Add Cloudflare Connector to SkyFormation Platform

if you're having trouble at any stage please contact us at support@skyformation.com. 

Preface

Cloudflare is a web-infrastructure and website security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.
This guide will help you add a new Cloudflare connector to your Exabeam Cloud Connectors (aka SkyFormation platform).
For more information please visit the Cloudflare official website.

Prerequisites

To add the Cloudflare connector to your SkyFormation platform, you will need to provide one of the following authentication data:

1. Email and Global API Token:
   
   Provide the Email and Global API Token of the account you would like to pull data from.
   If you're on the Enterprise plan, you can setup a Multi-User account.
   See Cloudflare's documentation here.
   
   You can find the Global API Token in the Cloudflare User Profile API Tokens page.
   
   Since Cloudflare limits the API calls of an account, it's recommended that you create a new account and add it to your organization account (in Cloudflare) with the required permissions (see the permissions section below).
   
   The account you create can be used for this connector.
   
   
2. API Token:
   
   In the Cloudflare User Profile API Tokens page, you can create an API Token with specific permissions (see the permissions section below).
   
   For the connector to work properly, please include the following permissions to either the account or the API token you specify.

3. Permissions needed

   • Read the accounts list
   • Read account audit logs
   • Read account members
   • Read zones list
   • Read zone logs
   • Read zone firewall services
4. Enable retention policy:
   
   In order for the connector to retrieve events from the CDN logs endpoints, the retention policy for every zone must be enabled. You can enable the retention policy for zones by following this guide.

Steps to onboard the connector

1. Login to your SkyFormation Platform
2. Navigate via left navigation panel to "​Settings​" section
3. Navigate via New Settings left navigation panel to "​Accounts​" section
4. Click the "Add Account" bottom
5. In "Select service to add" choose "Cloudflare" and you'll see the following screen:
   
   
6. Fill in the required authentication information in the prerequisite section
7.  Fill in your organization name. Please note that the organization name provided should be the same as the Cloudflare account's name you would like to pull data from
8. Click on "Test Connection" to make sure the connection is set up successfully
9. Start the connector and make sure that the status becomes "OK" after a few seconds

That's it!