# Cloudforce One

# Scans

# Results

## Get the Latest Scan Result

`client.cloudforceOne.scans.results.get(stringconfigId, ResultGetParamsparams, RequestOptionsoptions?): ResultGetResponse`

**get** `/accounts/{account_id}/cloudforce-one/scans/results/{config_id}`

Get the Latest Scan Result

### Parameters

- `configId: string`

  Defines the Config ID.

- `params: ResultGetParams`

  - `account_id: string`

    Defines the Account ID.

### Returns

- `ResultGetResponse`

  - `"1.1.1.1": Array<ScanResult>`

    - `number?: number`

    - `proto?: string`

    - `status?: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const result = await client.cloudforceOne.scans.results.get('config_id', {
  account_id: 'account_id',
});

console.log(result['1.1.1.1']);
```

#### Response

```json
{
  "errors": [
    "string"
  ],
  "messages": [
    "string"
  ],
  "result": {
    "1.1.1.1": [
      {
        "number": 8080,
        "proto": "tcp",
        "status": "open"
      }
    ]
  },
  "success": true
}
```

## Domain Types

### Scan Result

- `ScanResult`

  - `number?: number`

  - `proto?: string`

  - `status?: string`

### Result Get Response

- `ResultGetResponse`

  - `"1.1.1.1": Array<ScanResult>`

    - `number?: number`

    - `proto?: string`

    - `status?: string`

# Config

## List Scan Configs

`client.cloudforceOne.scans.config.list(ConfigListParamsparams, RequestOptionsoptions?): SinglePage<ConfigListResponse>`

**get** `/accounts/{account_id}/cloudforce-one/scans/config`

List Scan Configs

### Parameters

- `params: ConfigListParams`

  - `account_id: string`

    Defines the Account ID.

### Returns

- `ConfigListResponse`

  - `id: string`

    Defines the Config ID.

  - `account_id: string`

  - `frequency: number`

    Defines the number of days between each scan (0 = One-off scan).

  - `ips: Array<string>`

    Defines a list of IP addresses or CIDR blocks to scan. The maximum number of total IP addresses allowed is 5000.

  - `ports: Array<string>`

    Defines a list of ports to scan. Valid values are:"default", "all", or a comma-separated list of ports or range of ports (e.g. ["1-80", "443"]). "default" scans the 100 most commonly open ports.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

// Automatically fetches more pages as needed.
for await (const configListResponse of client.cloudforceOne.scans.config.list({
  account_id: 'account_id',
})) {
  console.log(configListResponse.id);
}
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": [
    {
      "id": "uuid",
      "account_id": "abcd1234abcd1234abcd1234abcd1234",
      "frequency": 7,
      "ips": [
        "1.1.1.1",
        "2606:4700:4700::1111"
      ],
      "ports": [
        "default"
      ]
    }
  ]
}
```

## Create a new Scan Config

`client.cloudforceOne.scans.config.create(ConfigCreateParamsparams, RequestOptionsoptions?): ConfigCreateResponse`

**post** `/accounts/{account_id}/cloudforce-one/scans/config`

Create a new Scan Config

### Parameters

- `params: ConfigCreateParams`

  - `account_id: string`

    Path param: Defines the Account ID.

  - `ips: Array<string>`

    Body param: Defines a list of IP addresses or CIDR blocks to scan. The maximum number of total IP addresses allowed is 5000.

  - `frequency?: number`

    Body param: Defines the number of days between each scan (0 = One-off scan).

  - `ports?: Array<string>`

    Body param: Defines a list of ports to scan. Valid values are:"default", "all", or a comma-separated list of ports or range of ports (e.g. ["1-80", "443"]). "default" scans the 100 most commonly open ports.

### Returns

- `ConfigCreateResponse`

  - `id: string`

    Defines the Config ID.

  - `account_id: string`

  - `frequency: number`

    Defines the number of days between each scan (0 = One-off scan).

  - `ips: Array<string>`

    Defines a list of IP addresses or CIDR blocks to scan. The maximum number of total IP addresses allowed is 5000.

  - `ports: Array<string>`

    Defines a list of ports to scan. Valid values are:"default", "all", or a comma-separated list of ports or range of ports (e.g. ["1-80", "443"]). "default" scans the 100 most commonly open ports.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const config = await client.cloudforceOne.scans.config.create({
  account_id: 'account_id',
  ips: ['1.1.1.1', '2606:4700:4700::1111'],
});

console.log(config.id);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "uuid",
    "account_id": "abcd1234abcd1234abcd1234abcd1234",
    "frequency": 7,
    "ips": [
      "1.1.1.1",
      "2606:4700:4700::1111"
    ],
    "ports": [
      "default"
    ]
  }
}
```

## Update an existing Scan Config

`client.cloudforceOne.scans.config.edit(stringconfigId, ConfigEditParamsparams, RequestOptionsoptions?): ConfigEditResponse`

**patch** `/accounts/{account_id}/cloudforce-one/scans/config/{config_id}`

Update an existing Scan Config

### Parameters

- `configId: string`

  Defines the Config ID.

- `params: ConfigEditParams`

  - `account_id: string`

    Path param: Defines the Account ID.

  - `frequency?: number`

    Body param: Defines the number of days between each scan (0 = One-off scan).

  - `ips?: Array<string>`

    Body param: Defines a list of IP addresses or CIDR blocks to scan. The maximum number of total IP addresses allowed is 5000.

  - `ports?: Array<string>`

    Body param: Defines a list of ports to scan. Valid values are:"default", "all", or a comma-separated list of ports or range of ports (e.g. ["1-80", "443"]). "default" scans the 100 most commonly open ports.

### Returns

- `ConfigEditResponse`

  - `id: string`

    Defines the Config ID.

  - `account_id: string`

  - `frequency: number`

    Defines the number of days between each scan (0 = One-off scan).

  - `ips: Array<string>`

    Defines a list of IP addresses or CIDR blocks to scan. The maximum number of total IP addresses allowed is 5000.

  - `ports: Array<string>`

    Defines a list of ports to scan. Valid values are:"default", "all", or a comma-separated list of ports or range of ports (e.g. ["1-80", "443"]). "default" scans the 100 most commonly open ports.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const response = await client.cloudforceOne.scans.config.edit('config_id', {
  account_id: 'account_id',
});

console.log(response.id);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "uuid",
    "account_id": "abcd1234abcd1234abcd1234abcd1234",
    "frequency": 7,
    "ips": [
      "1.1.1.1",
      "2606:4700:4700::1111"
    ],
    "ports": [
      "default"
    ]
  }
}
```

## Delete a Scan Config

`client.cloudforceOne.scans.config.delete(stringconfigId, ConfigDeleteParamsparams, RequestOptionsoptions?): ConfigDeleteResponse`

**delete** `/accounts/{account_id}/cloudforce-one/scans/config/{config_id}`

Delete a Scan Config

### Parameters

- `configId: string`

  Defines the Config ID.

- `params: ConfigDeleteParams`

  - `account_id: string`

    Defines the Account ID.

### Returns

- `ConfigDeleteResponse = unknown`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const config = await client.cloudforceOne.scans.config.delete('config_id', {
  account_id: 'account_id',
});

console.log(config);
```

#### Response

```json
{
  "errors": [
    "string"
  ],
  "messages": [
    "string"
  ],
  "result": {},
  "success": true
}
```

## Domain Types

### Config List Response

- `ConfigListResponse`

  - `id: string`

    Defines the Config ID.

  - `account_id: string`

  - `frequency: number`

    Defines the number of days between each scan (0 = One-off scan).

  - `ips: Array<string>`

    Defines a list of IP addresses or CIDR blocks to scan. The maximum number of total IP addresses allowed is 5000.

  - `ports: Array<string>`

    Defines a list of ports to scan. Valid values are:"default", "all", or a comma-separated list of ports or range of ports (e.g. ["1-80", "443"]). "default" scans the 100 most commonly open ports.

### Config Create Response

- `ConfigCreateResponse`

  - `id: string`

    Defines the Config ID.

  - `account_id: string`

  - `frequency: number`

    Defines the number of days between each scan (0 = One-off scan).

  - `ips: Array<string>`

    Defines a list of IP addresses or CIDR blocks to scan. The maximum number of total IP addresses allowed is 5000.

  - `ports: Array<string>`

    Defines a list of ports to scan. Valid values are:"default", "all", or a comma-separated list of ports or range of ports (e.g. ["1-80", "443"]). "default" scans the 100 most commonly open ports.

### Config Edit Response

- `ConfigEditResponse`

  - `id: string`

    Defines the Config ID.

  - `account_id: string`

  - `frequency: number`

    Defines the number of days between each scan (0 = One-off scan).

  - `ips: Array<string>`

    Defines a list of IP addresses or CIDR blocks to scan. The maximum number of total IP addresses allowed is 5000.

  - `ports: Array<string>`

    Defines a list of ports to scan. Valid values are:"default", "all", or a comma-separated list of ports or range of ports (e.g. ["1-80", "443"]). "default" scans the 100 most commonly open ports.

### Config Delete Response

- `ConfigDeleteResponse = unknown`

# Binary Storage

## Retrieves a file from Binary Storage

`client.cloudforceOne.binaryStorage.get(stringhash, BinaryStorageGetParamsparams, RequestOptionsoptions?): void`

**get** `/accounts/{account_id}/cloudforce-one/binary/{hash}`

Retrieves a file from Binary Storage

### Parameters

- `hash: string`

  hash of the binary

- `params: BinaryStorageGetParams`

  - `account_id: string`

    Account ID.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

await client.cloudforceOne.binaryStorage.get('hash', { account_id: 'account_id' });
```

## Posts a file to Binary Storage

`client.cloudforceOne.binaryStorage.create(BinaryStorageCreateParamsparams, RequestOptionsoptions?): BinaryStorageCreateResponse`

**post** `/accounts/{account_id}/cloudforce-one/binary`

Posts a file to Binary Storage

### Parameters

- `params: BinaryStorageCreateParams`

  - `account_id: string`

    Path param: Account ID.

  - `file: Uploadable`

    Body param: The binary file content to upload.

### Returns

- `BinaryStorageCreateResponse`

  - `content_type: string`

  - `md5: string`

  - `sha1: string`

  - `sha256: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const binaryStorage = await client.cloudforceOne.binaryStorage.create({
  account_id: 'account_id',
  file: fs.createReadStream('path/to/file'),
});

console.log(binaryStorage.content_type);
```

#### Response

```json
{
  "content_type": "text/plain",
  "md5": "5d84ade76d2a8387c81175bb0cbe6492",
  "sha1": "9aff6879626d957eafadda044e4f879aae1e7278",
  "sha256": "0000a7f2692ef479e2e3d02661568882cadec451cc8a64d4e7faca29810cd626"
}
```

## Domain Types

### Binary Storage Create Response

- `BinaryStorageCreateResponse`

  - `content_type: string`

  - `md5: string`

  - `sha1: string`

  - `sha256: string`

# Requests

## List Requests

`client.cloudforceOne.requests.list(RequestListParamsparams, RequestOptionsoptions?): SinglePage<ListItem>`

**post** `/accounts/{account_id}/cloudforce-one/requests`

List Requests

### Parameters

- `params: RequestListParams`

  - `account_id: string`

    Path param: Identifier.

  - `page: number`

    Body param: Page number of results.

  - `per_page: number`

    Body param: Number of results per page.

  - `completed_after?: string`

    Body param: Retrieve requests completed after this time.

  - `completed_before?: string`

    Body param: Retrieve requests completed before this time.

  - `created_after?: string`

    Body param: Retrieve requests created after this time.

  - `created_before?: string`

    Body param: Retrieve requests created before this time.

  - `request_type?: string`

    Body param: Requested information from request.

  - `sort_by?: string`

    Body param: Field to sort results by.

  - `sort_order?: "asc" | "desc"`

    Body param: Sort order (asc or desc).

    - `"asc"`

    - `"desc"`

  - `status?: "open" | "accepted" | "reported" | 3 more`

    Body param: Request Status.

    - `"open"`

    - `"accepted"`

    - `"reported"`

    - `"approved"`

    - `"completed"`

    - `"declined"`

### Returns

- `ListItem`

  - `id: string`

    UUID.

  - `created: string`

    Request creation time.

  - `priority: "routine" | "high" | "urgent"`

    - `"routine"`

    - `"high"`

    - `"urgent"`

  - `request: string`

    Requested information from request.

  - `summary: string`

    Brief description of the request.

  - `tlp: "clear" | "amber" | "amber-strict" | 2 more`

    The CISA defined Traffic Light Protocol (TLP).

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

  - `updated: string`

    Request last updated time.

  - `completed?: string`

    Request completion time.

  - `message_tokens?: number`

    Tokens for the request messages.

  - `readable_id?: string`

    Readable Request ID.

  - `status?: "open" | "accepted" | "reported" | 3 more`

    Request Status.

    - `"open"`

    - `"accepted"`

    - `"reported"`

    - `"approved"`

    - `"completed"`

    - `"declined"`

  - `tokens?: number`

    Tokens for the request.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

// Automatically fetches more pages as needed.
for await (const listItem of client.cloudforceOne.requests.list({
  account_id: '023e105f4ecef8ad9ca31a8372d0c353',
  page: 0,
  per_page: 10,
})) {
  console.log(listItem.id);
}
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": [
    {
      "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
      "created": "2022-04-01T00:00:00Z",
      "priority": "routine",
      "request": "Victomology",
      "summary": "DoS attack",
      "tlp": "clear",
      "updated": "2022-04-01T00:00:00Z",
      "completed": "2024-01-01T00:00:00Z",
      "message_tokens": 16,
      "readable_id": "RFI-2022-000001",
      "status": "open",
      "tokens": 0
    }
  ]
}
```

