+ SIEM consultant (Splunk, Arcsight) , have experience to onboard the logs from various sources like API (cloud & custom), network, database, file system, script inputs to name few
+ CIM mapping to make the logs fit into data model and help in reports, security detection, etc.
+ in order to tackle Cloudflare logs ingestion to Splunk, following steps :
++ use Amazon Logpush to push logs to S3 bucket
++ then use Splunk Add-on for AWS to pull logs in Splunk
For this to be smooth, network connectivity plays important role and S3 bucket should be correctly setup & permissions
Happy to chat further
thanks
Pranav