Tracecat

Cloudflare MCP server

Query Cloudflare's API, audit logs, observability, and Cloudflare One CASB from your AI agents.

Network
http
Official docs

About

Connect Tracecat to Cloudflare to drive the network, SASE, and developer platform for SOC analysts and network engineers responding to Cloudflare audit log entries or CASB findings. You can query audit logs, pull Cloudflare One CASB findings, and inspect Logpush jobs from a workflow. From there, run DEX tests, analyze DNS traffic, and execute Cloudflare API operations with every tool call landing in Cloudflare's own audit log under the connected account.

Setup

  1. 1

    Sign in with OAuth

    You'll authorize Tracecat to access Cloudflare on your behalf. No API keys to manage.

  2. 2

    Select the Cloudflare tile in the Tracecat MCP catalog

    Open the MCP catalog in your workspace, select the Cloudflare tile, and complete the OAuth flow.

  3. 3

    Enable Cloudflare in your agent

    In your ai.agent action or Agents tools tab, select Cloudflare from the MCP integrations dropdown.

Tools

search

Search the Cloudflare API for operations relevant to a natural language query.

execute

Execute a discovered Cloudflare API operation with structured arguments.

query_audit_logs

Query the Cloudflare account audit log for changes by user, action, or zone.

query_logpush_jobs

List and inspect Logpush jobs for HTTP, firewall, and Zero Trust logs.

query_casb_findings

Pull Cloudflare One CASB findings for SaaS apps and misconfigurations.

query_dex_tests

Run Digital Experience Monitoring tests for branch and remote workforce visibility.

query_radar

Query Cloudflare Radar for internet traffic, threat, and routing trends.

query_dns_analytics

Analyze DNS query volume and response codes for a zone.

Deploy the Cloudflare MCP server in minutes

Connect your security agents to 50+ hosted MCP servers.

Self-host free