Logs tell you what each request did; Reports tell you the story of your traffic as a whole. The Reports tab rolls up the last 24 hours of edge activity into a handful of clear tables and totals, so you can answer the questions that actually matter — how busy is my site, where are visitors coming from, which pages are popular, and is anything being blocked — without reading a single raw log line.
Where the numbers come from
Every request to your site passes through Cloudflare’s global edge before it reaches the server. Reports reads the analytics Cloudflare records at that edge, so the figures cover real visitors worldwide — including requests served from cache that never touched your origin. The view always reflects the most recent 24 hours and refreshes whenever you open the tab. Nothing is installed on your site and no tracking script is added; this is server-side data, so it counts bots and humans alike and is not affected by ad-blockers.
The 24-hour summary
Three headline numbers sit at the top of the page:
- Requests — the total number of requests served in the last day. A useful pulse for spotting a traffic spike or an unusually quiet period.
- Bandwidth — how much data your site sent. A sudden jump usually means large media, an uncached asset, or a scraper pulling pages in bulk.
- WAF events — how many requests the firewall flagged. A handful is normal background noise; a sharp rise is worth investigating in the security log.
Who is visiting
Three tables describe your audience. Top Visitor IPs lists the most active client addresses, which is handy for spotting a single source hammering your site. Top Countries shows where traffic originates, telling you whether your audience matches your market and whether a CDN edge close to them matters. Top User Agents reveals the browsers and bots hitting your site, so you can tell genuine visitors from crawlers at a glance.
What they are requesting
Top Requested Paths ranks the URLs people actually open. This is your real popularity chart: it shows which posts, products, and assets carry your traffic, and it often surfaces a surprise — an old page still pulling visitors, or an endpoint being polled far more than you expected.
Response status codes
The Response Status Codes table shows the mix of HTTP statuses your site returned, grouped so the health of your site is obvious at a glance:
| Code | Means | What to do |
|---|---|---|
| 2xx | Success — the page was served | Nothing; this is what you want to see most |
| 3xx | Redirect | Expected for www/HTTPS and old URLs; a flood can mean a redirect loop |
| 4xx | Client error (404, 403…) | Hunt down broken links and missing assets, then add redirects |
| 5xx | Server error | Check the Errors log — a plugin, PHP error, or resource limit is usually behind it |
Firewall events by action
The WAF Events by Action table breaks down how the firewall handled the requests it flagged — typically allow, managed challenge, or block. A steady trickle of challenges and blocks is the firewall quietly doing its job. A sudden surge from one country or user agent is a sign you may want to tighten protection on the Security tab.
Reports or Logs — which do I use?
Reach for Reports when you want the big picture: totals and top-N tables that summarise the day. Switch to Logs when you need the detail behind a number — the individual requests, their exact timestamps, and the visitor and user-agent on each one. A common workflow is to notice something odd in Reports (a spike in 4xx, an unfamiliar country) and then open Logs to see the exact requests behind it.
Tips & tricks
- Check Reports after a launch or campaign. A glance at Requests and Top Paths tells you instantly whether the traffic landed where you intended.
- Watch bandwidth, not just requests. A modest request count with huge bandwidth points to oversized media worth optimising.
- Let the numbers guide caching. Your busiest paths are exactly the ones to cache first.
- Treat a country or IP spike as a prompt. If one source dominates, open Logs to inspect it and the Security tab to act on it.
Frequently asked
How far back does Reports go?
The summary and tables always cover the most recent 24 hours. For older, ongoing trends, enable email reports on the Monitoring tab to get a periodic snapshot delivered to your inbox.
Do I need to add a tracking script?
No. Reports uses Cloudflare’s edge analytics, so there is nothing to install and nothing that slows your pages down. It also sees bots and cached hits that a page-level analytics script would miss.
Why are my Reports numbers higher than my analytics plugin?
Because this is server-side data. It counts every request — bots, crawlers, and cached responses included — whereas a JavaScript analytics tool only counts real browsers that run its script.
Leave a Reply