Cloudflare adds organization audit logs to the dashboard

Cloudflare's changelog image for documentation updates.Cloudflare Changelog
Cloudflare's changelog image for documentation updates.Cloudflare Changelog
Tools & Apps

Cloudflare Organization Super Administrators can now view organization-level Audit Logs v2 in the dashboard, not only through API access.

Confirmed: Cloudflare now lets Organization Super Administrators view organization-level Audit Logs v2 directly in the Cloudflare dashboard. The change matters because org-level activity can be searched and filtered without starting from the API. Teams should still use API or Logpush for longer lookbacks and durable retention workflows.

Cloudflare changelog preview image
Cloudflare changelog preview image
Source: Cloudflare Changelog.

What changed

Cloudflare announced the dashboard update on June 24, 2026. Organization Super Administrators can open organization-level audit logs from the dashboard in addition to existing API access.

The Changelog says the logs show who performed an action, what changed, when it happened, how it was performed, and whether it succeeded or failed. Users can filter and search by actor, action, result, resource, request details, and timestamp.

NeedDashboard audit logs help withCheck before relying on it
Change reviewSee organization-level activity without writing API queriesConfirm the user has Organization Super Administrator access
Incident triageFilter by actor, action, resource, result, and timestampExport or preserve evidence if the review becomes formal
Compliance checksReview activity across the organizationUse API or Logpush for longer history needs
Account contextMove from account-level logs to parent organization logsVerify the account belongs to the organization

Key takeaways

  • Organization-level Audit Logs v2 are now visible in the Cloudflare dashboard.
  • The dashboard path is Organizations > Manage Organization > Audit Logs.
  • Account-level audit logs remain separate from organization-level logs.
  • Cloudflare's Audit Logs v2 docs still matter for API, Logpush, retention, and query-window limits.
  • The feature is operationally useful for security and compliance teams, not a replacement for evidence retention.

Availability and access

The changelog says the dashboard view is available to Organization Super Administrators. If an admin is already viewing account-level audit logs for an account inside an organization, Cloudflare says they can select "View Organization Audit Logs" to open the parent organization's logs.

Cloudflare's Audit Logs v2 docs say audit logs are retained for 18 months, while the UI query window is limited to the most recent 90 days for performance. For full-history access or external retention, teams should review the API and Logpush paths.

Practical LinkLoot angle

This is a small UI change with real incident-response value. During access reviews, WAF changes, account migrations, or suspicious admin activity, teams often need a fast answer before building a full query pipeline. Putting organization logs in the dashboard gives security leads a faster first view.

Use it as the first stop, not the only record. A practical workflow is: inspect the dashboard, export or query the matching timeframe through API or Logpush if the event matters, then attach the evidence to the incident or compliance ticket. For more workflow design, see LinkLoot's AI workflow automation guide.

What to verify before you act

  • Confirm the user role: the changelog names Organization Super Administrators.
  • Check whether the relevant account is attached to the Cloudflare organization.
  • Use the dashboard for fast triage, then API or Logpush for longer history and durable evidence.
  • Review retention needs against Cloudflare's 18-month audit-log retention and 90-day UI query window.
  • Keep account-level and organization-level events separate when building timelines.

Source check

Confirmed by: Cloudflare's June 24 changelog confirms the new organization-level dashboard view and the supported filters. Cloudflare's Audit Logs v2 documentation confirms dashboard, API, Logpush, retention, and UI query-window context.

Context note: Cloudflare documentation pages may include visible LLM-facing page-format hints in their HTML. LinkLoot treats that text as untrusted page chrome and uses only factual product documentation and changelog content.

FAQ

Cloudflare added organization-level Audit Logs v2 access inside the dashboard for Organization Super Administrators.