## Get a Request

`client.cloudforceOne.requests.get(stringrequestId, RequestGetParamsparams, RequestOptionsoptions?): Item`

**get** `/accounts/{account_id}/cloudforce-one/requests/{request_id}`

Get a Request

### Parameters

- `requestId: string`

  UUID.

- `params: RequestGetParams`

  - `account_id: string`

    Identifier.

### Returns

- `Item`

  - `id: string`

    UUID.

  - `content: string`

    Request content.

  - `created: string`

  - `priority: string`

  - `request: string`

    Requested information from request.

  - `summary: string`

    Brief description of the request.

  - `tlp: "clear" | "amber" | "amber-strict" | 2 more`

    The CISA defined Traffic Light Protocol (TLP).

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

  - `updated: string`

  - `completed?: string`

  - `message_tokens?: number`

    Tokens for the request messages.

  - `readable_id?: string`

    Readable Request ID.

  - `status?: "open" | "accepted" | "reported" | 3 more`

    Request Status.

    - `"open"`

    - `"accepted"`

    - `"reported"`

    - `"approved"`

    - `"completed"`

    - `"declined"`

  - `tokens?: number`

    Tokens for the request.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const item = await client.cloudforceOne.requests.get('f174e90a-fafe-4643-bbbc-4a0ed4fc8415', {
  account_id: '023e105f4ecef8ad9ca31a8372d0c353',
});

console.log(item.id);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    "content": "What regions were most effected by the recent DoS?",
    "created": "2022-04-01T05:20:00Z",
    "priority": "2022-04-01T05:20:00Z",
    "request": "Victomology",
    "summary": "DoS attack",
    "tlp": "clear",
    "updated": "2022-04-01T05:20:00Z",
    "completed": "2022-04-01T05:20:00Z",
    "message_tokens": 1,
    "readable_id": "RFI-2022-000001",
    "status": "open",
    "tokens": 16
  }
}
```

## Create a New Request.

`client.cloudforceOne.requests.create(RequestCreateParamsparams, RequestOptionsoptions?): Item`

**post** `/accounts/{account_id}/cloudforce-one/requests/new`

Creating a request adds the request into the Cloudforce One queue for analysis. In addition to the content, a short title, type, priority, and releasability should be provided. If one is not provided, a default will be assigned.

### Parameters

- `params: RequestCreateParams`

  - `account_id: string`

    Path param: Identifier.

  - `content?: string`

    Body param: Request content.

  - `priority?: string`

    Body param: Priority for analyzing the request.

  - `request_type?: string`

    Body param: Requested information from request.

  - `summary?: string`

    Body param: Brief description of the request.

  - `tlp?: "clear" | "amber" | "amber-strict" | 2 more`

    Body param: The CISA defined Traffic Light Protocol (TLP).

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

### Returns

- `Item`

  - `id: string`

    UUID.

  - `content: string`

    Request content.

  - `created: string`

  - `priority: string`

  - `request: string`

    Requested information from request.

  - `summary: string`

    Brief description of the request.

  - `tlp: "clear" | "amber" | "amber-strict" | 2 more`

    The CISA defined Traffic Light Protocol (TLP).

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

  - `updated: string`

  - `completed?: string`

  - `message_tokens?: number`

    Tokens for the request messages.

  - `readable_id?: string`

    Readable Request ID.

  - `status?: "open" | "accepted" | "reported" | 3 more`

    Request Status.

    - `"open"`

    - `"accepted"`

    - `"reported"`

    - `"approved"`

    - `"completed"`

    - `"declined"`

  - `tokens?: number`

    Tokens for the request.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const item = await client.cloudforceOne.requests.create({
  account_id: '023e105f4ecef8ad9ca31a8372d0c353',
});

console.log(item.id);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    "content": "What regions were most effected by the recent DoS?",
    "created": "2022-04-01T05:20:00Z",
    "priority": "2022-04-01T05:20:00Z",
    "request": "Victomology",
    "summary": "DoS attack",
    "tlp": "clear",
    "updated": "2022-04-01T05:20:00Z",
    "completed": "2022-04-01T05:20:00Z",
    "message_tokens": 1,
    "readable_id": "RFI-2022-000001",
    "status": "open",
    "tokens": 16
  }
}
```

## Update a Request

`client.cloudforceOne.requests.update(stringrequestId, RequestUpdateParamsparams, RequestOptionsoptions?): Item`

**put** `/accounts/{account_id}/cloudforce-one/requests/{request_id}`

Updating a request alters the request in the Cloudforce One queue. This API may be used to update any attributes of the request after the initial submission. Only fields that you choose to update need to be add to the request body.

### Parameters

- `requestId: string`

  UUID.

- `params: RequestUpdateParams`

  - `account_id: string`

    Path param: Identifier.

  - `content?: string`

    Body param: Request content.

  - `priority?: string`

    Body param: Priority for analyzing the request.

  - `request_type?: string`

    Body param: Requested information from request.

  - `summary?: string`

    Body param: Brief description of the request.

  - `tlp?: "clear" | "amber" | "amber-strict" | 2 more`

    Body param: The CISA defined Traffic Light Protocol (TLP).

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

### Returns

- `Item`

  - `id: string`

    UUID.

  - `content: string`

    Request content.

  - `created: string`

  - `priority: string`

  - `request: string`

    Requested information from request.

  - `summary: string`

    Brief description of the request.

  - `tlp: "clear" | "amber" | "amber-strict" | 2 more`

    The CISA defined Traffic Light Protocol (TLP).

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

  - `updated: string`

  - `completed?: string`

  - `message_tokens?: number`

    Tokens for the request messages.

  - `readable_id?: string`

    Readable Request ID.

  - `status?: "open" | "accepted" | "reported" | 3 more`

    Request Status.

    - `"open"`

    - `"accepted"`

    - `"reported"`

    - `"approved"`

    - `"completed"`

    - `"declined"`

  - `tokens?: number`

    Tokens for the request.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const item = await client.cloudforceOne.requests.update('f174e90a-fafe-4643-bbbc-4a0ed4fc8415', {
  account_id: '023e105f4ecef8ad9ca31a8372d0c353',
});

console.log(item.id);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    "content": "What regions were most effected by the recent DoS?",
    "created": "2022-04-01T05:20:00Z",
    "priority": "2022-04-01T05:20:00Z",
    "request": "Victomology",
    "summary": "DoS attack",
    "tlp": "clear",
    "updated": "2022-04-01T05:20:00Z",
    "completed": "2022-04-01T05:20:00Z",
    "message_tokens": 1,
    "readable_id": "RFI-2022-000001",
    "status": "open",
    "tokens": 16
  }
}
```

## Delete a Request

`client.cloudforceOne.requests.delete(stringrequestId, RequestDeleteParamsparams, RequestOptionsoptions?): RequestDeleteResponse`

**delete** `/accounts/{account_id}/cloudforce-one/requests/{request_id}`

Delete a Request

### Parameters

- `requestId: string`

  UUID.

- `params: RequestDeleteParams`

  - `account_id: string`

    Identifier.

### Returns

- `RequestDeleteResponse`

  - `errors: Array<Error>`

    - `code: number`

    - `message: string`

    - `documentation_url?: string`

    - `source?: Source`

      - `pointer?: string`

  - `messages: Array<Message>`

    - `code: number`

    - `message: string`

    - `documentation_url?: string`

    - `source?: Source`

      - `pointer?: string`

  - `success: true`

    Whether the API call was successful.

    - `true`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const request = await client.cloudforceOne.requests.delete('f174e90a-fafe-4643-bbbc-4a0ed4fc8415', {
  account_id: '023e105f4ecef8ad9ca31a8372d0c353',
});

console.log(request.errors);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true
}
```

## Get Request Quota

`client.cloudforceOne.requests.quota(RequestQuotaParamsparams, RequestOptionsoptions?): Quota`

**get** `/accounts/{account_id}/cloudforce-one/requests/quota`

Get Request Quota

### Parameters

- `params: RequestQuotaParams`

  - `account_id: string`

    Identifier.

### Returns

- `Quota`

  - `anniversary_date?: string`

    Anniversary date is when annual quota limit is refreshed.

  - `quarter_anniversary_date?: string`

    Quarter anniversary date is when quota limit is refreshed each quarter.

  - `quota?: number`

    Tokens for the quarter.

  - `remaining?: number`

    Tokens remaining for the quarter.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const quota = await client.cloudforceOne.requests.quota({
  account_id: '023e105f4ecef8ad9ca31a8372d0c353',
});

console.log(quota.anniversary_date);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "anniversary_date": "2022-04-01T00:00:00Z",
    "quarter_anniversary_date": "2022-04-01T00:00:00Z",
    "quota": 120,
    "remaining": 64
  }
}
```

## Get Request Types

`client.cloudforceOne.requests.types(RequestTypesParamsparams, RequestOptionsoptions?): SinglePage<RequestTypesResponse>`

**get** `/accounts/{account_id}/cloudforce-one/requests/types`

Get Request Types

### Parameters

- `params: RequestTypesParams`

  - `account_id: string`

    Identifier.

### Returns

- `RequestTypesResponse = string`

  Request Types.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

// Automatically fetches more pages as needed.
for await (const requestTypesResponse of client.cloudforceOne.requests.types({
  account_id: '023e105f4ecef8ad9ca31a8372d0c353',
})) {
  console.log(requestTypesResponse);
}
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": [
    "Indicators of Compromise",
    "Victomology"
  ]
}
```

## Get Request Priority, Status, and TLP constants

`client.cloudforceOne.requests.constants(RequestConstantsParamsparams, RequestOptionsoptions?): RequestConstants`

**get** `/accounts/{account_id}/cloudforce-one/requests/constants`

Get Request Priority, Status, and TLP constants

### Parameters

- `params: RequestConstantsParams`

  - `account_id: string`

    Identifier.

