Overview
The Cloudflare integration enables Steadwing to query DNS, WAF, and network infrastructure data from your Cloudflare account. During root cause analysis, Steadwing pulls zone configurations, firewall rules, and security events to identify DNS misconfigurations, blocked traffic, and network routing issues.Why Use Cloudflare with Steadwing?
DNS Analysis
Identify DNS misconfigurations and record issues affecting traffic
WAF & Firewall
Detect firewall rules or WAF configurations blocking legitimate traffic
Traffic Analytics
Analyze traffic patterns and identify anomalies during incidents
Security Events
Review firewall events to understand blocked requests and threats
Setup Instructions
Step 1: Create a Cloudflare Global API Key
- Log in to your Cloudflare account
- Navigate to My Profile → API Tokens
- Direct link: https://dash.cloudflare.com/profile/api-tokens
- In the API Keys section, locate Global API Key
- Click View to reveal your Global API Key
- Enter your Cloudflare password to confirm
- Copy the API key
Step 2: Note Your Account Email
You’ll need the email address associated with your Cloudflare account. This is the email you use to log in to Cloudflare.Step 3: Connect Cloudflare in Steadwing
- Navigate to Steadwing Settings
- Find the Cloudflare integration card
- Click to expand the collapsible form
- Fill in the required fields:
- API Key: Your Cloudflare Global API Key
- Account Email: The email address for your Cloudflare account
- Toggle the switch to Enable the integration
How Cloudflare Integration Works
Data Collection
Steadwing queries Cloudflare for:- Zones - List of domains and zone configurations
- DNS Records - DNS record configurations for your domains
- Firewall Rules - Active firewall rules that may block traffic
- WAF Configuration - Web Application Firewall packages and rules
- Rate Limits - Rate limiting rules that may throttle requests
- Page Rules - URL-based rules affecting traffic behavior
- Zone Settings - SSL, caching, and security configurations
- Traffic Analytics - Request volume and traffic patterns
- Firewall Events - Security events and blocked requests
Configuration
Required Permissions
The Cloudflare Global API Key provides:- Zone Read - Read zone configurations and settings
- DNS Read - Read DNS record configurations
- Firewall Read - Read firewall rules and events
- Analytics Read - Read traffic analytics data
FAQs
Can I use an API Token instead of Global API Key?
Can I use an API Token instead of Global API Key?
Yes, you can create a custom API Token with read permissions for Zones, DNS, Firewall, and Analytics. However, the Global API Key setup is simpler for most users.
Why do I need to provide my account email?
Why do I need to provide my account email?
Cloudflare’s API requires both the API key and the associated account email for authentication via the X-Auth-Email header.
Can Steadwing modify my DNS or firewall rules?
Can Steadwing modify my DNS or firewall rules?
No, Steadwing only has read access. It queries configurations and events but never modifies DNS records, firewall rules, or any other settings.
Which zones does Steadwing access?
Which zones does Steadwing access?
Steadwing can access all zones in your Cloudflare account. During RCA, it focuses on zones relevant to the incident being analyzed.
What happens if my API key is regenerated?
What happens if my API key is regenerated?
The integration will not work. Generate a new API key and update it in Steadwing Settings to reconnect.