Menu
Grafana Cloud

Cloudflare integration for Grafana Cloud

Cloudflare is a globally distributed network infrastructure and cybersecurity company that provides content delivery, DDoS mitigation, internet security, and other related services to enhance the performance and security of websites and internet applications. This integration for Grafana Cloud allows users to collect and analyze metrics for Cloudflare Analytics - account and zone analytics, a description of which is found here.

Metrics include requests, bandwidth, CPU utilization, HTTP response codes, pool health, and colocation information. These are used to provide valuable visualizations for zones, workers, and pools.

This integration requires Pro Plan or better Cloudflare subscriptions.

This integration includes 5 useful alerts and 3 pre-built dashboards to help monitor and visualize Cloudflare metrics.

Before you begin

In order for the integration to properly work, you must set up the Cloudflare Prometheus exporter to export metrics from Cloudflare.

Get an API token

It is recommended to authenticate the exporter using an API token, which can be created by following this guide.

This newly created token will also need to be given certain permissions so the exporter can retrieve metrics. These permissions are:

  • Account Analytics: Read
  • Account Settings: Read
  • Analytics: Read

Set up Cloudflare exporter

The exporter can be configured by following this guide.

To build and run the exporter, use the following commands.

This command will build the exporter binary with the name cloudflare_exporter.

sh
make build

This uses the API token authentication method, so be sure to replace <cloudflare-api-token> with the token generated in the previous step. It also uses the useful flag -listen which will set the port metrics are served at. The default port is 8080 which may be an issue if you have a pre-existing process using that port.

sh
./cloudflare_exporter -listen=:<port_number> -cf_api_token=<cloudflare-api-token>

Install Cloudflare integration for Grafana Cloud

  1. In your Grafana Cloud stack, click Connections in the left-hand menu.
  2. Find Cloudflare and click its tile to open the integration.
  3. Review the prerequisites in the Configuration Details tab and set up Grafana Agent to send Cloudflare metrics to your Grafana Cloud instance.
  4. Click Install to add this integration’s pre-built dashboards and alerts to your Grafana Cloud instance, and you can start monitoring your Cloudflare setup.

Post-install configuration for the Cloudflare integration

After enabling the Cloudflare Prometheus exporter, instruct the Grafana Agent to scrape the metrics endpoint.

Be sure to change <exporter_host> and <exporter_port> to match your environment to get the correct label.

Configuration snippets for Grafana Agent

Below metrics.configs.scrape_configs, insert the following lines and change the URLs according to your environment:

yaml
    - job_name: integrations/cloudflare
      metrics_path: /metrics
      static_configs:
        - targets:
          - <exporter_hostname>:<exporter_port>
          labels:
            instance: <exporter_hostname>:<exporter_port>

Full example configuration for Grafana Agent

Refer to the following Grafana Agent configuration for a complete example that contains all the snippets used for the Cloudflare integration. This example also includes metrics that are sent to monitor your Grafana Agent instance.

yaml
integrations:
  prometheus_remote_write:
  - basic_auth:
      password: <your_prom_pass>
      username: <your_prom_user>
    url: <your_prom_url>
  agent:
    enabled: true
    relabel_configs:
    - action: replace
      source_labels:
      - agent_hostname
      target_label: instance
    - action: replace
      target_label: job
      replacement: "integrations/agent-check"
    metric_relabel_configs:
    - action: keep
      regex: (prometheus_target_.*|prometheus_sd_discovered_targets|agent_build.*|agent_wal_samples_appended_total|process_start_time_seconds)
      source_labels:
      - __name__
  # Add here any snippet that belongs to the `integrations` section.
  # For a correct indentation, paste snippets copied from Grafana Cloud at the beginning of the line.
logs:
  configs:
  - clients:
    - basic_auth:
        password: <your_loki_pass>
        username: <your_loki_user>
      url: <your_loki_url>
    name: integrations
    positions:
      filename: /tmp/positions.yaml
    scrape_configs:
      # Add here any snippet that belongs to the `logs.configs.scrape_configs` section.
      # For a correct indentation, paste snippets copied from Grafana Cloud at the beginning of the line.
metrics:
  configs:
  - name: integrations
    remote_write:
    - basic_auth:
        password: <your_prom_pass>
        username: <your_prom_user>
      url: <your_prom_url>
    scrape_configs:
      # Add here any snippet that belongs to the `metrics.configs.scrape_configs` section.
      # For a correct indentation, paste snippets copied from Grafana Cloud at the beginning of the line.
    - job_name: integrations/cloudflare
      metrics_path: /metrics
      static_configs:
        - targets:
          - <exporter_hostname>:<exporter_port>
          labels:
            instance: <exporter_hostname>:<exporter_port>
  global:
    scrape_interval: 60s
  wal_directory: /tmp/grafana-agent-wal

Dashboards

The Cloudflare integration installs the following dashboards in your Grafana Cloud instance to help monitor your system.

  • Cloudflare Geomap overview
  • Cloudflare worker overview
  • Cloudflare zone overview

Cloudflare zone overview 1 (pools)

image

Cloudflare zone overview 2 (colocation table)

image

Cloudflare Geomap overview

image

Alerts

The Cloudflare integration includes the following useful alerts:

AlertDescription
CloudflareHighThreatCountCritical: There are detected threats targeting the zone.
CloudflareHighRequestRateWarning: A high spike in requests is occurring which may indicate an attack or unexpected load.
CloudflareHighHTTPErrorCodesWarning: A high number of 4xx or 5xx HTTP status codes are occurring.
CloudflareUnhealthyPoolsCritical: There are unhealthy pools.
CloudflareMetricsDownCritical: Cloudflare metrics are down.

Metrics

The most important metrics provided by the Cloudflare integration, which are used on the pre-built dashboards and Prometheus alerts, are as follows:

  • cloudflare_worker_cpu_time
  • cloudflare_worker_duration
  • cloudflare_worker_errors_count
  • cloudflare_worker_requests_count
  • cloudflare_zone_bandwidth_cached
  • cloudflare_zone_bandwidth_content_type
  • cloudflare_zone_bandwidth_ssl_encrypted
  • cloudflare_zone_bandwidth_total
  • cloudflare_zone_colocation_requests_total
  • cloudflare_zone_pageviews_total
  • cloudflare_zone_pool_health_status
  • cloudflare_zone_pool_requests_total
  • cloudflare_zone_requests_browser_map_page_views_count
  • cloudflare_zone_requests_cached
  • cloudflare_zone_requests_status
  • cloudflare_zone_requests_total
  • cloudflare_zone_threats_total
  • cloudflare_zone_uniques_total

Changelog

md
# 1.0.0 - November 2023

* Initial release

Cost

By connecting your Cloudflare instance to Grafana Cloud, you might incur charges. To view information on the number of active series that your Grafana Cloud account uses for metrics included in each Cloud tier, see Active series and dpm usage and Cloud tier pricing.