Skip to content
Cloudflare Docs
Docs DirectoryAPIsSDKs

Available Notifications

Available Notifications depend on your Cloudflare plan. Cloudflare offers a variety of Notifications for our products and services, such as Billing, Denial of Service protection, Magic Transit, and SSL/TLS.

Depending on your plan, you can also configure webhooks, allowing you to connect your account with external services such as Slack and Google Chat, and PagerDuty to receive Cloudflare Notifications.

Actions available on receiving a Notification

Each Notification carries different types of information about the status of your Cloudflare account, or the type of action you can take.

Refer to information below to understand what each Notification does and what to do when receiving one.

Billing

Usage Based Billing

 Who is it for?

Customers who want to receive a notification when the usage of a product goes above a set level.

Other options / filters

You can choose the product that you want to be notified about and the threshold that fires the notification. Thresholds depend on the product chosen.

For example:

  • Argo Smart Routing has Notify when total bytes of traffic exceeds as a threshold.
  • Load Balancing has Notify when total number of DNS Queries exceeds as a threshold.

Included with

Professional plans or higher.

What should you do if you receive one?

Review your product usage and adjust the configuration and/or increase the alerting threshold.

Bots

Bot Detection Alert

 Who is it for?

Enterprise customers who want to be notified when Cloudflare detects a spike in bot traffic on their zones.

Other options / filters

None.

Included with

Accounts with at least one Enterprise zone.

What should you do if you receive one?

Select the Security Analytics link enclosed in the alert message. Contact support if additional advice is needed on how to investigate the attack further.

Additional information

After an alert is created on the dashboard, it may take up to 30 minutes before sufficient data is available to begin detecting traffic anomalies. Verified bot traffic is excluded from bot alerts.

Custom Bot Detection Alert

 Who is it for?

Enterprise customers who want to be notified when Cloudflare detects a spike in bot traffic on their zones.

Other options / filters

Refer to the alert logic for more information on additional filters or groupings.

Included with

Accounts with at least one Enterprise zone.

What should you do if you receive one?

Select the Security Analytics link enclosed in the alert message. Contact support if additional advice is needed on how to investigate the attack further.

Additional information

After an alert is created on the dashboard, it may take up to 30 minutes before sufficient data is available to begin detecting traffic anomalies. Verified bot traffic is excluded from both basic and advanced bot alerts.

Alerts with grouping could cause potential noise if you set them up for a high-traffic zone. Grouping alerts function as if you set up separate policies with a filter for each value. Alerts may trigger multiple values in the same group as long as the traffic for each value reaches the threshold of 200.

Client-side security

Client-side security New Code Change Detection Alert

 Who is it for?

Client-side security customers who want to receive a notification when JavaScript dependencies change in the pages of their domain.

Other options / filters

None.

Included with

Customers with Client-Side Security Advanced.

What should you do if you receive one?

Investigate to confirm that it is an expected change.

Additional information

Triggered daily. If configured with a zone filter, the alert is triggered immediately.

Client-side security New Domain Alert

 Who is it for?

Client-side security customers who want to receive a notification when resources from new host domains appear in their domain.

Other options / filters

None.

Included with

Business plans or higher.

What should you do if you receive one?

Investigate to confirm that it is an expected change.

Additional information

Triggered hourly. If configured with a zone filter, the alert is triggered immediately.

Client-side security New Malicious Domain Alert

 Who is it for?

Client-side security customers who want to receive a notification when resources from a known malicious domain appear in their domain. For more information, refer to Malicious script and connection detection.

Other options / filters

None.

Included with

Customers with Client-Side Security Advanced.

What should you do if you receive one?

Review the information in the client-side security dashboard about the detected malicious resources, then update the pages where those resources were detected.

For more information, refer to Review scripts and connections considered malicious.

Client-side security New Malicious Script Alert

 Who is it for?

Client-side security customers who want to receive a notification when Cloudflare classifies JavaScript dependencies in their domain as malicious. For more information, refer to Malicious script and connection detection.

Other options / filters

None.

Included with

Customers with Client-Side Security Advanced.

What should you do if you receive one?

Review the information in the client-side security dashboard about the detected malicious resources, then update the pages where those resources were detected.

For more information, refer to Review scripts and connections considered malicious.

Client-side security New Malicious URL Alert

 Who is it for?

Client-side security customers who want to receive a notification when resources from a known malicious URL appear in their domain. For more information, refer to Malicious script and connection detection.

Other options / filters

None.

Included with

Customers with Client-Side Security Advanced.

What should you do if you receive one?

Review the information in the client-side security dashboard about the detected malicious resources, then update the pages where those resources were detected.

For more information, refer to Review scripts and connections considered malicious.

Client-side security New Resources Alert

 Who is it for?

Client-side security customers who want to receive a notification when new resources appear in their domain.

Other options / filters

None.

Included with

Business plans or higher.

What should you do if you receive one?

Investigate to confirm that it is an expected change.

Additional information

Triggered daily. If configured with a zone filter, the alert is triggered immediately.

Client-side security New Resource Exceeds Max URL Length Alert

 Who is it for?

Client-side security customers who want to receive a notification when a resource's URL exceeds the maximum allowed length.

Other options / filters

None.

Included with

Business plans or higher.

What should you do if you receive one?

Manually check the resource.

Cloudflare Access

Expiring Access Service Token Alert

 Who is it for?

Access customers who want to receive a notification when their service token is about to expire.

Other options / filters

None.

Included with

Purchase of Access

What should you do if you receive one?

Extend the expiration date of the service token. For more details, refer to Renew your service token.

Cloudflare Images