API Reference

Magic Network Monitoring

Rules

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Create rules

client.MagicNetworkMonitoring.Rules.New(ctx, params) (*MagicNetworkMonitoringRule, error)

POST/accounts/{account_id}/mnm/rules

Create network monitoring rules for account. Currently only supports creating a single rule per API request.

Security

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Magic Network Monitoring Admin

ParametersExpand Collapse

params RuleNewParams

AccountID param.Field[string]Optional

Path param

AutomaticAdvertisement param.Field[bool]

Body param: Toggle on if you would like Cloudflare to automatically advertise the IP Prefixes within the rule via Magic Transit when the rule is triggered. Only available for users of Magic Transit.

Name param.Field[string]

Body param: The name of the rule. Must be unique. Supports characters A-Z, a-z, 0-9, underscore (_), dash (-), period (.), and tilde (~). You can’t have a space in the rule name. Max 256 characters.

Prefixes param.Field[[]string]

Body param

Type param.Field[RuleNewParamsType]

Body param: MNM rule type.

const RuleNewParamsTypeThreshold RuleNewParamsType = "threshold"

const RuleNewParamsTypeZscore RuleNewParamsType = "zscore"

const RuleNewParamsTypeAdvancedDDoS RuleNewParamsType = "advanced_ddos"

BandwidthThreshold param.Field[float64]Optional

Body param: The number of bits per second for the rule. When this value is exceeded for the set duration, an alert notification is sent. Minimum of 1 and no maximum.

minimum1

Duration param.Field[RuleNewParamsDuration]Optional

Body param: The amount of time that the rule threshold must be exceeded to send an alert notification. The final value must be equivalent to one of the following 8 values [“1m”,“5m”,“10m”,“15m”,“20m”,“30m”,“45m”,“60m”].

const RuleNewParamsDuration1m RuleNewParamsDuration = "1m"

const RuleNewParamsDuration5m RuleNewParamsDuration = "5m"

const RuleNewParamsDuration10m RuleNewParamsDuration = "10m"

const RuleNewParamsDuration15m RuleNewParamsDuration = "15m"

const RuleNewParamsDuration20m RuleNewParamsDuration = "20m"

const RuleNewParamsDuration30m RuleNewParamsDuration = "30m"

const RuleNewParamsDuration45m RuleNewParamsDuration = "45m"

const RuleNewParamsDuration60m RuleNewParamsDuration = "60m"

PacketThreshold param.Field[float64]Optional

Body param: The number of packets per second for the rule. When this value is exceeded for the set duration, an alert notification is sent. Minimum of 1 and no maximum.

minimum1

PrefixMatch param.Field[RuleNewParamsPrefixMatch]Optional

Body param: Prefix match type to be applied for a prefix auto advertisement when using an advanced_ddos rule.

const RuleNewParamsPrefixMatchExact RuleNewParamsPrefixMatch = "exact"

const RuleNewParamsPrefixMatchSubnet RuleNewParamsPrefixMatch = "subnet"

const RuleNewParamsPrefixMatchSupernet RuleNewParamsPrefixMatch = "supernet"

ZscoreSensitivity param.Field[RuleNewParamsZscoreSensitivity]Optional

Body param: Level of sensitivity set for zscore rules.

const RuleNewParamsZscoreSensitivityLow RuleNewParamsZscoreSensitivity = "low"

const RuleNewParamsZscoreSensitivityMedium RuleNewParamsZscoreSensitivity = "medium"

const RuleNewParamsZscoreSensitivityHigh RuleNewParamsZscoreSensitivity = "high"

ZscoreTarget param.Field[RuleNewParamsZscoreTarget]Optional

Body param: Target of the zscore rule analysis.

const RuleNewParamsZscoreTargetBits RuleNewParamsZscoreTarget = "bits"

const RuleNewParamsZscoreTargetPackets RuleNewParamsZscoreTarget = "packets"

ReturnsExpand Collapse

type MagicNetworkMonitoringRule struct{…}

ID string

The id of the rule. Must be unique.

AutomaticAdvertisement bool

Toggle on if you would like Cloudflare to automatically advertise the IP Prefixes within the rule via Magic Transit when the rule is triggered. Only available for users of Magic Transit.

Name string

The name of the rule. Must be unique. Supports characters A-Z, a-z, 0-9, underscore (_), dash (-), period (.), and tilde (~). You can’t have a space in the rule name. Max 256 characters.

Prefixes []string

Type MagicNetworkMonitoringRuleType

MNM rule type.

One of the following:

const MagicNetworkMonitoringRuleTypeThreshold MagicNetworkMonitoringRuleType = "threshold"

const MagicNetworkMonitoringRuleTypeZscore MagicNetworkMonitoringRuleType = "zscore"

const MagicNetworkMonitoringRuleTypeAdvancedDDoS MagicNetworkMonitoringRuleType = "advanced_ddos"

BandwidthThreshold float64Optional

The number of bits per second for the rule. When this value is exceeded for the set duration, an alert notification is sent. Minimum of 1 and no maximum.

minimum1

Duration MagicNetworkMonitoringRuleDurationOptional

The amount of time that the rule threshold must be exceeded to send an alert notification. The final value must be equivalent to one of the following 8 values [“1m”,“5m”,“10m”,“15m”,“20m”,“30m”,“45m”,“60m”].

