diff --git a/src/content/docs/cloudflare-one/insights/logs/audit-logs.mdx b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/access-authentication-logs.mdx
similarity index 94%
rename from src/content/docs/cloudflare-one/insights/logs/audit-logs.mdx
rename to src/content/docs/cloudflare-one/insights/logs/dashboard-logs/access-authentication-logs.mdx
index 16f80ab66581f08..37e67973a4d7646 100644
--- a/src/content/docs/cloudflare-one/insights/logs/audit-logs.mdx
+++ b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/access-authentication-logs.mdx
@@ -5,17 +5,18 @@ tags:
- Logging
sidebar:
order: 2
-head: []
description: Use Access authentication logs to review authentication events and
requests to protected URI paths and infrastructure targets.
---
-import { GlossaryTooltip, TabItem, Tabs, APIRequest } from "~/components";
+import { GlossaryTooltip, TabItem, Tabs, APIRequest, InlineBadge } from "~/components";
+
+Access authentication logs use an updated log viewer with the following capabilities: filter by field, customize columns, view details by selecting a timestamp, and switch to the classic view. Querying for fewer fields improves log loading performance.
Cloudflare Access generates two types of audit logs:
-- **[Authentication audit logs](/cloudflare-one/insights/logs/audit-logs/#authentication-logs)** maintain a record of authentication events.
-- **[Per-request audit logs](/cloudflare-one/insights/logs/audit-logs/#per-request-logs)** record requests to protected URI paths and infrastructure targets.
+- **[Authentication audit logs](#authentication-logs)** maintain a record of authentication events.
+- **[Per-request audit logs](#per-request-logs)** record requests to protected URI paths and infrastructure targets.
## Authentication logs
diff --git a/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/admin-activity-logs.mdx b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/admin-activity-logs.mdx
new file mode 100644
index 000000000000000..e991821adbacf0c
--- /dev/null
+++ b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/admin-activity-logs.mdx
@@ -0,0 +1,28 @@
+---
+pcx_content_type: reference
+title: Admin activity logs
+sidebar:
+ order: 1
+description: Monitor when a member on your account creates, updates, or deletes configurations.
+---
+
+Admin activity logs record configuration changes made by members of your Cloudflare account. Use these logs to monitor when a member creates, updates, or deletes configurations in your Zero Trust organization.
+
+To view admin activity logs, log in to [Cloudflare One](https://one.dash.cloudflare.com/) and go to **Insights** > **Logs** > **Admin activity logs**.
+
+## Explanation of the fields
+
+| Field | Description |
+| --------------------- | ------------------------------------------------------------------ |
+| **Action timestamp** | Date and time when the change occurred. |
+| **Action type** | Type of action taken (for example, `create`, `update`, `delete`). |
+| **Action result** | Whether the action was successful. |
+| **Actor email** | Email address of the user who performed the action. |
+| **Actor IP address** | IP address of the user who performed the action. |
+| **Actor type** | Type of user that initiated the action. |
+| **Resource type** | The type of resource that was changed. |
+| **Resource product** | The Cloudflare product associated with the resource. |
+
+## Export admin activity logs
+
+Enterprise users can export admin activity logs using [Logpush](/cloudflare-one/insights/logs/logpush/). For a list of all available fields, refer to [Audit Logs V2](/logs/logpush/logpush-job/datasets/account/audit_logs_v2/).
diff --git a/src/content/docs/cloudflare-one/insights/logs/gateway-logs/index.mdx b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/gateway-logs/index.mdx
similarity index 98%
rename from src/content/docs/cloudflare-one/insights/logs/gateway-logs/index.mdx
rename to src/content/docs/cloudflare-one/insights/logs/dashboard-logs/gateway-logs/index.mdx
index 40fb6173b16a1a5..a11d7e6026db6ab 100644
--- a/src/content/docs/cloudflare-one/insights/logs/gateway-logs/index.mdx
+++ b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/gateway-logs/index.mdx
@@ -5,9 +5,18 @@ tags:
- Logging
sidebar:
order: 3
+description: Review DNS queries, network traffic, and HTTP requests inspected by Gateway.