### Returns

- `RequestConstants`

  - `priority?: Array<"routine" | "high" | "urgent">`

    - `"routine"`

    - `"high"`

    - `"urgent"`

  - `status?: Array<"open" | "accepted" | "reported" | 3 more>`

    - `"open"`

    - `"accepted"`

    - `"reported"`

    - `"approved"`

    - `"completed"`

    - `"declined"`

  - `tlp?: Array<"clear" | "amber" | "amber-strict" | 2 more>`

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const requestConstants = await client.cloudforceOne.requests.constants({
  account_id: '023e105f4ecef8ad9ca31a8372d0c353',
});

console.log(requestConstants.priority);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "priority": [
      "routine",
      "high",
      "urgent"
    ],
    "status": [
      "open",
      "accepted",
      "reported",
      "approved",
      "completed",
      "declined"
    ],
    "tlp": [
      "clear",
      "green",
      "amber",
      "amber-strict",
      "red"
    ]
  }
}
```

## Domain Types

### Item

- `Item`

  - `id: string`

    UUID.

  - `content: string`

    Request content.

  - `created: string`

  - `priority: string`

  - `request: string`

    Requested information from request.

  - `summary: string`

    Brief description of the request.

  - `tlp: "clear" | "amber" | "amber-strict" | 2 more`

    The CISA defined Traffic Light Protocol (TLP).

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

  - `updated: string`

  - `completed?: string`

  - `message_tokens?: number`

    Tokens for the request messages.

  - `readable_id?: string`

    Readable Request ID.

  - `status?: "open" | "accepted" | "reported" | 3 more`

    Request Status.

    - `"open"`

    - `"accepted"`

    - `"reported"`

    - `"approved"`

    - `"completed"`

    - `"declined"`

  - `tokens?: number`

    Tokens for the request.

### List Item

- `ListItem`

  - `id: string`

    UUID.

  - `created: string`

    Request creation time.

  - `priority: "routine" | "high" | "urgent"`

    - `"routine"`

    - `"high"`

    - `"urgent"`

  - `request: string`

    Requested information from request.

  - `summary: string`

    Brief description of the request.

  - `tlp: "clear" | "amber" | "amber-strict" | 2 more`

    The CISA defined Traffic Light Protocol (TLP).

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

  - `updated: string`

    Request last updated time.

  - `completed?: string`

    Request completion time.

  - `message_tokens?: number`

    Tokens for the request messages.

  - `readable_id?: string`

    Readable Request ID.

  - `status?: "open" | "accepted" | "reported" | 3 more`

    Request Status.

    - `"open"`

    - `"accepted"`

    - `"reported"`

    - `"approved"`

    - `"completed"`

    - `"declined"`

  - `tokens?: number`

    Tokens for the request.

### Quota

- `Quota`

  - `anniversary_date?: string`

    Anniversary date is when annual quota limit is refreshed.

  - `quarter_anniversary_date?: string`

    Quarter anniversary date is when quota limit is refreshed each quarter.

  - `quota?: number`

    Tokens for the quarter.

  - `remaining?: number`

    Tokens remaining for the quarter.

### Request Constants

- `RequestConstants`

  - `priority?: Array<"routine" | "high" | "urgent">`

    - `"routine"`

    - `"high"`

    - `"urgent"`

  - `status?: Array<"open" | "accepted" | "reported" | 3 more>`

    - `"open"`

    - `"accepted"`

    - `"reported"`

    - `"approved"`

    - `"completed"`

    - `"declined"`

  - `tlp?: Array<"clear" | "amber" | "amber-strict" | 2 more>`

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

### Request Types

- `RequestTypes = Array<RequestTypesResponse>`

### Request Delete Response

- `RequestDeleteResponse`

  - `errors: Array<Error>`

    - `code: number`

    - `message: string`

    - `documentation_url?: string`

    - `source?: Source`

      - `pointer?: string`

  - `messages: Array<Message>`

    - `code: number`

    - `message: string`

    - `documentation_url?: string`

    - `source?: Source`

      - `pointer?: string`

  - `success: true`

    Whether the API call was successful.

    - `true`

### Request Types Response

- `RequestTypesResponse = string`

  Request Types.

# Message

## List Request Messages

`client.cloudforceOne.requests.message.get(stringrequestId, MessageGetParamsparams, RequestOptionsoptions?): SinglePage<Message>`

**post** `/accounts/{account_id}/cloudforce-one/requests/{request_id}/message`

List Request Messages

### Parameters

- `requestId: string`

  UUID.

- `params: MessageGetParams`

  - `account_id: string`

    Path param: Identifier.

  - `page: number`

    Body param: Page number of results.

  - `per_page: number`

    Body param: Number of results per page.

  - `after?: string`

    Body param: Retrieve mes  ges created after this time.

  - `before?: string`

    Body param: Retrieve messages created before this time.

  - `sort_by?: string`

    Body param: Field to sort results by.

  - `sort_order?: "asc" | "desc"`

    Body param: Sort order (asc or desc).

    - `"asc"`

    - `"desc"`

### Returns

- `Message`

  - `id: number`

    Message ID.

  - `author: string`

    Author of message.

  - `content: string`

    Content of message.

  - `is_follow_on_request: boolean`

    Whether the message is a follow-on request.

  - `updated: string`

    Defines the message last updated time.

  - `created?: string`

    Defines the message creation time.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

// Automatically fetches more pages as needed.
for await (const message of client.cloudforceOne.requests.message.get(
  'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
  {
    account_id: '023e105f4ecef8ad9ca31a8372d0c353',
    page: 0,
    per_page: 10,
  },
)) {
  console.log(message.id);
}
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": [
    {
      "id": 0,
      "author": "user@domain.com",
      "content": "Can you elaborate on the type of DoS that occurred?",
      "is_follow_on_request": true,
      "updated": "2022-01-01T00:00:00Z",
      "created": "2022-01-01T00:00:00Z"
    }
  ]
}
```

## Create a New Request Message

`client.cloudforceOne.requests.message.create(stringrequestId, MessageCreateParamsparams, RequestOptionsoptions?): Message`

**post** `/accounts/{account_id}/cloudforce-one/requests/{request_id}/message/new`

Create a New Request Message

### Parameters

- `requestId: string`

  UUID.

- `params: MessageCreateParams`

  - `account_id: string`

    Path param: Identifier.

  - `content?: string`

    Body param: Content of message.

### Returns

- `Message`

  - `id: number`

    Message ID.

  - `author: string`

    Author of message.

  - `content: string`

    Content of message.

  - `is_follow_on_request: boolean`

    Whether the message is a follow-on request.

  - `updated: string`

    Defines the message last updated time.

  - `created?: string`

    Defines the message creation time.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const message = await client.cloudforceOne.requests.message.create(
  'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
  { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
);

console.log(message.id);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": 0,
    "author": "user@domain.com",
    "content": "Can you elaborate on the type of DoS that occurred?",
    "is_follow_on_request": true,
    "updated": "2022-01-01T00:00:00Z",
    "created": "2022-01-01T00:00:00Z"
  }
}
```

## Update a Request Message

`client.cloudforceOne.requests.message.update(stringrequestId, numbermessageId, MessageUpdateParamsparams, RequestOptionsoptions?): Message`

**put** `/accounts/{account_id}/cloudforce-one/requests/{request_id}/message/{message_id}`

Update a Request Message

### Parameters

- `requestId: string`

  UUID.

- `messageId: number`

- `params: MessageUpdateParams`

  - `account_id: string`

    Path param: Identifier.

  - `content?: string`

    Body param: Content of message.

### Returns

- `Message`

  - `id: number`

    Message ID.

  - `author: string`

    Author of message.

  - `content: string`

    Content of message.

  - `is_follow_on_request: boolean`

    Whether the message is a follow-on request.

  - `updated: string`

    Defines the message last updated time.

  - `created?: string`

    Defines the message creation time.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const message = await client.cloudforceOne.requests.message.update(
  'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
  0,
  { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
);

console.log(message.id);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": 0,
    "author": "user@domain.com",
    "content": "Can you elaborate on the type of DoS that occurred?",
    "is_follow_on_request": true,
    "updated": "2022-01-01T00:00:00Z",
    "created": "2022-01-01T00:00:00Z"
  }
}
```

## Delete a Request Message

`client.cloudforceOne.requests.message.delete(stringrequestId, numbermessageId, MessageDeleteParamsparams, RequestOptionsoptions?): MessageDeleteResponse`

**delete** `/accounts/{account_id}/cloudforce-one/requests/{request_id}/message/{message_id}`

Delete a Request Message

### Parameters

- `requestId: string`

  UUID.

- `messageId: number`

- `params: MessageDeleteParams`

  - `account_id: string`

    Identifier.

### Returns

- `MessageDeleteResponse`

  - `errors: Array<Error>`

    - `code: number`

    - `message: string`

    - `documentation_url?: string`

    - `source?: Source`

      - `pointer?: string`

  - `messages: Array<Message>`

    - `code: number`

    - `message: string`

    - `documentation_url?: string`

    - `source?: Source`

      - `pointer?: string`

  - `success: true`

    Whether the API call was successful.

    - `true`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const message = await client.cloudforceOne.requests.message.delete(
  'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
  0,
  { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
);

console.log(message.errors);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true
}
```

## Domain Types

### Message

- `Message`

  - `id: number`

    Message ID.

  - `author: string`

    Author of message.

  - `content: string`

    Content of message.

  - `is_follow_on_request: boolean`

    Whether the message is a follow-on request.

  - `updated: string`

    Defines the message last updated time.

  - `created?: string`

    Defines the message creation time.

### Message Delete Response

- `MessageDeleteResponse`

  - `errors: Array<Error>`

    - `code: number`

    - `message: string`

    - `documentation_url?: string`

    - `source?: Source`

      - `pointer?: string`

  - `messages: Array<Message>`

    - `code: number`

    - `message: string`

    - `documentation_url?: string`

    - `source?: Source`

      - `pointer?: string`

  - `success: true`

    Whether the API call was successful.

    - `true`

# Priority

## Get a Priority Intelligence Requirement

`client.cloudforceOne.requests.priority.get(stringpriorityId, PriorityGetParamsparams, RequestOptionsoptions?): Item`

**get** `/accounts/{account_id}/cloudforce-one/requests/priority/{priority_id}`

Get a Priority Intelligence Requirement

### Parameters

- `priorityId: string`

  UUID.

- `params: PriorityGetParams`

  - `account_id: string`

    Identifier.

### Returns

- `Item`

  - `id: string`

    UUID.

  - `content: string`

    Request content.

  - `created: string`

  - `priority: string`

  - `request: string`

    Requested information from request.

  - `summary: string`

    Brief description of the request.

  - `tlp: "clear" | "amber" | "amber-strict" | 2 more`

    The CISA defined Traffic Light Protocol (TLP).

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

  - `updated: string`

  - `completed?: string`

  - `message_tokens?: number`

    Tokens for the request messages.

  - `readable_id?: string`

    Readable Request ID.

  - `status?: "open" | "accepted" | "reported" | 3 more`

    Request Status.

    - `"open"`

    - `"accepted"`

    - `"reported"`

    - `"approved"`

    - `"completed"`

    - `"declined"`

  - `tokens?: number`

    Tokens for the request.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const item = await client.cloudforceOne.requests.priority.get(
  'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
  { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
);

console.log(item.id);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    "content": "What regions were most effected by the recent DoS?",
    "created": "2022-04-01T05:20:00Z",
    "priority": "2022-04-01T05:20:00Z",
    "request": "Victomology",
    "summary": "DoS attack",
    "tlp": "clear",
    "updated": "2022-04-01T05:20:00Z",
    "completed": "2022-04-01T05:20:00Z",
    "message_tokens": 1,
    "readable_id": "RFI-2022-000001",
    "status": "open",
    "tokens": 16
  }
}
```

## Create a New Priority Intelligence Requirement

`client.cloudforceOne.requests.priority.create(PriorityCreateParamsparams, RequestOptionsoptions?): Priority`

**post** `/accounts/{account_id}/cloudforce-one/requests/priority/new`

Create a New Priority Intelligence Requirement

### Parameters

- `params: PriorityCreateParams`

  - `account_id: string`

    Path param: Identifier.

  - `labels: Array<Label>`

    Body param: List of labels.

  - `priority: number`

    Body param: Priority.

  - `requirement: string`

    Body param: Requirement.

