6.9. Logpush Security Checks#
Checks for Cloudflare Logpush destination and coverage.
6.9.1. Check Summary#
Check ID |
Title |
Severity |
Compliance |
|---|---|---|---|
CFL-LOG-001 |
Logpush Destination |
high |
CIS 12.1, SOC2 CC7.2, PCI 10.1, NIST DE.CM-1 |
6.9.1.1. CFL-LOG-001: Logpush Destination#
Severity: high | Category: logpush | Compliance: CIS 12.1
Logpush sends request logs to external storage or SIEM systems. Without a Logpush destination, forensic and compliance log data is lost after Cloudflare’s retention period.
Remediation: Configure Logpush to send logs to a SIEM or long-term storage destination.