---
-import { Render, GlossaryTooltip } from "~/components";
+import { Render, GlossaryTooltip, DirectoryListing, InlineBadge } from "~/components";
+
+Gateway activity logs show the individual DNS queries, Network packets, and HTTP requests inspected by Gateway. You can also download encrypted [SSH command logs](/cloudflare-one/insights/logs/dashboard-logs/ssh-command-logs/) for sessions proxied by Gateway.
+
+To view Gateway activity logs, log in to [Cloudflare One](https://one.dash.cloudflare.com/) and go to **Insights** > **Logs** and choose a type of Gateway log. Select an individual row to investigate the event in more detail.
+
+Enterprise users can generate more detailed logs with [Logpush](/cloudflare-one/insights/logs/logpush/).
+
+
:::note[Private source IP substitution]
@@ -15,11 +24,9 @@ Gateway logs will only show the public IP address for the **Source IP** field. P
:::
-Gateway activity logs show the individual DNS queries, Network packets, and HTTP requests inspected by Gateway. You can also download encrypted [SSH command logs](/cloudflare-one/traffic-policies/network-policies/ssh-logging/) for sessions proxied by Gateway.
-
-To view Gateway activity logs, log in to [Cloudflare One](https://one.dash.cloudflare.com/) and go to **Insights** > **Logs** and choose a type of Gateway log. Select an individual row to investigate the event in more detail.
+## Log viewer
-Enterprise users can generate more detailed logs with [Logpush](/cloudflare-one/insights/logs/logpush/).
+Gateway activity logs use an updated log viewer with the following capabilities: filter by field, customize columns, view details by selecting a timestamp, and switch to the classic view. Querying for fewer fields improves log loading performance.
## Selective logging
diff --git a/src/content/docs/cloudflare-one/insights/logs/gateway-logs/manage-pii.mdx b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/gateway-logs/manage-pii.mdx
similarity index 99%
rename from src/content/docs/cloudflare-one/insights/logs/gateway-logs/manage-pii.mdx
rename to src/content/docs/cloudflare-one/insights/logs/dashboard-logs/gateway-logs/manage-pii.mdx
index 92f29d650c6e514..3d4ccecb8f85129 100644
--- a/src/content/docs/cloudflare-one/insights/logs/gateway-logs/manage-pii.mdx
+++ b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/gateway-logs/manage-pii.mdx
@@ -4,7 +4,7 @@ title: Manage PII
tags:
- Privacy
sidebar:
- order: 3
+ order: 1
---
Cloudflare Gateway gives you multiple ways to safely handle your employees' personally identifiable information (PII). By default, PII is redacted from Gateway Activity logs for all permission roles except the Super Administrator and users with the [Cloudflare Zero Trust PII role](/cloudflare-one/roles-permissions/#cloudflare-zero-trust-pii) assigned to them. Only the Super Administrator can assign roles and determine who has permission to view PII. Redacting PII does not affect the way PII is captured in logs as the data is simply hidden and no information is lost.
diff --git a/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/index.mdx b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/index.mdx
new file mode 100644
index 000000000000000..308ec88a79a9987
--- /dev/null
+++ b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/index.mdx
@@ -0,0 +1,17 @@
+---
+pcx_content_type: navigation
+title: Dashboard logs
+sidebar:
+ order: 1
+head:
+ - tag: title
+ content: Zero Trust dashboard logs
+---
+
+import { DirectoryListing } from "~/components";
+
+The following logs are available in the [Zero Trust dashboard](https://one.dash.cloudflare.com/).
+
+
+
+For additional datasets and long-term log storage, refer to [Logpush](/cloudflare-one/insights/logs/logpush/).
diff --git a/src/content/docs/cloudflare-one/insights/logs/posture-logs.mdx b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/posture-logs.mdx
similarity index 89%
rename from src/content/docs/cloudflare-one/insights/logs/posture-logs.mdx
rename to src/content/docs/cloudflare-one/insights/logs/dashboard-logs/posture-logs.mdx
index c4ebe6022937efe..e81d9e6efd3e44e 100644
--- a/src/content/docs/cloudflare-one/insights/logs/posture-logs.mdx
+++ b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/posture-logs.mdx
@@ -2,13 +2,13 @@
pcx_content_type: reference
title: Posture logs
sidebar:
- order: 7
-
+ order: 8
+description: Monitor the results of device posture checks performed on your users' devices.