  - `tlp: "clear" | "amber" | "amber-strict" | 2 more`

    Body param: The CISA defined Traffic Light Protocol (TLP).

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

### Returns

- `Priority`

  - `id: string`

    UUID.

  - `created: string`

    Priority creation time.

  - `labels: Array<Label>`

    List of labels.

  - `priority: number`

    Priority.

  - `requirement: string`

    Requirement.

  - `tlp: "clear" | "amber" | "amber-strict" | 2 more`

    The CISA defined Traffic Light Protocol (TLP).

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

  - `updated: string`

    Priority last updated time.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const priority = await client.cloudforceOne.requests.priority.create({
  account_id: '023e105f4ecef8ad9ca31a8372d0c353',
  labels: ['DoS', 'CVE'],
  priority: 1,
  requirement: 'DoS attacks carried out by CVEs',
  tlp: 'clear',
});

console.log(priority.id);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    "created": "2022-04-01T05:20:00Z",
    "labels": [
      "DoS",
      "CVE"
    ],
    "priority": 1,
    "requirement": "DoS attacks carried out by CVEs",
    "tlp": "clear",
    "updated": "2022-04-01T05:20:00Z"
  }
}
```

## Update a Priority Intelligence Requirement

`client.cloudforceOne.requests.priority.update(stringpriorityId, PriorityUpdateParamsparams, RequestOptionsoptions?): Item`

**put** `/accounts/{account_id}/cloudforce-one/requests/priority/{priority_id}`

Update a Priority Intelligence Requirement

### Parameters

- `priorityId: string`

  UUID.

- `params: PriorityUpdateParams`

  - `account_id: string`

    Path param: Identifier.

  - `labels: Array<Label>`

    Body param: List of labels.

  - `priority: number`

    Body param: Priority.

  - `requirement: string`

    Body param: Requirement.

  - `tlp: "clear" | "amber" | "amber-strict" | 2 more`

    Body param: The CISA defined Traffic Light Protocol (TLP).

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

### Returns

- `Item`

  - `id: string`

    UUID.

  - `content: string`

    Request content.

  - `created: string`

  - `priority: string`

  - `request: string`

    Requested information from request.

  - `summary: string`

    Brief description of the request.

  - `tlp: "clear" | "amber" | "amber-strict" | 2 more`

    The CISA defined Traffic Light Protocol (TLP).

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

  - `updated: string`

  - `completed?: string`

  - `message_tokens?: number`

    Tokens for the request messages.

  - `readable_id?: string`

    Readable Request ID.

  - `status?: "open" | "accepted" | "reported" | 3 more`

    Request Status.

    - `"open"`

    - `"accepted"`

    - `"reported"`

    - `"approved"`

    - `"completed"`

    - `"declined"`

  - `tokens?: number`

    Tokens for the request.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const item = await client.cloudforceOne.requests.priority.update(
  'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
  {
    account_id: '023e105f4ecef8ad9ca31a8372d0c353',
    labels: ['DoS', 'CVE'],
    priority: 1,
    requirement: 'DoS attacks carried out by CVEs',
    tlp: 'clear',
  },
);

console.log(item.id);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    "content": "What regions were most effected by the recent DoS?",
    "created": "2022-04-01T05:20:00Z",
    "priority": "2022-04-01T05:20:00Z",
    "request": "Victomology",
    "summary": "DoS attack",
    "tlp": "clear",
    "updated": "2022-04-01T05:20:00Z",
    "completed": "2022-04-01T05:20:00Z",
    "message_tokens": 1,
    "readable_id": "RFI-2022-000001",
    "status": "open",
    "tokens": 16
  }
}
```

## Delete a Priority Intelligence Requirement

`client.cloudforceOne.requests.priority.delete(stringpriorityId, PriorityDeleteParamsparams, RequestOptionsoptions?): PriorityDeleteResponse`

**delete** `/accounts/{account_id}/cloudforce-one/requests/priority/{priority_id}`

Delete a Priority Intelligence Requirement

### Parameters

- `priorityId: string`

  UUID.

- `params: PriorityDeleteParams`

  - `account_id: string`

    Identifier.

### Returns

- `PriorityDeleteResponse`

  - `errors: Array<Error>`

    - `code: number`

    - `message: string`

    - `documentation_url?: string`

    - `source?: Source`

      - `pointer?: string`

  - `messages: Array<Message>`

    - `code: number`

    - `message: string`

    - `documentation_url?: string`

    - `source?: Source`

      - `pointer?: string`

  - `success: true`

    Whether the API call was successful.

    - `true`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const priority = await client.cloudforceOne.requests.priority.delete(
  'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
  { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
);

console.log(priority.errors);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true
}
```

## Get Priority Intelligence Requirement Quota

`client.cloudforceOne.requests.priority.quota(PriorityQuotaParamsparams, RequestOptionsoptions?): Quota`

**get** `/accounts/{account_id}/cloudforce-one/requests/priority/quota`

Get Priority Intelligence Requirement Quota

### Parameters

- `params: PriorityQuotaParams`

  - `account_id: string`

    Identifier.

### Returns

- `Quota`

  - `anniversary_date?: string`

    Anniversary date is when annual quota limit is refreshed.

  - `quarter_anniversary_date?: string`

    Quarter anniversary date is when quota limit is refreshed each quarter.

  - `quota?: number`

    Tokens for the quarter.

  - `remaining?: number`

    Tokens remaining for the quarter.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const quota = await client.cloudforceOne.requests.priority.quota({
  account_id: '023e105f4ecef8ad9ca31a8372d0c353',
});

console.log(quota.anniversary_date);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "anniversary_date": "2022-04-01T00:00:00Z",
    "quarter_anniversary_date": "2022-04-01T00:00:00Z",
    "quota": 120,
    "remaining": 64
  }
}
```

## Domain Types

### Label

- `Label = string`

### Priority

- `Priority`

  - `id: string`

    UUID.

  - `created: string`

    Priority creation time.

  - `labels: Array<Label>`

    List of labels.

  - `priority: number`

    Priority.

  - `requirement: string`

    Requirement.

  - `tlp: "clear" | "amber" | "amber-strict" | 2 more`

    The CISA defined Traffic Light Protocol (TLP).

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

  - `updated: string`

    Priority last updated time.

### Priority Edit

- `PriorityEdit`

  - `labels: Array<Label>`

    List of labels.

  - `priority: number`

    Priority.

  - `requirement: string`

    Requirement.

  - `tlp: "clear" | "amber" | "amber-strict" | 2 more`

    The CISA defined Traffic Light Protocol (TLP).

    - `"clear"`

    - `"amber"`

    - `"amber-strict"`

    - `"green"`

    - `"red"`

### Priority Delete Response

- `PriorityDeleteResponse`

  - `errors: Array<Error>`

    - `code: number`

    - `message: string`

    - `documentation_url?: string`

    - `source?: Source`

      - `pointer?: string`

  - `messages: Array<Message>`

    - `code: number`

    - `message: string`

    - `documentation_url?: string`

    - `source?: Source`

      - `pointer?: string`

  - `success: true`

    Whether the API call was successful.

    - `true`

# Assets

## Get a Request Asset

`client.cloudforceOne.requests.assets.get(stringrequestId, stringassetId, AssetGetParamsparams, RequestOptionsoptions?): SinglePage<AssetGetResponse>`

**get** `/accounts/{account_id}/cloudforce-one/requests/{request_id}/asset/{asset_id}`

Get a Request Asset

### Parameters

- `requestId: string`

  UUID.

- `assetId: string`

  UUID.

- `params: AssetGetParams`

  - `account_id: string`

    Identifier.

### Returns

- `AssetGetResponse`

  - `id: number`

    Asset ID.

  - `name: string`

    Asset name.

  - `created?: string`

    Defines the asset creation time.

  - `description?: string`

    Asset description.

  - `file_type?: string`

    Asset file type.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

// Automatically fetches more pages as needed.
for await (const assetGetResponse of client.cloudforceOne.requests.assets.get(
  'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
  'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
  { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
)) {
  console.log(assetGetResponse.id);
}
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": [
    {
      "id": 0,
      "name": "example.docx",
      "created": "2022-01-01T00:00:00Z",
      "description": "example description",
      "file_type": "docx"
    }
  ]
}
```

## List Request Assets

`client.cloudforceOne.requests.assets.create(stringrequestId, AssetCreateParamsparams, RequestOptionsoptions?): SinglePage<AssetCreateResponse>`

**post** `/accounts/{account_id}/cloudforce-one/requests/{request_id}/asset`

List Request Assets

### Parameters

- `requestId: string`

  UUID.

- `params: AssetCreateParams`

  - `account_id: string`

    Path param: Identifier.

  - `page: number`

    Body param: Page number of results.

  - `per_page: number`

    Body param: Number of results per page.

### Returns

- `AssetCreateResponse`

  - `id: number`

    Asset ID.

  - `name: string`

    Asset name.

  - `created?: string`

    Defines the asset creation time.

  - `description?: string`

    Asset description.

  - `file_type?: string`

    Asset file type.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

// Automatically fetches more pages as needed.
for await (const assetCreateResponse of client.cloudforceOne.requests.assets.create(
  'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
  {
    account_id: '023e105f4ecef8ad9ca31a8372d0c353',
    page: 0,
    per_page: 10,
  },
)) {
  console.log(assetCreateResponse.id);
}
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": [
    {
      "id": 0,
      "name": "example.docx",
      "created": "2022-01-01T00:00:00Z",
      "description": "example description",
      "file_type": "docx"
    }
  ]
}
```

## Update a Request Asset

`client.cloudforceOne.requests.assets.update(stringrequestId, stringassetId, AssetUpdateParamsparams, RequestOptionsoptions?): AssetUpdateResponse`

**put** `/accounts/{account_id}/cloudforce-one/requests/{request_id}/asset/{asset_id}`

Update a Request Asset

### Parameters

- `requestId: string`

  UUID.

- `assetId: string`

  UUID.

- `params: AssetUpdateParams`

  - `account_id: string`

    Path param: Identifier.

  - `source?: string`

    Body param: Asset file to upload.

### Returns

- `AssetUpdateResponse`

  - `id: number`

    Asset ID.

  - `name: string`

    Asset name.

  - `created?: string`

    Defines the asset creation time.

  - `description?: string`

    Asset description.

  - `file_type?: string`

    Asset file type.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const asset = await client.cloudforceOne.requests.assets.update(
  'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
  'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
  { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
);

console.log(asset.id);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": 0,
    "name": "example.docx",
    "created": "2022-01-01T00:00:00Z",
    "description": "example description",
    "file_type": "docx"
  }
}
```

## Delete a Request Asset

`client.cloudforceOne.requests.assets.delete(stringrequestId, stringassetId, AssetDeleteParamsparams, RequestOptionsoptions?): AssetDeleteResponse`

**delete** `/accounts/{account_id}/cloudforce-one/requests/{request_id}/asset/{asset_id}`

Delete a Request Asset

### Parameters

- `requestId: string`

  UUID.

- `assetId: string`

  UUID.

- `params: AssetDeleteParams`

  - `account_id: string`

    Identifier.

### Returns

- `AssetDeleteResponse`

  - `errors: Array<Error>`

    - `code: number`

    - `message: string`

    - `documentation_url?: string`

    - `source?: Source`

      - `pointer?: string`

  - `messages: Array<Message>`

    - `code: number`

    - `message: string`

    - `documentation_url?: string`

    - `source?: Source`

      - `pointer?: string`

  - `success: true`

    Whether the API call was successful.

    - `true`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const asset = await client.cloudforceOne.requests.assets.delete(
  'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
  'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
  { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
);

console.log(asset.errors);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true
}
```

## Domain Types

### Asset Get Response

- `AssetGetResponse`

  - `id: number`

    Asset ID.

  - `name: string`

    Asset name.

  - `created?: string`

    Defines the asset creation time.

  - `description?: string`

    Asset description.

  - `file_type?: string`

    Asset file type.

### Asset Create Response

- `AssetCreateResponse`

  - `id: number`

    Asset ID.

  - `name: string`

    Asset name.

