Cloudflare Audit Logs
HTTP-SSECloudflare Audit Logs server for tracking account changes and suspicious activities
Cloudflare Audit Logs server for tracking account changes and suspicious activities
This is a Model Context Protocol (MCP) server that supports remote MCP connections, with Cloudflare OAuth built-in.
Audit logs summarize the history of changes made within your Cloudflare account. Audit logs include account level actions like zone configuration changes. The tool is powered by the Audit Log API
Currently available tools:
| Category | Tool | Description |
|---|---|---|
| Audit Logs | auditlogs_by_account_id | Fetches the history of changes between within your Cloudflare account over a specific time range |
Were there any suspicious changes made to my Cloudflare account yesterday around lunch time?When was the last activity that updated a DNS record?If your MCP client has first class support for remote MCP servers, the client will provide a way to accept the server URL (https://auditlogs.mcp.cloudflare.com/sse) directly within its interface (for example in Cloudflare AI Playground).
If your client does not yet support remote MCP servers, you will need to set up its resepective configuration file using mcp-remote to specify which servers your client can access.
Replace the content with the following configuration:
{ "mcpServers": { "cloudflare": { "command": "npx", "args": ["mcp-remote", "https://auditlogs.mcp.cloudflare.com/sse"] } } }
Once you've set up your configuration file, restart MCP client and a browser window will open showing your OAuth login page. Proceed through the authentication flow to grant the client access to your MCP server. After you grant access, the tools will become available for you to use.