---
Posture logs show the [device posture check](/cloudflare-one/reusable-components/posture-checks/) results reported by the Cloudflare One Client.
-To view device posture logs, log in to [Cloudflare One](https://one.dash.cloudflare.com/) and go to **Logs** > **Posture**. Logs will only display if you have configured [device posture checks](/cloudflare-one/reusable-components/posture-checks/) for your Zero Trust organization.
+To view device posture logs, log in to [Cloudflare One](https://one.dash.cloudflare.com/) and go to **Insights** > **Logs** > **Posture logs**. Logs will only display if you have configured [device posture checks](/cloudflare-one/reusable-components/posture-checks/) for your Zero Trust organization.
Enterprise users can generate more detailed logs with [Logpush](/cloudflare-one/insights/logs/logpush/).
diff --git a/src/content/docs/cloudflare-one/insights/logs/scim-logs.mdx b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/scim-logs.mdx
similarity index 84%
rename from src/content/docs/cloudflare-one/insights/logs/scim-logs.mdx
rename to src/content/docs/cloudflare-one/insights/logs/dashboard-logs/scim-logs.mdx
index 2dbfa6fd0bb3064..d4bff85f0268939 100644
--- a/src/content/docs/cloudflare-one/insights/logs/scim-logs.mdx
+++ b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/scim-logs.mdx
@@ -1,11 +1,10 @@
---
pcx_content_type: reference
-title: SCIM activity logs
+title: SCIM provisioning logs
tags:
- SCIM
sidebar:
- order: 3
- label: SCIM logs
+ order: 7
---
import { Render } from "~/components";
@@ -14,7 +13,7 @@ SCIM activity logs allow administrators to audit how [SCIM provisioning](/cloudf
## View SCIM logs
-For an overview of SCIM events across all users, log in to [Cloudflare One](https://one.dash.cloudflare.com/) and go to **Logs** > **SCIM provisioning**. This page lists the inbound SCIM requests from all identity providers configured with SCIM. You can select an individual request to view more details about the SCIM operation.
+For an overview of SCIM events across all users, log in to [Cloudflare One](https://one.dash.cloudflare.com/) and go to **Insights** > **Logs** > **SCIM provisioning logs**. This page lists the inbound SCIM requests from all identity providers configured with SCIM. You can select an individual request to view more details about the SCIM operation.
To investigate how SCIM events impacted a specific user, go to their [User Registry identity](/cloudflare-one/team-and-resources/users/users/).
diff --git a/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/ssh-command-logs.mdx b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/ssh-command-logs.mdx
new file mode 100644
index 000000000000000..90d421dec63476e
--- /dev/null
+++ b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/ssh-command-logs.mdx
@@ -0,0 +1,49 @@
+---
+pcx_content_type: reference
+title: SSH command logs
+sidebar:
+ order: 6
+description: Review SSH commands a user ran on a target.
+---
+
+SSH command logs record the commands that users run on infrastructure targets protected by [Access for Infrastructure](/cloudflare-one/networks/connectors/cloudflare-tunnel/use-cases/ssh/ssh-infrastructure-access/). Use these logs to audit user activity on your SSH servers.
+
+To view SSH command logs, log in to [Cloudflare One](https://one.dash.cloudflare.com/) and go to **Insights** > **Logs** > **SSH command logs**.
+
+## Prerequisites
+
+To generate SSH command logs, you must:
+
+1. Set up [Access for Infrastructure](/cloudflare-one/networks/connectors/cloudflare-tunnel/use-cases/ssh/ssh-infrastructure-access/) for your SSH servers.
+2. [Enable SSH command logging](/cloudflare-one/networks/connectors/cloudflare-tunnel/use-cases/ssh/ssh-infrastructure-access/#ssh-command-logs) by uploading an encryption public key.
+
+## View SSH logs
+
+SSH command logs displayed in the dashboard are encrypted using a public key you provide. To view the contents of the logs:
+
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Insights** > **Logs** > **SSH command logs**.
+2. Filter the logs using the name of your SSH application.
+3. Select the SSH session for which you want to export command logs.