  - `created?: string`

    Defines the asset creation time.

  - `description?: string`

    Asset description.

  - `file_type?: string`

    Asset file type.

### Asset Update Response

- `AssetUpdateResponse`

  - `id: number`

    Asset ID.

  - `name: string`

    Asset name.

  - `created?: string`

    Defines the asset creation time.

  - `description?: string`

    Asset description.

  - `file_type?: string`

    Asset file type.

### Asset Delete Response

- `AssetDeleteResponse`

  - `errors: Array<Error>`

    - `code: number`

    - `message: string`

    - `documentation_url?: string`

    - `source?: Source`

      - `pointer?: string`

  - `messages: Array<Message>`

    - `code: number`

    - `message: string`

    - `documentation_url?: string`

    - `source?: Source`

      - `pointer?: string`

  - `success: true`

    Whether the API call was successful.

    - `true`

# Threat Events

## Filter and list events

`client.cloudforceOne.threatEvents.list(ThreatEventListParamsparams, RequestOptionsoptions?): ThreatEventListResponse`

**get** `/accounts/{account_id}/cloudforce-one/events`

When `datasetId` is unspecified, events will be listed from the `Cloudforce One Threat Events` dataset. To list existing datasets (and their IDs), use the [`List Datasets`](https://developers.cloudflare.com/api/resources/cloudforce_one/subresources/threat_events/subresources/datasets/methods/list/) endpoint). Also, must provide query parameters.

### Parameters

- `params: ThreatEventListParams`

  - `account_id: string`

    Path param: Account ID.

  - `cursor?: string`

    Query param: Cursor for pagination. When provided, filters are embedded in the cursor so you only need to pass cursor and pageSize. Returned in the previous response's result_info.cursor field. Use cursor-based pagination for deep pagination (beyond 100,000 records) or for optimal performance.

  - `datasetId?: Array<string>`

    Query param

  - `forceRefresh?: boolean`

    Query param

  - `format?: "json" | "stix2"`

    Query param

    - `"json"`

    - `"stix2"`

  - `order?: "asc" | "desc"`

    Query param

    - `"asc"`

    - `"desc"`

  - `orderBy?: string`

    Query param

  - `page?: number`

    Query param: Page number (1-indexed) for offset-based pagination. Limited to offset of 100,000 records. For deep pagination, use cursor-based pagination instead.

  - `pageSize?: number`

    Query param: Number of results per page. Maximum 25,000.

  - `search?: Array<Search>`

    Query param

    - `field?: string`

      Event field to search on. Allowed: attacker, attackerCountry, category, createdAt, date, event, indicator, indicatorType, killChain, mitreAttack, tags, targetCountry, targetIndustry, tlp, uuid.

    - `op?: "equals" | "not" | "gt" | 9 more`

      Search operator. Use 'in' for bulk lookup of up to 100 values at once, e.g. {field:'tags', op:'in', value:['malware','apt']}.

      - `"equals"`

      - `"not"`

      - `"gt"`

      - `"gte"`

      - `"lt"`

      - `"lte"`

      - `"like"`

      - `"contains"`

      - `"startsWith"`

      - `"endsWith"`

      - `"in"`

      - `"find"`

    - `value?: string | number | Array<string | number>`

      Search value. String or number for most operators. Array for 'in' operator (max 100 items).

      - `string`

      - `number`

      - `Array<string | number>`

        - `string`

        - `number`

### Returns

- `ThreatEventListResponse = Array<ThreatEventListResponseItem>`

  - `attacker: string`

  - `attackerCountry: string`

  - `category: string`

  - `datasetId: string`

  - `date: string`

  - `event: string`

  - `hasChildren: boolean`

  - `indicator: string`

  - `indicatorType: string`

  - `indicatorTypeId: number`

  - `killChain: number`

  - `mitreAttack: Array<string>`

  - `mitreCapec: Array<string>`

  - `numReferenced: number`

  - `numReferences: number`

  - `rawId: string`

  - `referenced: Array<string>`

  - `referencedIds: Array<number>`

  - `references: Array<string>`

  - `referencesIds: Array<number>`

  - `tags: Array<string>`

  - `targetCountry: string`

  - `targetIndustry: string`

  - `tlp: string`

  - `uuid: string`

  - `insight?: string`

  - `releasabilityId?: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const threatEvents = await client.cloudforceOne.threatEvents.list({ account_id: 'account_id' });

console.log(threatEvents);
```

#### Response

```json
[
  {
    "attacker": "Flying Yeti",
    "attackerCountry": "CN",
    "category": "Domain Resolution",
    "datasetId": "dataset-example-id",
    "date": "2022-04-01T00:00:00Z",
    "event": "An attacker registered the domain domain.com",
    "hasChildren": true,
    "indicator": "domain.com",
    "indicatorType": "domain",
    "indicatorTypeId": 5,
    "killChain": 0,
    "mitreAttack": [
      " "
    ],
    "mitreCapec": [
      " "
    ],
    "numReferenced": 0,
    "numReferences": 0,
    "rawId": "453gw34w3",
    "referenced": [
      " "
    ],
    "referencedIds": [
      0
    ],
    "references": [
      " "
    ],
    "referencesIds": [
      0
    ],
    "tags": [
      "malware"
    ],
    "targetCountry": "US",
    "targetIndustry": "Agriculture",
    "tlp": "amber",
    "uuid": "12345678-1234-1234-1234-1234567890ab",
    "insight": "insight",
    "releasabilityId": "releasabilityId"
  }
]
```

## Reads an event

`client.cloudforceOne.threatEvents.get(stringeventId, ThreatEventGetParamsparams, RequestOptionsoptions?): ThreatEventGetResponse`

**get** `/accounts/{account_id}/cloudforce-one/events/{event_id}`

This Method is deprecated. Please use /events/dataset/:dataset_id/events/:event_id instead.

### Parameters

- `eventId: string`

  Event UUID.

- `params: ThreatEventGetParams`

  - `account_id: string`

    Account ID.

### Returns

- `ThreatEventGetResponse`

  - `attacker: string`

  - `attackerCountry: string`

  - `category: string`

  - `datasetId: string`

  - `date: string`

  - `event: string`

  - `hasChildren: boolean`

  - `indicator: string`

  - `indicatorType: string`

  - `indicatorTypeId: number`

  - `killChain: number`

  - `mitreAttack: Array<string>`

  - `mitreCapec: Array<string>`

  - `numReferenced: number`

  - `numReferences: number`

  - `rawId: string`

  - `referenced: Array<string>`

  - `referencedIds: Array<number>`

  - `references: Array<string>`

  - `referencesIds: Array<number>`

  - `tags: Array<string>`

  - `targetCountry: string`

  - `targetIndustry: string`

  - `tlp: string`

  - `uuid: string`

  - `insight?: string`

  - `releasabilityId?: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const threatEvent = await client.cloudforceOne.threatEvents.get('event_id', {
  account_id: 'account_id',
});

console.log(threatEvent.uuid);
```

#### Response

```json
{
  "attacker": "Flying Yeti",
  "attackerCountry": "CN",
  "category": "Domain Resolution",
  "datasetId": "dataset-example-id",
  "date": "2022-04-01T00:00:00Z",
  "event": "An attacker registered the domain domain.com",
  "hasChildren": true,
  "indicator": "domain.com",
  "indicatorType": "domain",
  "indicatorTypeId": 5,
  "killChain": 0,
  "mitreAttack": [
    " "
  ],
  "mitreCapec": [
    " "
  ],
  "numReferenced": 0,
  "numReferences": 0,
  "rawId": "453gw34w3",
  "referenced": [
    " "
  ],
  "referencedIds": [
    0
  ],
  "references": [
    " "
  ],
  "referencesIds": [
    0
  ],
  "tags": [
    "malware"
  ],
  "targetCountry": "US",
  "targetIndustry": "Agriculture",
  "tlp": "amber",
  "uuid": "12345678-1234-1234-1234-1234567890ab",
  "insight": "insight",
  "releasabilityId": "releasabilityId"
}
```

## Creates a new event

`client.cloudforceOne.threatEvents.create(ThreatEventCreateParamsparams, RequestOptionsoptions?): ThreatEventCreateResponse`

**post** `/accounts/{account_id}/cloudforce-one/events/create`

To create a dataset, see the [`Create Dataset`](https://developers.cloudflare.com/api/resources/cloudforce_one/subresources/threat_events/subresources/datasets/methods/create/) endpoint. When `datasetId` parameter is unspecified, it will be created in a default dataset named `Cloudforce One Threat Events`.

### Parameters

- `params: ThreatEventCreateParams`

  - `account_id: string`

    Path param: Account ID.

  - `category: string`

    Body param

  - `date: string`

    Body param

  - `event: string`

    Body param

  - `raw: Raw`

    Body param

    - `data: Record<string, unknown> | null`

    - `source?: string`

    - `tlp?: string`

  - `tlp: string`

    Body param

  - `accountId?: number`

    Body param

  - `attacker?: string | null`

    Body param

  - `attackerCountry?: string`

    Body param

  - `datasetId?: string`

    Body param

  - `indicator?: string`

    Body param

  - `indicators?: Array<Indicator>`

    Body param: Array of indicators for this event. Supports multiple indicators per event for complex scenarios.

    - `indicatorType: string`

      The type of indicator (e.g., DOMAIN, IP, JA3, HASH)

    - `value: string`

      The indicator value (e.g., domain name, IP address, hash)

  - `indicatorType?: string`

    Body param

  - `insight?: string`

    Body param

  - `tags?: Array<string>`

    Body param

  - `targetCountry?: string`

    Body param

  - `targetIndustry?: string`

    Body param

### Returns

- `ThreatEventCreateResponse`

  - `attacker: string`

  - `attackerCountry: string`

  - `category: string`

  - `datasetId: string`

  - `date: string`

  - `event: string`

  - `hasChildren: boolean`

  - `indicator: string`

  - `indicatorType: string`

  - `indicatorTypeId: number`

  - `killChain: number`

  - `mitreAttack: Array<string>`

  - `mitreCapec: Array<string>`

  - `numReferenced: number`

  - `numReferences: number`

  - `rawId: string`

  - `referenced: Array<string>`

  - `referencedIds: Array<number>`

  - `references: Array<string>`

  - `referencesIds: Array<number>`

  - `tags: Array<string>`

  - `targetCountry: string`

  - `targetIndustry: string`

  - `tlp: string`

  - `uuid: string`

  - `insight?: string`

  - `releasabilityId?: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const threatEvent = await client.cloudforceOne.threatEvents.create({
  account_id: 'account_id',
  category: 'Domain Resolution',
  date: '2022-04-01T00:00:00Z',
  event: 'An attacker registered the domain domain.com',
  raw: { data: { foo: 'bar' } },
  tlp: 'amber',
});

