Audit RFI history offline with CSV export
A CSV export makes RFI history portable. That matters when the data needs to leave the dashboard and sit in a spreadsheet, reporting tool, or audit folder where it can be filtered, sorted, and kept alongside other records.
The export is tied to Cloudflare Security Center’s Threat Intelligence area and the Requests for Information view. For Cloudforce One subscribers, the RFI history can be exported for use in external tools, custom reporting, internal auditing, and cross-referencing with other security work.
Pull the RFI history out of Security Center
The Requests for Information view lives in Threat Intelligence within the Cloudflare dashboard. That is the place to check when you need the history rather than a single live request.
A CSV export gives you a static copy of that history. Keep the file in a controlled location if it is going to sit beside incident notes or audit evidence. Raw exports tend to outlive the dashboard session that produced them, which is the whole point.
Find the Requests for Information view in Threat Intelligence
Use the Threat Intelligence section in the Cloudflare dashboard and open Requests for Information. That view holds the request history you want to export, not a loose pile of unrelated security data.
When RFI volume is high, the view can feel awkward to scan. Cloudflare also added adjustable page density for the RFI dashboard, with options to load 10, 25, or 50 records per page. Fewer page turns makes it easier to find the request you want without wasting time on the usual dashboard faff.
Export the history as a CSV and keep the fields that matter
Export the RFI history as CSV and keep the columns you actually need. For audit work, that usually means request identifiers, dates, status, and any fields that help you match the entry to an incident or investigation record.
Do not treat the export as a pretty report. It is a working file. Trim anything that adds noise and keep the data shape simple enough that it can be compared later without guesswork.
Use the export for offline audit work
Offline review is useful when access to the dashboard is limited, when you need to preserve a point-in-time record, or when several sources need to be checked side by side. A CSV is easier to move into a spreadsheet or internal reporting tool than a screen full of filtered results.
That also helps with data portability. Once the file is out, it can sit next to ticket histories, incident timelines, and other threat intelligence history without depending on Cloudflare’s interface.
Open the file in a spreadsheet or internal reporting tool
A spreadsheet is usually enough for quick sorting, filtering, and notes. If the RFI history is being fed into a wider reporting process, import the CSV into whatever internal tool already handles security records.
Use the file as a reference copy, not as the only source of truth. Dashboards change views; files do not, at least not unless someone edits them badly.
Cross-check entries against incident notes and other threat intelligence history
Match RFI entries against incident notes, response timelines, and any other threat intelligence history you already keep. The point is to catch gaps, duplicates, and mismatched dates before they turn into a tidy little audit headache.
If an RFI record looks out of place, check whether it lines up with the incident that triggered it, the request status, and any follow-up actions recorded elsewhere. The CSV export makes that kind of cross-reference much less painful than jumping between views in the dashboard.