One of the following:

const MagicNetworkMonitoringRuleDuration1m MagicNetworkMonitoringRuleDuration = "1m"

const MagicNetworkMonitoringRuleDuration5m MagicNetworkMonitoringRuleDuration = "5m"

const MagicNetworkMonitoringRuleDuration10m MagicNetworkMonitoringRuleDuration = "10m"

const MagicNetworkMonitoringRuleDuration15m MagicNetworkMonitoringRuleDuration = "15m"

const MagicNetworkMonitoringRuleDuration20m MagicNetworkMonitoringRuleDuration = "20m"

const MagicNetworkMonitoringRuleDuration30m MagicNetworkMonitoringRuleDuration = "30m"

const MagicNetworkMonitoringRuleDuration45m MagicNetworkMonitoringRuleDuration = "45m"

const MagicNetworkMonitoringRuleDuration60m MagicNetworkMonitoringRuleDuration = "60m"

PacketThreshold float64Optional

The number of packets per second for the rule. When this value is exceeded for the set duration, an alert notification is sent. Minimum of 1 and no maximum.

minimum1

PrefixMatch MagicNetworkMonitoringRulePrefixMatchOptional

Prefix match type to be applied for a prefix auto advertisement when using an advanced_ddos rule.

One of the following:

const MagicNetworkMonitoringRulePrefixMatchExact MagicNetworkMonitoringRulePrefixMatch = "exact"

const MagicNetworkMonitoringRulePrefixMatchSubnet MagicNetworkMonitoringRulePrefixMatch = "subnet"

const MagicNetworkMonitoringRulePrefixMatchSupernet MagicNetworkMonitoringRulePrefixMatch = "supernet"

ZscoreSensitivity MagicNetworkMonitoringRuleZscoreSensitivityOptional

Level of sensitivity set for zscore rules.

One of the following:

const MagicNetworkMonitoringRuleZscoreSensitivityLow MagicNetworkMonitoringRuleZscoreSensitivity = "low"

const MagicNetworkMonitoringRuleZscoreSensitivityMedium MagicNetworkMonitoringRuleZscoreSensitivity = "medium"

const MagicNetworkMonitoringRuleZscoreSensitivityHigh MagicNetworkMonitoringRuleZscoreSensitivity = "high"

ZscoreTarget MagicNetworkMonitoringRuleZscoreTargetOptional

Target of the zscore rule analysis.

One of the following:

const MagicNetworkMonitoringRuleZscoreTargetBits MagicNetworkMonitoringRuleZscoreTarget = "bits"

const MagicNetworkMonitoringRuleZscoreTargetPackets MagicNetworkMonitoringRuleZscoreTarget = "packets"

Create rules

Go

HTTP

TypeScript

Python

Go

Terraform

package main

import (
  "context"
  "fmt"

  "github.com/cloudflare/cloudflare-go"
  "github.com/cloudflare/cloudflare-go/magic_network_monitoring"
  "github.com/cloudflare/cloudflare-go/option"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
    option.WithAPIEmail("user@example.com"),
  )
  magicNetworkMonitoringRule, err := client.MagicNetworkMonitoring.Rules.New(context.TODO(), magic_network_monitoring.RuleNewParams{
    AccountID: cloudflare.F("6f91088a406011ed95aed352566e8d4c"),
    AutomaticAdvertisement: cloudflare.F(true),
    Name: cloudflare.F("my_rule_1"),
    Prefixes: cloudflare.F([]string{"203.0.113.1/32"}),
    Type: cloudflare.F(magic_network_monitoring.RuleNewParamsTypeZscore),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", magicNetworkMonitoringRule.ID)
}

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "id": "2890e6fa406311ed9b5a23f70f6fb8cf",
    "automatic_advertisement": true,
    "name": "my_rule_1",
    "prefixes": [
      "203.0.113.1/32"
    ],
    "type": "zscore",
    "bandwidth_threshold": 1000,
    "duration": "1m",
    "packet_threshold": 10000,
    "prefix_match": "exact",
    "zscore_sensitivity": "high",
    "zscore_target": "bits"
  },
  "success": true
}

Returns Examples

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "id": "2890e6fa406311ed9b5a23f70f6fb8cf",
    "automatic_advertisement": true,
    "name": "my_rule_1",
    "prefixes": [
      "203.0.113.1/32"
    ],
    "type": "zscore",
    "bandwidth_threshold": 1000,
    "duration": "1m",
    "packet_threshold": 10000,
    "prefix_match": "exact",
    "zscore_sensitivity": "high",
    "zscore_target": "bits"
  },
  "success": true
}