console.log(threatEvent.uuid);
```

#### Response

```json
{
  "attacker": "Flying Yeti",
  "attackerCountry": "CN",
  "category": "Domain Resolution",
  "datasetId": "dataset-example-id",
  "date": "2022-04-01T00:00:00Z",
  "event": "An attacker registered the domain domain.com",
  "hasChildren": true,
  "indicator": "domain.com",
  "indicatorType": "domain",
  "indicatorTypeId": 5,
  "killChain": 0,
  "mitreAttack": [
    " "
  ],
  "mitreCapec": [
    " "
  ],
  "numReferenced": 0,
  "numReferences": 0,
  "rawId": "453gw34w3",
  "referenced": [
    " "
  ],
  "referencedIds": [
    0
  ],
  "references": [
    " "
  ],
  "referencesIds": [
    0
  ],
  "tags": [
    "malware"
  ],
  "targetCountry": "US",
  "targetIndustry": "Agriculture",
  "tlp": "amber",
  "uuid": "12345678-1234-1234-1234-1234567890ab",
  "insight": "insight",
  "releasabilityId": "releasabilityId"
}
```

## Updates an event

`client.cloudforceOne.threatEvents.edit(stringeventId, ThreatEventEditParamsparams, RequestOptionsoptions?): ThreatEventEditResponse`

**patch** `/accounts/{account_id}/cloudforce-one/events/{event_id}`

Updates an event

### Parameters

- `eventId: string`

  Event UUID.

- `params: ThreatEventEditParams`

  - `account_id: string`

    Path param: Account ID.

  - `datasetId: string`

    Body param: Dataset ID containing the event to update.

  - `attacker?: string | null`

    Body param

  - `attackerCountry?: string`

    Body param

  - `category?: string`

    Body param

  - `createdAt?: string`

    Body param

  - `date?: string`

    Body param

  - `event?: string`

    Body param

  - `indicator?: string`

    Body param

  - `indicatorType?: string`

    Body param

  - `insight?: string`

    Body param

  - `raw?: Raw`

    Body param

    - `data?: Record<string, unknown> | null`

    - `source?: string`

    - `tlp?: string`

  - `targetCountry?: string`

    Body param

  - `targetIndustry?: string`

    Body param

  - `tlp?: string`

    Body param

### Returns

- `ThreatEventEditResponse`

  - `attacker: string`

  - `attackerCountry: string`

  - `category: string`

  - `datasetId: string`

  - `date: string`

  - `event: string`

  - `hasChildren: boolean`

  - `indicator: string`

  - `indicatorType: string`

  - `indicatorTypeId: number`

  - `killChain: number`

  - `mitreAttack: Array<string>`

  - `mitreCapec: Array<string>`

  - `numReferenced: number`

  - `numReferences: number`

  - `rawId: string`

  - `referenced: Array<string>`

  - `referencedIds: Array<number>`

  - `references: Array<string>`

  - `referencesIds: Array<number>`

  - `tags: Array<string>`

  - `targetCountry: string`

  - `targetIndustry: string`

  - `tlp: string`

  - `uuid: string`

  - `insight?: string`

  - `releasabilityId?: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const response = await client.cloudforceOne.threatEvents.edit('event_id', {
  account_id: 'account_id',
  datasetId: '9b769969-a211-466c-8ac3-cb91266a066a',
});

console.log(response.uuid);
```

#### Response

```json
{
  "attacker": "Flying Yeti",
  "attackerCountry": "CN",
  "category": "Domain Resolution",
  "datasetId": "dataset-example-id",
  "date": "2022-04-01T00:00:00Z",
  "event": "An attacker registered the domain domain.com",
  "hasChildren": true,
  "indicator": "domain.com",
  "indicatorType": "domain",
  "indicatorTypeId": 5,
  "killChain": 0,
  "mitreAttack": [
    " "
  ],
  "mitreCapec": [
    " "
  ],
  "numReferenced": 0,
  "numReferences": 0,
  "rawId": "453gw34w3",
  "referenced": [
    " "
  ],
  "referencedIds": [
    0
  ],
  "references": [
    " "
  ],
  "referencesIds": [
    0
  ],
  "tags": [
    "malware"
  ],
  "targetCountry": "US",
  "targetIndustry": "Agriculture",
  "tlp": "amber",
  "uuid": "12345678-1234-1234-1234-1234567890ab",
  "insight": "insight",
  "releasabilityId": "releasabilityId"
}
```

## Creates bulk events

`client.cloudforceOne.threatEvents.bulkCreate(ThreatEventBulkCreateParamsparams, RequestOptionsoptions?): ThreatEventBulkCreateResponse`

**post** `/accounts/{account_id}/cloudforce-one/events/create/bulk`

The `datasetId` parameter must be defined. To list existing datasets (and their IDs) in your account, use the [`List Datasets`](https://developers.cloudflare.com/api/resources/cloudforce_one/subresources/threat_events/subresources/datasets/methods/list/) endpoint.

### Parameters

- `params: ThreatEventBulkCreateParams`

  - `account_id: string`

    Path param: Account ID.

  - `data: Array<Data>`

    Body param

    - `category: string`

    - `date: string`

    - `event: string`

    - `raw: Raw`

      - `data: Record<string, unknown> | null`

      - `source?: string`

      - `tlp?: string`

    - `tlp: string`

    - `accountId?: number`

    - `attacker?: string | null`

    - `attackerCountry?: string`

    - `datasetId?: string`

    - `indicator?: string`

    - `indicators?: Array<Indicator>`

      Array of indicators for this event. Supports multiple indicators per event for complex scenarios.

      - `indicatorType: string`

        The type of indicator (e.g., DOMAIN, IP, JA3, HASH)

      - `value: string`

        The indicator value (e.g., domain name, IP address, hash)

    - `indicatorType?: string`

    - `insight?: string`

    - `tags?: Array<string>`

    - `targetCountry?: string`

    - `targetIndustry?: string`

  - `datasetId: string`

    Body param

  - `includeCreatedEvents?: boolean`

    Body param: When true, response includes array of created event UUIDs and shard IDs. Useful for tracking which events were created and where.

### Returns

- `ThreatEventBulkCreateResponse`

  Detailed result of bulk event creation with auto-tag management

  - `createdEventsCount: number`

    Number of events created

  - `createdTagsCount: number`

    Number of new tags created in SoT

  - `errorCount: number`

    Number of errors encountered

  - `queuedIndicatorsCount: number`

    Number of indicators queued for async processing

  - `createBulkEventsRequestId?: string`

    Correlation ID for async indicator processing

  - `createdEvents?: Array<CreatedEvent>`

    Array of created events with UUIDs and shard locations. Only present when includeCreatedEvents=true

    - `eventIndex: number`

      Original index in the input data array

    - `shardId: string`

      Dataset ID of the shard where the event was created

    - `uuid: string`

      UUID of the created event

  - `errors?: Array<Error>`

    Array of error details

    - `error: string`

      Error message

    - `eventIndex: number`

      Index of the event that caused the error

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const response = await client.cloudforceOne.threatEvents.bulkCreate({
  account_id: 'account_id',
  data: [
    {
      category: 'Domain Resolution',
      date: '2022-04-01T00:00:00Z',
      event: 'An attacker registered the domain domain.com',
      raw: { data: { foo: 'bar' } },
      tlp: 'amber',
    },
  ],
  datasetId: 'durableObjectName',
});

console.log(response.createdEventsCount);
```

#### Response

```json
{
  "createdEventsCount": 0,
  "createdTagsCount": 0,
  "errorCount": 0,
  "queuedIndicatorsCount": 0,
  "createBulkEventsRequestId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
  "createdEvents": [
    {
      "eventIndex": 0,
      "shardId": "shardId",
      "uuid": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e"
    }
  ],
  "errors": [
    {
      "error": "error",
      "eventIndex": 0
    }
  ]
}
```

## Domain Types

### Threat Event List Response

- `ThreatEventListResponse = Array<ThreatEventListResponseItem>`

  - `attacker: string`

  - `attackerCountry: string`

  - `category: string`

  - `datasetId: string`

  - `date: string`

  - `event: string`

  - `hasChildren: boolean`

  - `indicator: string`

  - `indicatorType: string`

  - `indicatorTypeId: number`

  - `killChain: number`

  - `mitreAttack: Array<string>`

  - `mitreCapec: Array<string>`

  - `numReferenced: number`

  - `numReferences: number`

  - `rawId: string`

  - `referenced: Array<string>`

  - `referencedIds: Array<number>`

  - `references: Array<string>`

  - `referencesIds: Array<number>`

  - `tags: Array<string>`

  - `targetCountry: string`

  - `targetIndustry: string`

  - `tlp: string`

  - `uuid: string`

  - `insight?: string`

  - `releasabilityId?: string`

### Threat Event Get Response

- `ThreatEventGetResponse`

  - `attacker: string`

  - `attackerCountry: string`

  - `category: string`

  - `datasetId: string`

  - `date: string`

  - `event: string`

  - `hasChildren: boolean`

  - `indicator: string`

  - `indicatorType: string`

  - `indicatorTypeId: number`

  - `killChain: number`

  - `mitreAttack: Array<string>`

  - `mitreCapec: Array<string>`

  - `numReferenced: number`

  - `numReferences: number`

  - `rawId: string`

  - `referenced: Array<string>`

  - `referencedIds: Array<number>`

  - `references: Array<string>`

  - `referencesIds: Array<number>`

  - `tags: Array<string>`

  - `targetCountry: string`

  - `targetIndustry: string`

  - `tlp: string`

  - `uuid: string`

  - `insight?: string`

  - `releasabilityId?: string`

### Threat Event Create Response

- `ThreatEventCreateResponse`

  - `attacker: string`

  - `attackerCountry: string`

  - `category: string`

  - `datasetId: string`

  - `date: string`

  - `event: string`

  - `hasChildren: boolean`

  - `indicator: string`

  - `indicatorType: string`

  - `indicatorTypeId: number`

  - `killChain: number`

  - `mitreAttack: Array<string>`

  - `mitreCapec: Array<string>`

  - `numReferenced: number`

  - `numReferences: number`

  - `rawId: string`

  - `referenced: Array<string>`

  - `referencedIds: Array<number>`

  - `references: Array<string>`

  - `referencesIds: Array<number>`

  - `tags: Array<string>`

  - `targetCountry: string`

  - `targetIndustry: string`

  - `tlp: string`

  - `uuid: string`

  - `insight?: string`

  - `releasabilityId?: string`

### Threat Event Edit Response

- `ThreatEventEditResponse`

  - `attacker: string`

  - `attackerCountry: string`

  - `category: string`

  - `datasetId: string`

  - `date: string`

  - `event: string`

  - `hasChildren: boolean`

  - `indicator: string`

  - `indicatorType: string`

  - `indicatorTypeId: number`

  - `killChain: number`

  - `mitreAttack: Array<string>`

  - `mitreCapec: Array<string>`

  - `numReferenced: number`

  - `numReferences: number`

  - `rawId: string`

  - `referenced: Array<string>`

  - `referencedIds: Array<number>`

  - `references: Array<string>`

  - `referencesIds: Array<number>`

  - `tags: Array<string>`

  - `targetCountry: string`

  - `targetIndustry: string`

  - `tlp: string`

  - `uuid: string`

  - `insight?: string`

  - `releasabilityId?: string`

### Threat Event Bulk Create Response

- `ThreatEventBulkCreateResponse`

  Detailed result of bulk event creation with auto-tag management

  - `createdEventsCount: number`

    Number of events created

  - `createdTagsCount: number`

    Number of new tags created in SoT

  - `errorCount: number`

    Number of errors encountered

  - `queuedIndicatorsCount: number`

    Number of indicators queued for async processing

  - `createBulkEventsRequestId?: string`

    Correlation ID for async indicator processing

  - `createdEvents?: Array<CreatedEvent>`

    Array of created events with UUIDs and shard locations. Only present when includeCreatedEvents=true

    - `eventIndex: number`

      Original index in the input data array

    - `shardId: string`

      Dataset ID of the shard where the event was created

    - `uuid: string`

      UUID of the created event

  - `errors?: Array<Error>`

    Array of error details

    - `error: string`

      Error message

    - `eventIndex: number`

      Index of the event that caused the error

# Attackers

## Lists attackers across multiple datasets

`client.cloudforceOne.threatEvents.attackers.list(AttackerListParamsparams, RequestOptionsoptions?): AttackerListResponse`

**get** `/accounts/{account_id}/cloudforce-one/events/attackers`

Lists attackers across multiple datasets

### Parameters

- `params: AttackerListParams`

  - `account_id: string`

    Path param: Account ID.

  - `datasetIds?: Array<string>`

    Query param: Array of dataset IDs to query attackers from. If not provided, uses the default dataset.

### Returns

- `AttackerListResponse`

  - `items: Items`

    - `type: string`

  - `type: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const attackers = await client.cloudforceOne.threatEvents.attackers.list({
  account_id: 'account_id',
});

console.log(attackers.items);
```

#### Response

```json
{
  "items": {
    "type": "string"
  },
  "type": "array"
}
```

## Domain Types

### Attacker List Response

- `AttackerListResponse`

  - `items: Items`

    - `type: string`

  - `type: string`

# Categories

## Lists categories across multiple datasets

`client.cloudforceOne.threatEvents.categories.list(CategoryListParamsparams, RequestOptionsoptions?): CategoryListResponse`

**get** `/accounts/{account_id}/cloudforce-one/events/categories`

Lists categories across multiple datasets

### Parameters

- `params: CategoryListParams`

  - `account_id: string`

    Path param: Account ID.

