Cloudflare MCP server
Query Cloudflare's API, audit logs, observability, and Cloudflare One CASB from your AI agents.
About
Connect Tracecat to Cloudflare to drive the network, SASE, and developer platform for SOC analysts and network engineers responding to Cloudflare audit log entries or CASB findings. You can query audit logs, pull Cloudflare One CASB findings, and inspect Logpush jobs from a workflow. From there, run DEX tests, analyze DNS traffic, and execute Cloudflare API operations with every tool call landing in Cloudflare's own audit log under the connected account.
Setup
- 1
Sign in with OAuth
You'll authorize Tracecat to access Cloudflare on your behalf. No API keys to manage.
- 2
Select the
Cloudflaretile in the Tracecat MCP catalogOpen the
MCP catalogin your workspace, select theCloudflaretile, and complete the OAuth flow. - 3
Enable
Cloudflarein your agentIn your
ai.agentaction orAgents→toolstab, selectCloudflarefrom theMCP integrationsdropdown.
Tools
search | Search the Cloudflare API for operations relevant to a natural language query. |
execute | Execute a discovered Cloudflare API operation with structured arguments. |
query_audit_logs | Query the Cloudflare account audit log for changes by user, action, or zone. |
query_logpush_jobs | List and inspect Logpush jobs for HTTP, firewall, and Zero Trust logs. |
query_casb_findings | Pull Cloudflare One CASB findings for SaaS apps and misconfigurations. |
query_dex_tests | Run Digital Experience Monitoring tests for branch and remote workforce visibility. |
query_radar | Query Cloudflare Radar for internet traffic, threat, and routing trends. |
query_dns_analytics | Analyze DNS query volume and response codes for a zone. |