+4. In the side panel, scroll down to **SSH logs** and select **Download**.
+5. Decrypt the log using the [SSH Logging CLI](https://github.com/cloudflare/ssh-log-cli/).
+
+## Explanation of the fields
+
+| Field | Description |
+| -------------------------- | ----------------------------------------------------------------------------------------------- |
+| **Session ID** | Unique identifier for the SSH session. |
+| **User email** | Email address of the user who initiated the SSH session. |
+| **Target ID** | Identifier of the infrastructure target being accessed. |
+| **Client address** | Source IP address of the SSH connection. |
+| **Server address** | Destination IP address of the SSH server. |
+| **Session start datetime** | Timestamp when the SSH session started. |
+| **Session finish datetime**| Timestamp when the SSH session ended. |
+| **Program type** | Type of SSH program (`shell`, `exec`, `x11`, `direct-tcpip`, or `forwarded-tcpip`). |
+| **Payload** | Captured request/response data in asciicast v2 format, including commands for `exec` programs. |
+| **Error** | SSH error message, if an error occurred. |
+
+## Export SSH logs with Logpush
+
+Enterprise users can export SSH command logs using [Logpush](/cloudflare-one/insights/logs/logpush/). Logpush payloads are not encrypted with a customer-provided public key.
+
+For a list of all available fields, refer to [SSH Logs](/logs/logpush/logpush-job/datasets/account/ssh_logs/).
diff --git a/src/content/docs/cloudflare-one/insights/logs/tunnel-audit-logs.mdx b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/tunnel-audit-logs.mdx
similarity index 93%
rename from src/content/docs/cloudflare-one/insights/logs/tunnel-audit-logs.mdx
rename to src/content/docs/cloudflare-one/insights/logs/dashboard-logs/tunnel-audit-logs.mdx
index 4e449e54ed26139..cabad7912b69131 100644
--- a/src/content/docs/cloudflare-one/insights/logs/tunnel-audit-logs.mdx
+++ b/src/content/docs/cloudflare-one/insights/logs/dashboard-logs/tunnel-audit-logs.mdx
@@ -2,8 +2,8 @@
pcx_content_type: reference
title: Tunnel audit logs
sidebar:
- order: 6
-
+ order: 9
+description: Review Cloudflare Tunnel connection events.
---
Audit logs for Tunnel are available in the [account section of the Cloudflare dashboard](https://dash.cloudflare.com/?account=audit-log) which you can find by selecting your name or email in the upper right-hand corner of the dashboard. The following actions are logged:
diff --git a/src/content/docs/cloudflare-one/insights/logs/enable-logs.mdx b/src/content/docs/cloudflare-one/insights/logs/logpush/email-security-logs.mdx
similarity index 97%
rename from src/content/docs/cloudflare-one/insights/logs/enable-logs.mdx
rename to src/content/docs/cloudflare-one/insights/logs/logpush/email-security-logs.mdx
index 3c10bcbb29e84f0..5e74accd26130aa 100644
--- a/src/content/docs/cloudflare-one/insights/logs/enable-logs.mdx
+++ b/src/content/docs/cloudflare-one/insights/logs/logpush/email-security-logs.mdx
@@ -1,8 +1,8 @@
---
-title: Enable Email security logs
+title: Email security logs
pcx_content_type: how-to
sidebar:
- order: 9
+ order: 1
---
import { DashButton } from "~/components";
diff --git a/src/content/docs/cloudflare-one/insights/logs/use-logpush-with-ids.mdx b/src/content/docs/cloudflare-one/insights/logs/logpush/ids-logs.mdx
similarity index 81%
rename from src/content/docs/cloudflare-one/insights/logs/use-logpush-with-ids.mdx
rename to src/content/docs/cloudflare-one/insights/logs/logpush/ids-logs.mdx
index 040acce5ace2878..659de6023c50df9 100644
--- a/src/content/docs/cloudflare-one/insights/logs/use-logpush-with-ids.mdx
+++ b/src/content/docs/cloudflare-one/insights/logs/logpush/ids-logs.mdx
@@ -1,13 +1,17 @@
---
-title: Use Logpush with IDS
-pcx_content_type: concept
+title: IDS logs
+pcx_content_type: how-to
+sidebar:
+ order: 2
---
-You can use Logpush with Cloudflare Network Firewall IDS to log detected risks:
+You can use Logpush with Cloudflare Network Firewall IDS to log detected risks.
