Cloudflare requests data
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

 
View only
 
 
ABCDEFGHIJKLMNOPQRSTUVWXY
1
ColumnClickhouse Data TypeELS /received fieldDescription
2
dateDateEdgeStartTimestampThe date is taken at the start of the request
3
datetimeDateTimeEdgeStartTimestampThe datetime is taken at the start of the request
4
zoneIdUInt32ZoneIDInternal Zone ID
5
zonePlanEnum8-Internal Zone plan, e.g. BIZ
6
ownerIdUInt32-Internal Owner ID (formerly User ID)
7
hosterIdUInt32-Internal Hoster ID
8
brandIdUInt32-Internal Brand ID
9
securityLevelEnum8SecurityLevelSecurity level configured for this zone
10
flagsUInt32-Flags
11
clientIPv6FixedString(16)ClientIPIP address of client connecting to CloudFlare edge server, version 6
12
clientIPv4UInt32ClientIPIP address of client connecting to CloudFlare edge server, version 4
13
clientIPClassEnum8ClientIPClassIP classification, e.g. clean, searchEngine, tor
14
clientCountryUInt16ClientCountryCountry associated with client's IP
15
clientSSLProtocolEnum8ClientSSLProtocolSSL protocol (if any) used by the client, e.g. TLSv1.3
16
clientSSLCipherUInt8ClientSSLCipherSSL cipher selected by the server
17
clientSSLFlagsUInt32-SSL flags
18
clientCFDUIDFixedString(43)-Value of the __cfduid (session) cookie assigned to this client.
19
clientGeneratedCFDUIDUInt8-True if we set the __cfduid cookie in the response headers. If the client didn't provide cfuid cookie, we generated new one.
20
clientRequestBytesUInt64ClientRequestBytesTotal number of HTTP request bytes sent by client
21
clientRequestBodyBytesUInt64-Total number of HTTP request body bytes sent by client
22
clientRequestHTTPHostStringClientRequestHostHost header sent by client, http://nginx.org/en/docs/http/ngx_http_core_module.html#var_host
23
clientRequestHTTPMethodUInt8ClientRequestMethodHTTP method, e.g. GET, http://nginx.org/en/docs/http/ngx_http_core_module.html#var_request_method
24
clientRequestPathStringClientRequestURIpath of URI requested by the client
25
clientRequestQueryStringClientRequestURIquery of URI requested by the client
26
clientRequestHTTPProtocolEnum8ClientRequestProtocole.g. HTTP/1.x, SPDY/3.x
27
clientRefererSchemeEnum8ClientRequestReferer
28
clientRefererHostStringClientRequestReferer
29
clientRefererPathStringClientRequestReferer
30
clientRefererQueryStringClientRequestReferer
31
clientRequestFlagsUInt32-
32
clientRequestAcceptString-
33
clientRequestDntEnum8-
34
clientRequestSchemeEnum8-URI scheme (http/https)
35
clientRequestSignatureString-HTTP request signature, used by gatebot for attack mitigation.
36
clientRequestSignatureHlistString-HTTP request signature with headers list sorted alphabetically
37
clientRequestFingerprintIdFixedString(16)-Id of the HTTP fingerprint that was matched on the request
38
edgeIPv6FixedString(16)-FL Server IP that request was received on
39
edgeIPv4UInt32-
40
edgePortUInt16-FL Server port that request was received on
41
edgeTimeMsUInt32-Represents full time to satisfy the HTTP transaction on our edge. That it includes time for the client to issue full request, slow client will contribute to a larger number here.
42
edgeColoIdUInt16EdgeColoIDColo ID, one of Cloudflare's 120+ data centers
43
edgeMetalIdUInt16-
44
edgeEnabledFlagsUInt32-Features enabled
45
edgeUsedFlagsUInt32-Features used
46
edgePathingOpEnum8EdgePathingOpPathing records the outcome of the request from fl perspective. Operation is the outcome.
47
edgePathingSrcEnum8EdgePathingSrcsource is what caused the outcome
48
edgePathingStatusUInt8EdgePathingStatusstatus explains the mechanism
49
edgeLBEnabledUInt8-If the request is served by a IP resolved by LB
50
edgeRequestBytesUInt64-Total number of HTTP request bytes sent by FL to cache
51
edgeRequestHTTPMethodUInt8-HTTP Method. ESC can change this.
52
edgeRequestKeepAliveStatusEnum8-Keepalive info between FL and cache box
53
edgeResponseStatusUInt16EdgeResponseStatusHTTP status code of response
54
