Cloudflare API | Cloudforce One › Requests

curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/cloudforce-one/requests \
    -H 'Content-Type: application/json' \
    -H "X-Auth-Email: $CLOUDFLARE_EMAIL" \
    -H "X-Auth-Key: $CLOUDFLARE_API_KEY" \
    -d '{
          "page": 0,
          "per_page": 10,
          "completed_after": "2022-01-01T00:00:00Z",
          "completed_before": "2024-01-01T00:00:00Z",
          "created_after": "2022-01-01T00:00:00Z",
          "created_before": "2024-01-01T00:00:00Z",
          "request_type": "Victomology",
          "sort_by": "created"
        }'

200Example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": [
    {
      "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
      "created": "2022-04-01T00:00:00Z",
      "priority": "routine",
      "request": "Victomology",
      "summary": "DoS attack",
      "tlp": "clear",
      "updated": "2022-04-01T00:00:00Z",
      "completed": "2024-01-01T00:00:00Z",
      "message_tokens": 16,
      "readable_id": "RFI-2022-000001",
      "status": "open",
      "tokens": 0
    }
  ]
}

Get A Request -> Envelope<

Item

get/accounts/{account_id}/cloudforce-one/requests/{request_id}

Get a Request

Create A New Request -> Envelope<

Item

post/accounts/{account_id}/cloudforce-one/requests/new

Creating a request adds the request into the Cloudforce One queue for analysis. In addition to the content, a short title, type, priority, and releasability should be provided. If one is not provided, a default will be assigned.

Update A Request -> Envelope<

Item

put/accounts/{account_id}/cloudforce-one/requests/{request_id}

Updating a request alters the request in the Cloudforce One queue. This API may be used to update any attributes of the request after the initial submission. Only fields that you choose to update need to be add to the request body.

Delete A Request -> { errors, messages, success }

delete/accounts/{account_id}/cloudforce-one/requests/{request_id}

Delete a Request

Get Request Quota -> Envelope<

Quota

get/accounts/{account_id}/cloudforce-one/requests/quota

Get Request Quota

Get Request Types -> SinglePage<string>

get/accounts/{account_id}/cloudforce-one/requests/types

Get Request Types

Get Request Priority Status And TLP Constants -> Envelope<

RequestConstants

get/accounts/{account_id}/cloudforce-one/requests/constants

Get Request Priority, Status, and TLP constants

Domain types

Item = { id, content, created, 10 more... }

ListItem = { id, created, priority, 9 more... }

Quota = { anniversary_date, quarter_anniversary_date, quota, 1 more... }

RequestConstants = { priority, status, tlp }

RequestTypes = Array<string>

Cloudforce One Requests

Assets

cloudforce_one.requests.assets

Methods

Get A Request Asset -> SinglePage<{ id, name, created, 2 more... }>

get/accounts/{account_id}/cloudforce-one/requests/{request_id}/asset/{asset_id}

Get a Request Asset

List Request Assets -> SinglePage<{ id, name, created, 2 more... }>

post/accounts/{account_id}/cloudforce-one/requests/{request_id}/asset

List Request Assets

Update A Request Asset -> Envelope<{ id, name, created, 2 more... }>

put/accounts/{account_id}/cloudforce-one/requests/{request_id}/asset/{asset_id}

Update a Request Asset

Delete A Request Asset -> { errors, messages, success }

delete/accounts/{account_id}/cloudforce-one/requests/{request_id}/asset/{asset_id}

Delete a Request Asset

Cloudforce One Requests

Message

cloudforce_one.requests.message

Methods

List Request Messages -> SinglePage<

Message

post/accounts/{account_id}/cloudforce-one/requests/{request_id}/message

List Request Messages

Create A New Request Message -> Envelope<

Message

post/accounts/{account_id}/cloudforce-one/requests/{request_id}/message/new

Create a New Request Message

Update A Request Message -> Envelope<

Message

put/accounts/{account_id}/cloudforce-one/requests/{request_id}/message/{message_id}