+
+## Set up Logpush for IDS
1. Consult the [Logpush Destination docs](/logs/logpush/logpush-job/api-configuration/#destination) to learn about what destinations Logpush supports. The documentation will also instruct you on how to correctly format the destination URL for Logpush.
-2. Follow the [Manage Lopush with cURL](/logs/logpush/examples/example-logpush-curl/) tutorial to validate your Logpush destination and define a Logpush job.
+2. Follow the [Manage Logpush with cURL](/logs/logpush/examples/example-logpush-curl/) tutorial to validate your Logpush destination and define a Logpush job.
## Notes on using Logpush with IDS
diff --git a/src/content/docs/cloudflare-one/insights/logs/logpush.mdx b/src/content/docs/cloudflare-one/insights/logs/logpush/index.mdx
similarity index 91%
rename from src/content/docs/cloudflare-one/insights/logs/logpush.mdx
rename to src/content/docs/cloudflare-one/insights/logs/logpush/index.mdx
index 732416664256c4a..960e75e677bc272 100644
--- a/src/content/docs/cloudflare-one/insights/logs/logpush.mdx
+++ b/src/content/docs/cloudflare-one/insights/logs/logpush/index.mdx
@@ -4,16 +4,14 @@ title: Logpush integration
tags:
- Logging
sidebar:
- order: 8
+ order: 2
---
-import { GlossaryTooltip, Render } from "~/components";
+import { GlossaryTooltip, Render, DirectoryListing, Plan } from "~/components";
-:::note
-Only available on Enterprise plans.
-:::
+
-With Cloudflare's [Logpush](/logs/logpush/) service, you can configure the automatic export of Zero Trust logs to third-party storage destinations or to third-party security information and event management (SIEM) solutions. Once exported, your team can analyze and audit the data as needed.
+With Cloudflare's [Logpush](/logs/logpush/) service, you can configure the automatic export of Zero Trust logs to third-party storage destinations or to third-party security information and event management (SIEM) solutions. Once exported, your team can analyze and audit the data as needed.
## Export Zero Trust logs with Logpush
@@ -30,7 +28,7 @@ To configure Logpush for Zero Trust logs:
5. Follow the service-specific instructions to configure and validate your destination.
6. Choose the [Zero Trust datasets](#zero-trust-datasets) to export.
7. Enter a **Job name**, any [filters](/logs/logpush/logpush-job/filters/) you would like to add, and the data fields you want to include in the logs.
-8. (Optional) In **Advanced settings**, choose the timestamp format you prefer and whether you want to enable log sampling.
+8. (Optional) In **Advanced settings**, choose the timestamp format you prefer and whether you want to turn on log sampling.
9. Select **Submit**.
The setup of your Logpush integration is now complete. Logpush will send updated logs every five minutes to your selected destination. You can configure multiple destinations and add additional fields to your logs by returning to the **Logpush** page.
@@ -39,7 +37,7 @@ For more information on supported destinations, refer to [Enable destinations](/
## Zero Trust datasets
-Refer to [Logpush datasets](/logs/logpush/logpush-job/datasets/) for a list of all available fields.
+Logpush supports all [dashboard logs](/cloudflare-one/insights/logs/dashboard-logs/) as well as additional datasets not available in the Zero Trust UI. Refer to [Logpush datasets](/logs/logpush/logpush-job/datasets/) for a list of all available fields.