  - `datasetIds?: Array<string>`

    Query param: Array of dataset IDs to query categories from. If not provided, uses the default dataset.

### Returns

- `CategoryListResponse = Array<CategoryListResponseItem>`

  - `killChain: number`

  - `name: string`

  - `uuid: string`

  - `mitreAttack?: Array<string>`

  - `mitreCapec?: Array<string>`

  - `shortname?: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const categories = await client.cloudforceOne.threatEvents.categories.list({
  account_id: 'account_id',
});

console.log(categories);
```

#### Response

```json
[
  {
    "killChain": 0,
    "name": "name",
    "uuid": "12345678-1234-1234-1234-1234567890ab",
    "mitreAttack": [
      "T1234"
    ],
    "mitreCapec": [
      "123"
    ],
    "shortname": "shortname"
  }
]
```

## Reads a category

`client.cloudforceOne.threatEvents.categories.get(stringcategoryId, CategoryGetParamsparams, RequestOptionsoptions?): CategoryGetResponse`

**get** `/accounts/{account_id}/cloudforce-one/events/categories/{category_id}`

Reads a category

### Parameters

- `categoryId: string`

  Category UUID.

- `params: CategoryGetParams`

  - `account_id: string`

    Account ID.

### Returns

- `CategoryGetResponse`

  - `killChain: number`

  - `name: string`

  - `uuid: string`

  - `mitreAttack?: Array<string>`

  - `mitreCapec?: Array<string>`

  - `shortname?: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const category = await client.cloudforceOne.threatEvents.categories.get(
  '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
  { account_id: 'account_id' },
);

console.log(category.uuid);
```

#### Response

```json
{
  "killChain": 0,
  "name": "name",
  "uuid": "12345678-1234-1234-1234-1234567890ab",
  "mitreAttack": [
    "T1234"
  ],
  "mitreCapec": [
    "123"
  ],
  "shortname": "shortname"
}
```

## Creates a new category

`client.cloudforceOne.threatEvents.categories.create(CategoryCreateParamsparams, RequestOptionsoptions?): CategoryCreateResponse`

**post** `/accounts/{account_id}/cloudforce-one/events/categories/create`

Creates a new category

### Parameters

- `params: CategoryCreateParams`

  - `account_id: string`

    Path param: Account ID.

  - `killChain: number`

    Body param

  - `name: string`

    Body param

  - `mitreAttack?: Array<string>`

    Body param

  - `mitreCapec?: Array<string>`

    Body param

  - `shortname?: string`

    Body param

### Returns

- `CategoryCreateResponse`

  - `killChain: number`

  - `name: string`

  - `uuid: string`

  - `mitreAttack?: Array<string>`

  - `mitreCapec?: Array<string>`

  - `shortname?: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const category = await client.cloudforceOne.threatEvents.categories.create({
  account_id: 'account_id',
  killChain: 0,
  name: 'name',
});

console.log(category.uuid);
```

#### Response

```json
{
  "killChain": 0,
  "name": "name",
  "uuid": "12345678-1234-1234-1234-1234567890ab",
  "mitreAttack": [
    "T1234"
  ],
  "mitreCapec": [
    "123"
  ],
  "shortname": "shortname"
}
```

## Updates a category

`client.cloudforceOne.threatEvents.categories.edit(stringcategoryId, CategoryEditParamsparams, RequestOptionsoptions?): CategoryEditResponse`

**patch** `/accounts/{account_id}/cloudforce-one/events/categories/{category_id}`

Updates a category

### Parameters

- `categoryId: string`

  Category UUID.

- `params: CategoryEditParams`

  - `account_id: string`

    Path param: Account ID.

  - `killChain?: number`

    Body param

  - `mitreAttack?: Array<string>`

    Body param

  - `mitreCapec?: Array<string>`

    Body param

  - `name?: string`

    Body param

  - `shortname?: string`

    Body param

### Returns

- `CategoryEditResponse`

  - `killChain: number`

  - `name: string`

  - `uuid: string`

  - `mitreAttack?: Array<string>`

  - `mitreCapec?: Array<string>`

  - `shortname?: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const response = await client.cloudforceOne.threatEvents.categories.edit(
  '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
  { account_id: 'account_id' },
);

console.log(response.uuid);
```

#### Response

```json
{
  "killChain": 0,
  "name": "name",
  "uuid": "12345678-1234-1234-1234-1234567890ab",
  "mitreAttack": [
    "T1234"
  ],
  "mitreCapec": [
    "123"
  ],
  "shortname": "shortname"
}
```

## Deletes a category

`client.cloudforceOne.threatEvents.categories.delete(stringcategoryId, CategoryDeleteParamsparams, RequestOptionsoptions?): CategoryDeleteResponse`

**delete** `/accounts/{account_id}/cloudforce-one/events/categories/{category_id}`

Deletes a category

### Parameters

- `categoryId: string`

  Category UUID.

- `params: CategoryDeleteParams`

  - `account_id: string`

    Account ID.

### Returns

- `CategoryDeleteResponse`

  - `uuid: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const category = await client.cloudforceOne.threatEvents.categories.delete(
  '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
  { account_id: 'account_id' },
);

console.log(category.uuid);
```

#### Response

```json
{
  "uuid": "12345678-1234-1234-1234-1234567890ab"
}
```

## Domain Types

### Category List Response

- `CategoryListResponse = Array<CategoryListResponseItem>`

  - `killChain: number`

  - `name: string`

  - `uuid: string`

  - `mitreAttack?: Array<string>`

  - `mitreCapec?: Array<string>`

  - `shortname?: string`

### Category Get Response

- `CategoryGetResponse`

  - `killChain: number`

  - `name: string`

  - `uuid: string`

  - `mitreAttack?: Array<string>`

  - `mitreCapec?: Array<string>`

  - `shortname?: string`

### Category Create Response

- `CategoryCreateResponse`

  - `killChain: number`

  - `name: string`

  - `uuid: string`

  - `mitreAttack?: Array<string>`

  - `mitreCapec?: Array<string>`

  - `shortname?: string`

### Category Edit Response

- `CategoryEditResponse`

  - `killChain: number`

  - `name: string`

  - `uuid: string`

  - `mitreAttack?: Array<string>`

  - `mitreCapec?: Array<string>`

  - `shortname?: string`

### Category Delete Response

- `CategoryDeleteResponse`

  - `uuid: string`

# Countries

## Retrieves countries information for all countries

`client.cloudforceOne.threatEvents.countries.list(CountryListParamsparams, RequestOptionsoptions?): CountryListResponse`

**get** `/accounts/{account_id}/cloudforce-one/events/countries`

Retrieves countries information for all countries

### Parameters

- `params: CountryListParams`

  - `account_id: string`

    Account ID.

### Returns

- `CountryListResponse = Array<CountryListResponseItem>`

  - `result: Array<Result>`

    - `alpha3: string`

    - `name: string`

  - `success: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const countries = await client.cloudforceOne.threatEvents.countries.list({
  account_id: 'account_id',
});

console.log(countries);
```

#### Response

```json
[
  {
    "result": [
      {
        "alpha3": "AF",
        "name": "Afghanistan"
      }
    ],
    "success": "true"
  }
]
```

## Domain Types

### Country List Response

- `CountryListResponse = Array<CountryListResponseItem>`

  - `result: Array<Result>`

    - `alpha3: string`

    - `name: string`

  - `success: string`

# Crons

# Datasets

## Lists all datasets in an account

`client.cloudforceOne.threatEvents.datasets.list(DatasetListParamsparams, RequestOptionsoptions?): DatasetListResponse`

**get** `/accounts/{account_id}/cloudforce-one/events/dataset`

Lists all datasets in an account

### Parameters

- `params: DatasetListParams`

  - `account_id: string`

    Account ID.

### Returns

- `DatasetListResponse = Array<DatasetListResponseItem>`

  - `isPublic: boolean`

  - `name: string`

  - `uuid: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const datasets = await client.cloudforceOne.threatEvents.datasets.list({
  account_id: 'account_id',
});

console.log(datasets);
```

#### Response

```json
[
  {
    "isPublic": true,
    "name": "friendly dataset name",
    "uuid": "12345678-1234-1234-1234-1234567890ab"
  }
]
```

## Reads a dataset

`client.cloudforceOne.threatEvents.datasets.get(stringdatasetId, DatasetGetParamsparams, RequestOptionsoptions?): DatasetGetResponse`

**get** `/accounts/{account_id}/cloudforce-one/events/dataset/{dataset_id}`

Reads a dataset

### Parameters

- `datasetId: string`

  Dataset ID.

- `params: DatasetGetParams`

  - `account_id: string`

    Account ID.

### Returns

- `DatasetGetResponse`

  - `isPublic: boolean`

  - `name: string`

  - `uuid: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const dataset = await client.cloudforceOne.threatEvents.datasets.get(
  '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
  { account_id: 'account_id' },
);

console.log(dataset.uuid);
```

#### Response

```json
{
  "isPublic": true,
  "name": "friendly dataset name",
  "uuid": "12345678-1234-1234-1234-1234567890ab"
}
```

## Creates a dataset

`client.cloudforceOne.threatEvents.datasets.create(DatasetCreateParamsparams, RequestOptionsoptions?): DatasetCreateResponse`

**post** `/accounts/{account_id}/cloudforce-one/events/dataset/create`

Creates a dataset

### Parameters

- `params: DatasetCreateParams`

  - `account_id: string`

    Path param: Account ID.

  - `isPublic: boolean`

    Body param: If true, then anyone can search the dataset. If false, then its limited to the account.

  - `name: string`

    Body param: Used to describe the dataset within the account context.

### Returns

- `DatasetCreateResponse`

  - `isPublic: boolean`

  - `name: string`

  - `uuid: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const dataset = await client.cloudforceOne.threatEvents.datasets.create({
  account_id: 'account_id',
  isPublic: true,
  name: 'x',
});

console.log(dataset.uuid);
```

#### Response

```json
{
  "isPublic": true,
  "name": "friendly dataset name",
  "uuid": "12345678-1234-1234-1234-1234567890ab"
}
```

## Updates an existing dataset

`client.cloudforceOne.threatEvents.datasets.edit(stringdatasetId, DatasetEditParamsparams, RequestOptionsoptions?): DatasetEditResponse`

**patch** `/accounts/{account_id}/cloudforce-one/events/dataset/{dataset_id}`

Updates an existing dataset

### Parameters

- `datasetId: string`

  Dataset ID.

- `params: DatasetEditParams`

  - `account_id: string`

    Path param: Account ID.

  - `isPublic: boolean`

    Body param: If true, then anyone can search the dataset. If false, then its limited to the account.

  - `name: string`

    Body param: Used to describe the dataset within the account context.

### Returns

- `DatasetEditResponse`

  - `isPublic: boolean`

  - `name: string`

  - `uuid: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const response = await client.cloudforceOne.threatEvents.datasets.edit(
  '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
  {
    account_id: 'account_id',
    isPublic: true,
    name: 'x',
  },
);

console.log(response.uuid);
```

#### Response

```json
{
  "isPublic": true,
  "name": "friendly dataset name",
  "uuid": "12345678-1234-1234-1234-1234567890ab"
}
```

## Reads raw data for an event by UUID

`client.cloudforceOne.threatEvents.datasets.raw(stringdatasetId, stringeventId, DatasetRawParamsparams, RequestOptionsoptions?): DatasetRawResponse`

**get** `/accounts/{account_id}/cloudforce-one/events/raw/{dataset_id}/{event_id}`

Retrieves the raw data associated with an event. Searches across all shards in the dataset.

### Parameters

- `datasetId: string`

  Dataset ID.

- `eventId: string`

  Event ID.