Update a Request Message

Delete A Request Message -> { errors, messages, success }

delete/accounts/{account_id}/cloudforce-one/requests/{request_id}/message/{message_id}

Delete a Request Message

Domain types

Message = { id, author, content, 3 more... }

Cloudforce One Requests

Priority

cloudforce_one.requests.priority

Methods

Get A Priority Intelligence Requirement -> Envelope<

Item

get/accounts/{account_id}/cloudforce-one/requests/priority/{priority_id}

Get a Priority Intelligence Requirement

Create A New Priority Intelligence Requirement -> Envelope<

Priority

post/accounts/{account_id}/cloudforce-one/requests/priority/new

Create a New Priority Intelligence Requirement

Update A Priority Intelligence Requirement -> Envelope<

Item

put/accounts/{account_id}/cloudforce-one/requests/priority/{priority_id}

Update a Priority Intelligence Requirement

Delete A Priority Intelligence Requirement -> { errors, messages, success }

delete/accounts/{account_id}/cloudforce-one/requests/priority/{priority_id}

Delete a Priority Intelligence Requirement

Get Priority Intelligence Requirement Quota -> Envelope<

Quota

get/accounts/{account_id}/cloudforce-one/requests/priority/quota

Get Priority Intelligence Requirement Quota

Domain types

Label = string

Priority = { id, created, labels, 4 more... }

PriorityEdit = { labels, priority, requirement, 1 more... }

Cloudforce One

Scans

cloudforce_one.scans

Cloudforce One Scans

Config

cloudforce_one.scans.config

Methods

List Scan Configs -> SinglePage<{ id, account_id, frequency, 2 more... }>

get/accounts/{account_id}/cloudforce-one/scans/config

List Scan Configs

Create A New Scan Config -> Envelope<{ id, account_id, frequency, 2 more... }>

post/accounts/{account_id}/cloudforce-one/scans/config

Create a new Scan Config

Update An Existing Scan Config -> Envelope<{ id, account_id, frequency, 2 more... }>

patch/accounts/{account_id}/cloudforce-one/scans/config/{config_id}

Update an existing Scan Config

Delete A Scan Config -> Envelope<unknown>

delete/accounts/{account_id}/cloudforce-one/scans/config/{config_id}

Delete a Scan Config

Cloudforce One Scans

Results

cloudforce_one.scans.results

Methods

Get The Latest Scan Result -> Envelope<{ 1.1.1.1 }>

get/accounts/{account_id}/cloudforce-one/scans/results/{config_id}

Get the Latest Scan Result

Domain types

ScanResult = { number, proto, status }

Cloudforce One

Threat Events

cloudforce_one.threat_events

Methods

Filter And List Events -> Array<{ attacker, attackerCountry, category, 21 more... }>

get/accounts/{account_id}/cloudforce-one/events

When datasetId is unspecified, events will be listed from the Cloudforce One Threat Events dataset. To list existing datasets (and their IDs), use the List Datasets endpoint). Also, must provide query parameters.

Reads An Event -> { attacker, attackerCountry, category, 21 more... }

Deprecated

get/accounts/{account_id}/cloudforce-one/events/{event_id}

This Method is deprecated. Please use /events/dataset/:dataset_id/events/:event_id instead.

Creates A New Event -> { attacker, attackerCountry, category, 21 more... }

post/accounts/{account_id}/cloudforce-one/events/create

To create a dataset, see the Create Dataset endpoint. When datasetId parameter is unspecified, it will be created in a default dataset named Cloudforce One Threat Events.

Updates An Event -> { attacker, attackerCountry, category, 21 more... }

patch/accounts/{account_id}/cloudforce-one/events/{event_id}

Updates an event

Deletes An Event -> { uuid }

delete/accounts/{account_id}/cloudforce-one/events/{event_id}

The datasetId parameter must be defined. To list existing datasets (and their IDs) in your account, use the List Datasets endpoint.