| Dataset | Description |
| ---------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -47,16 +45,16 @@ Refer to [Logpush datasets](/logs/logpush/logpush-job/datasets/) for a list of a
| [Audit Logs](/logs/logpush/logpush-job/datasets/account/audit_logs/) | Authentication events through Cloudflare Access |
| [Browser Isolation User Actions](/logs/logpush/logpush-job/datasets/account/biso_user_actions/) | Data transfer actions performed by a user in the remote browser |
| [CASB Findings](/logs/logpush/logpush-job/datasets/account/casb_findings/) | Security issues detected by Cloudflare CASB |
-| [Device Posture Results](/logs/logpush/logpush-job/datasets/account/device_posture_results/) | Device posture status from the Cloudflare One Client |
-| [DEX Application Tests](/logs/logpush/logpush-job/datasets/account/dex_application_tests/) | Device application synthetic test results from the Cloudflare One Client |
-| [DEX Device State Events](/logs/logpush/logpush-job/datasets/account/dex_device_state_events/) | Device event data like connectivity, CPU usage, and Disk I/O from the Cloudflare One Client |
+| [Device Posture Results](/logs/logpush/logpush-job/datasets/account/device_posture_results/) | Device posture status from the Cloudflare One Client |
+| [DEX Application Tests](/logs/logpush/logpush-job/datasets/account/dex_application_tests/) | Device application synthetic test results from the Cloudflare One Client |
+| [DEX Device State Events](/logs/logpush/logpush-job/datasets/account/dex_device_state_events/) | Device event data like connectivity, CPU usage, and Disk I/O from the Cloudflare One Client |
| [Gateway DNS](/logs/logpush/logpush-job/datasets/account/gateway_dns/) | DNS queries inspected by Cloudflare Gateway |
| [Gateway HTTP](/logs/logpush/logpush-job/datasets/account/gateway_http/) | HTTP requests inspected by Cloudflare Gateway |
| [Gateway Network](/logs/logpush/logpush-job/datasets/account/gateway_network/) | Network packets inspected by Cloudflare Gateway |
| [MCP Portal Logs](/logs/logpush/logpush-job/datasets/account/mcp_portal_logs/) | Requests made through [MCP server portals](/cloudflare-one/access-controls/ai-controls/mcp-portals/) |
| [SSH Logs](/logs/logpush/logpush-job/datasets/account/ssh_logs/) | SSH command logs for [Access for Infrastructure targets](/cloudflare-one/networks/connectors/cloudflare-tunnel/use-cases/ssh/ssh-infrastructure-access/) |
| [WARP Config Changes](/logs/logpush/logpush-job/datasets/account/warp_config_changes/) | Event logs that Cloudflare generates whenever a device changes [profiles](/cloudflare-one/team-and-resources/devices/cloudflare-one-client/configure/device-profiles/) |
-| [WARP Toggle Events](/logs/logpush/logpush-job/datasets/account/warp_toggle_changes/) | Event logs that Cloudflare generates whenever a device toggles the Cloudflare One Client on or off |
+| [WARP Toggle Events](/logs/logpush/logpush-job/datasets/account/warp_toggle_changes/) | Event logs that Cloudflare generates whenever a device toggles the Cloudflare One Client on or off |
| [Zero Trust Network Session Logs](/logs/logpush/logpush-job/datasets/account/zero_trust_network_sessions/) | Network session logs for traffic proxied by Cloudflare Gateway |
## Verify regional map application
@@ -92,3 +90,7 @@ DNS query resource records are available in [Base64-encoded binary format](https
"ResourceRecordsJSON": "[{\"name\":\"www.example.com\",\"type\":\"CNAME\",\"class\":\"IN\",\"ttl\":300,\"rdata\":\"example.com.\"},{\"name\":\"example.com\",\"type\":\"A\",\"class\":\"IN\",\"ttl\":300,\"rdata\":\"203.0.113.0\"}]"
}
```
+
+## Additional Logpush guides
+
+
diff --git a/src/content/docs/cloudflare-one/insights/logs/filter-views.mdx b/src/content/docs/cloudflare-one/insights/logs/logpush/network-firewall-log-filters.mdx
similarity index 98%
rename from src/content/docs/cloudflare-one/insights/logs/filter-views.mdx
rename to src/content/docs/cloudflare-one/insights/logs/logpush/network-firewall-log-filters.mdx
index 6346b3b62d910d7..5bcd831488397ef 100644
--- a/src/content/docs/cloudflare-one/insights/logs/filter-views.mdx
+++ b/src/content/docs/cloudflare-one/insights/logs/logpush/network-firewall-log-filters.mdx
@@ -1,6 +1,8 @@
---
-title: Filter different views
+title: Network Firewall log filters
pcx_content_type: how-to
+sidebar:
+ order: 3
---
import { APIRequest } from "~/components";