Intermediate Pro

Splunk Dashboard for Cloudflare Logs

Monitor and Analyze Cloudflare Web Traffic, WAF Actions, and Server Performance in Real-Time

Self-Paced by Rajneesh Gupta

Overview

In this project, you’ll build a Splunk dashboard to visualize and monitor Cloudflare web traffic logs.
You’ll analyze total requests, success/error rates, WAF actions (challenges and blocks), and top-performing endpoints.
The dashboard will also include geo-visualization of client IPs to help identify global traffic distribution and detect anomalies or malicious requests.
This hands-on project is ideal for SOC analysts and engineers who want to gain insights into web security and performance analytics using Cloudflare log data.

What You'll Learn

  • Cloudflare Log Analysis

    Understand how to parse and interpret Cloudflare HTTP request logs, including fields like ClientIP, URI, Status, and WAFAction.

  • Splunk Dashboard Visualization

    Create a rich, interactive Splunk dashboard featuring single-value metrics, bar charts, and choropleth maps for visual insights.

  • WAF Event Monitoring

    Track WAF challenges and blocks to identify potential attack patterns or false positives in real-time.

Prerequisites

  • Splunk SIEM Home Lab Project
  • Cloudflare access logs exported in JSON format

About Trainer

Rajneesh Gupta

Rajneesh Gupta

Rajneesh Gupta is a seasoned cybersecurity professional with over 11 years of industry experience. With a remarkable career focused on incident response, penetration testing, security compliance, and risk management, Rajneesh has established himself as a leading expert in the field. He is also an accomplished author, having penned the book "Hands-on with Blockchain and Cybersecurity". As a dedicated educator, Rajneesh has made a significant impact on the cybersecurity community by training over 60,000 students globally.

LinkedIn YouTube GitHub

Related Projects

Apache Server Log Analysis using Splunk
Pro Intermediate

Apache Server Log Analysis using Splunk

Detecting Brute Force, SQL Injection, XSS, and Suspicious Web Activity from Apache Access Logs with Splunk SIEM

Practical AWS Cloud Security Posture Assessment Using Scout Suite
Free Beginner

Practical AWS Cloud Security Posture Assessment Using Scout Suite

Identify real-world AWS attack surfaces through visual security posture analysis.

Wazuh + n8n + Anyrun: Automated Malware Analysis
Pro Intermediate

Wazuh + n8n + Anyrun: Automated Malware Analysis

Automate malware analysis by sending Wazuh-detected suspicious files into ANY.RUN, retrieving detailed reports and IOCs, and integrating results back into your SOC workflow.