edgeResponseBytesUInt64EdgeResponseBytesNumber of bytes sent to client, http://nginx.org/en/docs/http/ngx_http_core_module.html#var_bytes_sent
55
edgeResponseBodyBytesUInt64-Number of bytes sent to a client, not counting the response header, http://nginx.org/en/docs/http/ngx_http_core_module.html#var_body_bytes_sent
56
edgeResponseCompressionRatioFloat32EdgeResponseCompressionRatioHow well did the response data compress
57
edgeResponseContentTypeUInt32-Content-Type response from edge
58
edgeWAFTimeMsUInt16-Difference between when WAF starts processing and when WAF has finished processing
59
edgeWAFRuleIdStringWAFRuleIDWhich WAF rule is triggered
60
edgeWAFActionEnum8WAFActionWAF action that is taken
61
edgeDNSResponseErrorEnum8-Internal DNS lookup info error
62
edgeDNSResponseCachedUInt8-If the response is from local cache
63
edgeDNSResponseTimeMsUInt16-Time spent on DNS lookup
64
cacheTimeMsUInt16-This represents TTFB from nginx-cache's point of view, including the impact of Tiered Caching and Smart Routing.
65
cacheBckTypeEnum8-Backend that returned the data
66
cacheStatusEnum8CacheCacheStatusDid it hit in the cache - unknown | miss | expired | updating | stale | hit | ignored | bypass | revalidated
67
cacheMetalIdUInt16-Cache server that fl connected to
68
cacheExternalPortUInt16-Port used for connection between cache and origin
69
cacheTieredFillUInt8-1: content is pulled from another colo, 0: pulled from origin or pulled from this colo
70
cacheRequestKeepAliveStatusEnum8-Did origin connection go over a keepalive connection
71
cacheResponseStatusUInt16CacheResponseStatusHTTP status code of response
72
cacheResponseBytesUInt64CacheResponseBytesNumber of bytes sent to edge, http://nginx.org/en/docs/http/ngx_http_upstream_module.html#var_upstream_response_length
73
cacheResponseRetriedStatusUInt16-If this request was retried from edge to cache, contains the status code of the first response from cache.
74
originResponseStatusUInt16OriginResponseStatusHTTP status code of response
75
originResponseContentEncodingEnum8-HTTP content-encoding header
76
originIPv6FixedString(16)OriginIPIP we actually talk to, version 6
77
originIPv4UInt32OriginIPIP we actually talk to, version 4
78
originPortUInt16-Origin port we connected to
79
backendZoneIdUsedUInt8-1 if Zone ID used to lookup data-plane control information.
80
backendViewIdUsedUInt8-1 if View ID used to lookup data-plane control information.
81
backendOriginIPUsedUInt8-1 if Origin IP used to lookup data-plane control information.
82
backendHostUsedUInt8-1 if HTTP Host used to lookup data-plane control information.
83
backendOriginReachedUInt8-1 if HTTP response is from origin server.
84
backendViewIdUInt16-Value of View ID (Baidu named group of subnets) found for Origin IP.
85
backendFailoverCountUInt8-Number of times nginx-be failed over to alternate network path.
86
backendProxyTimeoutCountUInt8-Number of times network path failed due to proxy -> proxy connection timeout.
87
backendOriginTimeoutCountUInt8-Number of times network path failed due to origin server timeout.
88
userAgentStringClientRequestUserAgentHTTP User-Agent header
89
uaDeviceTypeEnum8ClientRequestUserAgentUser-agent device type
90
uaDeviceFamilyUInt8ClientRequestUserAgentUser-agent device family
91
uaOSFamilyUInt8ClientRequestUserAgentUser-agent OS
92
uaBrowserFamilyUInt8ClientRequestUserAgentUser-agent browser family
93
xRequestedWithString-X-Requested-With HTTP header
94
ratelimitRuleIdUInt64-Internal rule id that blocked, or simulated blocking, the request.
95
railgunUsedUInt8-1 if Railgun was used
96
threatScoreUInt8-Threat score used for routing this request
97
threatScoreSourceFixedString(8)-Log threat score for the request and source of threat score data
98
upperTierColoIdUInt16-Argo upper tier colo ID
99
upperTierCacheTimeMsUInt16-Argo upper tier cache time
100
smartRouteColoIdUInt16-Argo Smart Routing proxy colo, only populated if a request was Smart Routed
Loading...
 
 
 
requests
aggregates
 
 
Main menu