm your traffic includes AI bots

Records missing from the dashboard

Records outside the 90-day retention window, or missing required fields

Only send logs from the last 90 days; ensure all Step 5 fields are selected

413 Payload Too Large

Batch exceeds size limits

Lower max_upload_bytes / max_upload_records (Step 6)


Need help?

If you run into any issues during setup or have questions about the integration, reach out to us at [email protected] and mention "Cloudflare Logpush" in the subject line. We're happy to walk through the configuration with you directly.

Was this helpful?