Skip to content

[Logs] Update Logpush dataset field definitions (2026-06-30)#31820

Open
soheiokamoto wants to merge 1 commit into
productionfrom
sync/log-fields-2026-06-30
Open

[Logs] Update Logpush dataset field definitions (2026-06-30)#31820
soheiokamoto wants to merge 1 commit into
productionfrom
sync/log-fields-2026-06-30

Conversation

@soheiokamoto

Copy link
Copy Markdown
Contributor

Summary

Automated sync of Logpush dataset field definitions from data/entities.

Updated fields in existing datasets

  • Gateway DNS (added): AppliedMaxTTL and UpstreamRecordTTLs.
  • Gateway HTTP (added): Warnings.
  • HTTP requests (added): CacheLockWaitedMs.

Files changed

  • src/content/docs/logs/logpush/logpush-job/datasets/account/ — dataset pages
  • src/content/docs/logs/logpush/logpush-job/datasets/zone/ — dataset pages
  • src/content/changelog/logs/2026-06-30-log-fields-updated.mdx — changelog

Documentation checklist

  • Changelog entry added
  • Content generated by code generator (DO NOT EDIT manually)

@soheiokamoto

Copy link
Copy Markdown
Contributor Author

/bonk please review this automated sync of Logpush dataset field definitions.

Focus on the following:

  1. Changelog quality — is the entry clear, accurate, and useful to end users?

  2. Field description quality — are the descriptions accurate, clear, and complete?

  3. Manual edits at risk of being overwritten — are there any field descriptions that appear
    to have been manually edited directly in cloudflare-docs (e.g. contain context or guidance
    not present in the machine-generated description format)? If so, flag them so the author can
    preserve those edits in the internal source YAML.

@soheiokamoto soheiokamoto requested review from a team and rianvdm as code owners June 30, 2026 21:42
@cloudflare-docs-bot

cloudflare-docs-bot Bot commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

Review

⚠️ 4 warnings found in commit 0216b49.

Code Review

This code review is in beta and may not always be helpful — use your judgment.

Warnings (3)
File Issue
logs/logpush/logpush-job/datasets/account/firewall_events.md line 238 Inaccurate field descriptionOriginResponseStatus is described as "HTTP origin response status code returned to browser", but the origin response status is the status returned by the upstream/origin server to Cloudflare, not to the browser. Fix: Change the description to match the http_requests dataset, e.g. "Status returned by the upstream server" or "HTTP status code returned by the origin server to Cloudflare".
logs/logpush/logpush-job/datasets/zone/http_requests.md line 72 Duplicate field definition — The added ## CacheLockWaitedMs section duplicates an existing ## CacheLockWaitedMs section already present later in the same file (after ## CacheCacheStatus). Fix: Remove the duplicate ## CacheLockWaitedMs section at line 72; keep the existing definition.
logs/logpush/logpush-job/datasets/account/email_security_alerts.md line 52 Invalid DKIM result value — The DKIMResult field lists error as a possible value, but it is not a valid DKIM authentication result per RFC 6376. The valid result values are none, pass, fail, policy, neutral, temperror, and permerror. Fix: Verify the authoritative source for this field; if the backend does emit a value named error, consider documenting it as non-standard or map it to the correct DKIM result terminology.

Conventions

Checks PR title, description, and redirect checklist.

No convention issues found.

Style Guide Review

Warnings (1)
File Issue
changelog/logs/2026-06-30-log-fields-updated.mdx line 9 Headings must be sequential — Body heading uses ### (H3) after the frontmatter title (H1), skipping H2. Fix: Change ### Updated fields in existing datasets to ## Updated fields in existing datasets.

Redirects

No missing redirect entries found.

Commands

Only codeowners can run commands. Post a comment with the command to trigger it.

Command Description
/review Runs a review now. Incremental if a prior review exists, full if not.
/full-review Re-reviews the entire PR diff from scratch, ignoring incremental history. Useful after a rebase, when you want a fresh review, or if the bot gets out of sync and reports issues that no longer exist.
/ignore-review-limit Permanently lifts the 2-review automatic limit for this PR. Future pushes will trigger reviews as normal.
/disable-auto-review Stops automatic reviews from triggering on future pushes to this PR. Codeowners can still run /review or /full-review manually.

@github-actions

Copy link
Copy Markdown
Contributor

This pull request requires reviews from CODEOWNERS as it changes files that match the following patterns:

Pattern Owners
/src/content/changelog/ @cloudflare/pm-changelogs, @cloudflare/product-owners
/src/content/docs/logs/ @soheiokamoto, @angelampcosta, @rianvdm, @dcpena, @cloudflare/product-owners

@ask-bonk

ask-bonk Bot commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

Review of PR #31820

1. Changelog quality

The changelog entry is clear and accurate. It correctly lists the three affected datasets and four new fields. A few minor points:

  • Title is verbose: "Updated fields across multiple Logpush datasets in Cloudflare Logs" repeats "Logs" since the page already lives under /changelog/logs/. Consider shortening to something like "Logpush dataset field definitions updated".
  • Description is generic: "Fields have been updated across multiple Logpush datasets in Cloudflare Logs" doesn't add value beyond the title. A slightly more descriptive sentence (e.g., mentioning new fields for TTL tracking, request warnings, and cache lock timing) would be more useful to readers scanning the changelog.

2. Field description quality

The four new fields have accurate and complete descriptions:

  • AppliedMaxTTL — clearly defines the unit (seconds) and explains the 0 sentinel value.
  • UpstreamRecordTTLs — good one-to-one mapping note and helpful array example.
  • CacheLockWaitedMs — correctly scoped as "maximum time" and "across all cache tiers".
  • Warnings — terse but acceptable for a generic array[string] field.

Minor quality nits (non-blocking):

  • BlockedFileSize in gateway_http.md is missing a space: File size(bytes) should be File size (bytes).
  • Several gateway_http.md descriptions use lowercase "ip" instead of "IP" (Source ip, Destination ip), which is inconsistent with the rest of the docs.

3. Manual edits at risk of being overwritten ⚠️

This is the most important finding. The automated sync has overwritten prior manual documentation improvements in the following places. These should be preserved in the internal source YAML so they aren't lost again in future syncs:

firewall_events.md (account + zone)

  • Datetime field previously included a helpful cross-reference that was removed:

    To specify the timestamp format, refer to [Output types](/logs/logpush/logpush-job/log-output-options/#output-types).

websocket_analytics.md (account + zone)

  • EdgeEndTimestamp and EdgeStartTimestamp previously included the same cross-reference that was removed.

These links are valuable to users because they explain how to interpret the int or string timestamps. Other dataset pages (e.g., email_security_alerts.md, http_requests.md) still retain similar links on their timestamp fields, so this removal is inconsistent as well as a functional regression.

Recommendation: Please add the [Output types](/logs/logpush/logpush-job/log-output-options/#output-types) reference back into the source YAML for:

  • firewall_events.Datetime
  • websocket_analytics.EdgeEndTimestamp
  • websocket_analytics.EdgeStartTimestamp

Other links that survived the sync (e.g., leaked credentials, Rulesets API, Bot Tags, ClientRequestSource) appear to be present in the generator source already — no action needed there.

github run

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants