Cloudflare WAF

  • Published on Nov 13, 2025
  • 1 minute(s) read
Prev Next

Cloudflare WAF neutralizes the latest threats, including zero-days by being the frontline defense for web applications. More information can be found at Cloudflare WAF.

Integration Method: API

Tables: HTTP Activity (4002)

This integration supports the following events.

Event

 Description

 Firewall events

Get all the firewall events generated by the Cloudflare's security features on incoming HTTP requests

This integration supports the following versions.

Cloudflare WAF API version

v4.0

Note:

Cloudflare is a continuously updated cloud service. As for this document preparation, the latest release was in 16 June 2025

Prerequisites

  • Access to Cloudflare account with an account that has Administrator privileges.

  • Access to the DataBee console.

Configuration Overview

  1. Generate an API token with the required scope.

  2. Add the Cloudflare WAF data feed in the DataBee console with the below parameters.

    DataBee Parameter

    Cloudflare Parameter

    Token

    Personal Access Token

Cloudflare WAF Configuration

  1. Log on to Cloudflare WAF console.

  2. Go to Profile in the top right corner.
     

  3. Go to API Tokens.
     A screenshot of a computer AI-generated content may be incorrect.

  4. Under Create Custom Token section, click on Get started.

  5. Give an appropriate API token name.

  6. Permissions: select Account, choose Account Analytics and Read

  7. Click the +Add more button to add the following permissions: Firewall Services, Zone and Analytics with the Zone level and Read.

    A screenshot of a computer AI-generated content may be incorrect.

  8. Click Continue to summary at the bottom of the page.

    A screenshot of a computer screen AI-generated content may be incorrect.

  9. You will find the token summary on the following page. Click on Create Token button.

  10. Save the token for later use. It will not be visible later.

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
     

  2. Search for the Cloudflare WAF and click on it as shown below.
     

  3. Click on the API Ingest option for the collection method.
     

  4. Enter feed contact information and click Next.
     

  5. In the configuration page, confirm the following:

    • Authorization Method: Bearer Token

    • API Base URL: This is the base URL that DataBee will interact with.

    • Token: Enter the above generated Personal Access Token

    • Event Types: Preselected for all the event types that integration pulls.

    A screenshot of a computer AI-generated content may be incorrect.

  6. Click Submit.

Troubleshooting Tips

  • Ensure the token is pasted correctly. Since you cannot view the token after the 1st time, re-create the token, paste it on a text editor to ensure no spaces or unexpected characters are included and reconfigure the DataBee feed.

  • Ensure the Cloudflare WAF scopes/permissions are correct.