Creates Bulk Events -> number

post/accounts/{account_id}/cloudforce-one/events/create/bulk

The datasetId parameter must be defined. To list existing datasets (and their IDs) in your account, use the List Datasets endpoint.

Cloudforce One Threat Events

Attackers

cloudforce_one.threat_events.attackers

Methods

Lists Attackers -> { items, type }

get/accounts/{account_id}/cloudforce-one/events/attackers

Lists attackers

Countries

cloudforce_one.threat_events.countries

Methods

Retrieves Countries Information For All Countries -> Array<{ result, success }>

get/accounts/{account_id}/cloudforce-one/events/countries

Retrieves countries information for all countries

Cloudforce One Threat Events

Crons

cloudforce_one.threat_events.crons

Cloudforce One Threat Events

Datasets

cloudforce_one.threat_events.datasets

Methods

Lists All Datasets In An Account -> Array<{ isPublic, name, uuid }>

get/accounts/{account_id}/cloudforce-one/events/dataset

Lists all datasets in an account

Reads A Dataset -> { isPublic, name, uuid }

get/accounts/{account_id}/cloudforce-one/events/dataset/{dataset_id}

Reads a dataset

Creates A Dataset -> { isPublic, name, uuid }

post/accounts/{account_id}/cloudforce-one/events/dataset/create

Creates a dataset

Updates An Existing Dataset -> { isPublic, name, uuid }

patch/accounts/{account_id}/cloudforce-one/events/dataset/{dataset_id}

Updates an existing dataset

Reads Data For A Raw Event -> { id, accountId, created, 3 more... }

get/accounts/{account_id}/cloudforce-one/events/raw/{dataset_id}/{event_id}

Reads data for a raw event

Cloudforce One Threat Events Datasets

Health

cloudforce_one.threat_events.datasets.health

Cloudforce One Threat Events

Event Tags

cloudforce_one.threat_events.event_tags

Methods

Adds A Tag To An Event -> Envelope<{ success }>

post/accounts/{account_id}/cloudforce-one/events/event_tag/{event_id}/create

Adds a tag to an event

Removes A Tag From An Event -> Envelope<{ success }>

delete/accounts/{account_id}/cloudforce-one/events/event_tag/{event_id}

Removes a tag from an event

Cloudforce One Threat Events

Indicator Types

cloudforce_one.threat_events.indicator_types

Methods

Lists All Indicator Types -> { items, type }

Deprecated

get/accounts/{account_id}/cloudforce-one/events/indicatorTypes

This Method is deprecated. Please use /events/dataset/:dataset_id/indicatorTypes instead.

Cloudforce One Threat Events

Insights

cloudforce_one.threat_events.insights

Cloudforce One Threat Events

Raw

cloudforce_one.threat_events.raw

Methods

Reads Data For A Raw Event -> { id, accountId, created, 3 more... }

get/accounts/{account_id}/cloudforce-one/events/{event_id}/raw/{raw_id}

Reads data for a raw event

Updates A Raw Event -> { id, data }

patch/accounts/{account_id}/cloudforce-one/events/{event_id}/raw/{raw_id}

Updates a raw event

Cloudforce One Threat Events

Relate

cloudforce_one.threat_events.relate

Methods

Removes An Event Reference -> Envelope<{ success }>

delete/accounts/{account_id}/cloudforce-one/events/relate/{event_id}

Removes an event reference

Cloudforce One Threat Events

Target Industries

cloudforce_one.threat_events.target_industries

Methods

Lists All Target Industries -> { items, type }

get/accounts/{account_id}/cloudforce-one/events/targetIndustries

Lists all target industries

Cloudforce One

Binary Storage

Requests

Assets

Message

Priority

Scans

Config

Results

Threat Events

Attackers

Categories

Countries

Crons

Datasets

Health

Event Tags

Indicator Types

Insights

Raw

Relate

Tags

Target Industries