- `params: DatasetRawParams`

  - `account_id: string`

    Account ID.

### Returns

- `DatasetRawResponse`

  - `id: number`

  - `accountId: number`

  - `created: string`

  - `data: string`

  - `source: string`

  - `tlp: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const response = await client.cloudforceOne.threatEvents.datasets.raw('dataset_id', 'event_id', {
  account_id: 'account_id',
});

console.log(response.id);
```

#### Response

```json
{
  "id": 1,
  "accountId": 1234,
  "created": "1970-01-01T00:00:00.000Z",
  "data": "{\"foo\": \"bar\"}",
  "source": "https://example.com",
  "tlp": "amber"
}
```

## Domain Types

### Dataset List Response

- `DatasetListResponse = Array<DatasetListResponseItem>`

  - `isPublic: boolean`

  - `name: string`

  - `uuid: string`

### Dataset Get Response

- `DatasetGetResponse`

  - `isPublic: boolean`

  - `name: string`

  - `uuid: string`

### Dataset Create Response

- `DatasetCreateResponse`

  - `isPublic: boolean`

  - `name: string`

  - `uuid: string`

### Dataset Edit Response

- `DatasetEditResponse`

  - `isPublic: boolean`

  - `name: string`

  - `uuid: string`

### Dataset Raw Response

- `DatasetRawResponse`

  - `id: number`

  - `accountId: number`

  - `created: string`

  - `data: string`

  - `source: string`

  - `tlp: string`

# Health

# Indicator Types

## Lists all indicator types

`client.cloudforceOne.threatEvents.indicatorTypes.list(IndicatorTypeListParamsparams, RequestOptionsoptions?): IndicatorTypeListResponse`

**get** `/accounts/{account_id}/cloudforce-one/events/indicatorTypes`

This Method is deprecated. Please use /events/dataset/:dataset_id/indicatorTypes instead.

### Parameters

- `params: IndicatorTypeListParams`

  - `account_id: string`

    Account ID.

### Returns

- `IndicatorTypeListResponse`

  - `items: Items`

    - `type: string`

  - `type: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const indicatorTypes = await client.cloudforceOne.threatEvents.indicatorTypes.list({
  account_id: 'account_id',
});

console.log(indicatorTypes.items);
```

#### Response

```json
{
  "items": {
    "type": "string"
  },
  "type": "array"
}
```

## Domain Types

### Indicator Type List Response

- `IndicatorTypeListResponse`

  - `items: Items`

    - `type: string`

  - `type: string`

# Raw

## Reads data for a raw event

`client.cloudforceOne.threatEvents.raw.get(stringeventId, stringrawId, RawGetParamsparams, RequestOptionsoptions?): RawGetResponse`

**get** `/accounts/{account_id}/cloudforce-one/events/{event_id}/raw/{raw_id}`

Reads data for a raw event

### Parameters

- `eventId: string`

  Event UUID.

- `rawId: string`

  Raw Event UUID.

- `params: RawGetParams`

  - `account_id: string`

    Account ID.

### Returns

- `RawGetResponse`

  - `id: string`

  - `accountId: number`

  - `created: string`

  - `data: unknown`

  - `source: string`

  - `tlp: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const raw = await client.cloudforceOne.threatEvents.raw.get('event_id', 'raw_id', {
  account_id: 'account_id',
});

console.log(raw.id);
```

#### Response

```json
{
  "id": "1234",
  "accountId": 1234,
  "created": "1970-01-01",
  "data": {},
  "source": "https://example.com",
  "tlp": "amber"
}
```

## Updates a raw event

`client.cloudforceOne.threatEvents.raw.edit(stringeventId, stringrawId, RawEditParamsparams, RequestOptionsoptions?): RawEditResponse`

**patch** `/accounts/{account_id}/cloudforce-one/events/{event_id}/raw/{raw_id}`

Updates a raw event

### Parameters

- `eventId: string`

  Event UUID.

- `rawId: string`

  Raw Event UUID.

- `params: RawEditParams`

  - `account_id: string`

    Path param: Account ID.

  - `data?: unknown`

    Body param

  - `source?: string`

    Body param

  - `tlp?: string`

    Body param

### Returns

- `RawEditResponse`

  - `id: string`

  - `data: unknown`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const response = await client.cloudforceOne.threatEvents.raw.edit('event_id', 'raw_id', {
  account_id: 'account_id',
});

console.log(response.id);
```

#### Response

```json
{
  "id": "1234",
  "data": {}
}
```

## Domain Types

### Raw Get Response

- `RawGetResponse`

  - `id: string`

  - `accountId: number`

  - `created: string`

  - `data: unknown`

  - `source: string`

  - `tlp: string`

### Raw Edit Response

- `RawEditResponse`

  - `id: string`

  - `data: unknown`

# Relate

## Removes an event reference

`client.cloudforceOne.threatEvents.relate.delete(stringeventId, RelateDeleteParamsparams, RequestOptionsoptions?): RelateDeleteResponse`

**delete** `/accounts/{account_id}/cloudforce-one/events/relate/{event_id}`

Removes an event reference

### Parameters

- `eventId: string`

  Event UUID.

- `params: RelateDeleteParams`

  - `account_id: string`

    Account ID.

### Returns

- `RelateDeleteResponse`

  - `success: boolean`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const relate = await client.cloudforceOne.threatEvents.relate.delete('event_id', {
  account_id: 'account_id',
});

console.log(relate.success);
```

#### Response

```json
{
  "result": {
    "success": true
  },
  "success": true
}
```

## Domain Types

### Relate Delete Response

- `RelateDeleteResponse`

  - `success: boolean`

# Tags

## Creates a new tag

`client.cloudforceOne.threatEvents.tags.create(TagCreateParamsparams, RequestOptionsoptions?): TagCreateResponse`

**post** `/accounts/{account_id}/cloudforce-one/events/tags/create`

Creates a new tag to be used accross threat events.

### Parameters

- `params: TagCreateParams`

  - `account_id: string`

    Path param: Account ID.

  - `value: string`

    Body param

  - `activeDuration?: string`

    Body param

  - `actorCategory?: string`

    Body param

  - `aliasGroupNames?: Array<string>`

    Body param

  - `aliasGroupNamesInternal?: Array<string>`

    Body param

  - `analyticPriority?: number`

    Body param

  - `attributionConfidence?: string`

    Body param

  - `attributionOrganization?: string`

    Body param

  - `categoryUuid?: string`

    Body param

  - `externalReferenceLinks?: Array<string>`

    Body param

  - `internalDescription?: string`

    Body param

  - `motive?: string`

    Body param

  - `opsecLevel?: string`

    Body param

  - `originCountryISO?: string`

    Body param

  - `priority?: number`

    Body param

  - `sophisticationLevel?: string`

    Body param

### Returns

- `TagCreateResponse`

  - `uuid: string`

  - `value: string`

  - `activeDuration?: string`

  - `actorCategory?: string`

  - `aliasGroupNames?: Array<string>`

  - `aliasGroupNamesInternal?: Array<string>`

  - `analyticPriority?: number`

  - `attributionConfidence?: string`

  - `attributionOrganization?: string`

  - `categoryName?: string`

  - `categoryUuid?: string`

  - `externalReferenceLinks?: Array<string>`

  - `internalDescription?: string`

  - `motive?: string`

  - `opsecLevel?: string`

  - `originCountryISO?: string`

  - `priority?: number`

  - `sophisticationLevel?: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const tag = await client.cloudforceOne.threatEvents.tags.create({
  account_id: 'account_id',
  value: 'APT28',
});

console.log(tag.uuid);
```

#### Response

```json
{
  "uuid": "12345678-1234-1234-1234-1234567890ab",
  "value": "APT28",
  "activeDuration": "activeDuration",
  "actorCategory": "actorCategory",
  "aliasGroupNames": [
    "string"
  ],
  "aliasGroupNamesInternal": [
    "string"
  ],
  "analyticPriority": 0,
  "attributionConfidence": "attributionConfidence",
  "attributionOrganization": "attributionOrganization",
  "categoryName": "Nation State",
  "categoryUuid": "12345678-1234-1234-1234-1234567890ab",
  "externalReferenceLinks": [
    "string"
  ],
  "internalDescription": "internalDescription",
  "motive": "motive",
  "opsecLevel": "opsecLevel",
  "originCountryISO": "originCountryISO",
  "priority": 0,
  "sophisticationLevel": "sophisticationLevel"
}
```

## Domain Types

### Tag Create Response

- `TagCreateResponse`

  - `uuid: string`

  - `value: string`

  - `activeDuration?: string`

  - `actorCategory?: string`

  - `aliasGroupNames?: Array<string>`

  - `aliasGroupNamesInternal?: Array<string>`

  - `analyticPriority?: number`

  - `attributionConfidence?: string`

  - `attributionOrganization?: string`

  - `categoryName?: string`

  - `categoryUuid?: string`

  - `externalReferenceLinks?: Array<string>`

  - `internalDescription?: string`

  - `motive?: string`

  - `opsecLevel?: string`

  - `originCountryISO?: string`

  - `priority?: number`

  - `sophisticationLevel?: string`

# Event Tags

## Adds a tag to an event

`client.cloudforceOne.threatEvents.eventTags.create(stringeventId, EventTagCreateParamsparams, RequestOptionsoptions?): EventTagCreateResponse`

**post** `/accounts/{account_id}/cloudforce-one/events/event_tag/{event_id}/create`

Adds a tag to an event

### Parameters

- `eventId: string`

  Event UUID.

- `params: EventTagCreateParams`

  - `account_id: string`

    Path param: Account ID.

  - `tags: Array<string>`

    Body param

### Returns

- `EventTagCreateResponse`

  - `success: boolean`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const eventTag = await client.cloudforceOne.threatEvents.eventTags.create('event_id', {
  account_id: 'account_id',
  tags: ['botnet'],
});

console.log(eventTag.success);
```

#### Response

```json
{
  "result": {
    "success": true
  },
  "success": true
}
```

## Removes a tag from an event

`client.cloudforceOne.threatEvents.eventTags.delete(stringeventId, EventTagDeleteParamsparams, RequestOptionsoptions?): EventTagDeleteResponse`

**delete** `/accounts/{account_id}/cloudforce-one/events/event_tag/{event_id}`

Removes a tag from an event

### Parameters

- `eventId: string`

  Event UUID.

- `params: EventTagDeleteParams`

  - `account_id: string`

    Account ID.

### Returns

- `EventTagDeleteResponse`

  - `success: boolean`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const eventTag = await client.cloudforceOne.threatEvents.eventTags.delete('event_id', {
  account_id: 'account_id',
});

console.log(eventTag.success);
```

#### Response

```json
{
  "result": {
    "success": true
  },
  "success": true
}
```

## Domain Types

### Event Tag Create Response

- `EventTagCreateResponse`

  - `success: boolean`

### Event Tag Delete Response

- `EventTagDeleteResponse`

  - `success: boolean`

# Target Industries

## Lists target industries across multiple datasets

`client.cloudforceOne.threatEvents.targetIndustries.list(TargetIndustryListParamsparams, RequestOptionsoptions?): TargetIndustryListResponse`

**get** `/accounts/{account_id}/cloudforce-one/events/targetIndustries`

Lists target industries across multiple datasets

### Parameters

- `params: TargetIndustryListParams`

  - `account_id: string`

    Path param: Account ID.

  - `datasetIds?: Array<string>`

    Query param: Array of dataset IDs to query target industries from. If not provided, uses the default dataset.

### Returns

- `TargetIndustryListResponse`

  - `items: Items`

    - `type: string`

  - `type: string`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const targetIndustries = await client.cloudforceOne.threatEvents.targetIndustries.list({
  account_id: 'account_id',
});

console.log(targetIndustries.items);
```

#### Response

```json
{
  "items": {
    "type": "string"
  },
  "type": "array"
}
```

## Domain Types

### Target Industry List Response

- `TargetIndustryListResponse`

  - `items: Items`

    - `type: string`

  - `type: string`

# Insights