Skip to content
Cloudflare API
Start here
API Reference
Cloudforce One
Threat Events

Updates an event

cloudforce_one.threat_events.edit(strevent_id, ThreatEventEditParams**kwargs) -> ThreatEventEditResponse
PATCH/accounts/{account_id}/cloudforce-one/events/{event_id}

Updates an event

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY
Accepted Permissions (at least one required)
Cloudforce One Write
ParametersExpand Collapse
account_id: str

Account ID.

event_id: str

Event UUID.

dataset_id: str

Dataset ID containing the event to update.

attacker: Optional[str]
attacker_country: Optional[str]
category: Optional[str]
created_at: Optional[Union[str, datetime]]
formatdate-time
date: Optional[Union[str, datetime]]
formatdate-time
event: Optional[str]
indicator: Optional[str]
indicator_type: Optional[str]
insight: Optional[str]
raw: Optional[Raw]
data: Optional[Dict[str, object]]
source: Optional[str]
tlp: Optional[str]
target_country: Optional[str]
target_industry: Optional[str]
tlp: Optional[str]
ReturnsExpand Collapse
class ThreatEventEditResponse:
attacker: str
attacker_country: str
category: str
dataset_id: str
date: str
event: str
has_children: bool
indicator: str
indicator_type: str
indicator_type_id: float
kill_chain: float
mitre_attack: List[str]
mitre_capec: List[str]
num_referenced: float
num_references: float
raw_id: str
referenced: List[str]
referenced_ids: List[float]
references: List[str]
references_ids: List[float]
tags: List[str]
target_country: str
target_industry: str
tlp: str
uuid: str
insight: Optional[str]
releasability_id: Optional[str]

Updates an event

import os
from cloudflare import Cloudflare

client = Cloudflare(
    api_token=os.environ.get("CLOUDFLARE_API_TOKEN"),  # This is the default and can be omitted
)
response = client.cloudforce_one.threat_events.edit(
    event_id="event_id",
    account_id="account_id",
    dataset_id="9b769969-a211-466c-8ac3-cb91266a066a",
)
print(response.uuid)
{
  "attacker": "Flying Yeti",
  "attackerCountry": "CN",
  "category": "Domain Resolution",
  "datasetId": "dataset-example-id",
  "date": "2022-04-01T00:00:00Z",
  "event": "An attacker registered the domain domain.com",
  "hasChildren": true,
  "indicator": "domain.com",
  "indicatorType": "domain",
  "indicatorTypeId": 5,
  "killChain": 0,
  "mitreAttack": [
    " "
  ],
  "mitreCapec": [
    " "
  ],
  "numReferenced": 0,
  "numReferences": 0,
  "rawId": "453gw34w3",
  "referenced": [
    " "
  ],
  "referencedIds": [
    0
  ],
  "references": [
    " "
  ],
  "referencesIds": [
    0
  ],
  "tags": [
    "malware"
  ],
  "targetCountry": "US",
  "targetIndustry": "Agriculture",
  "tlp": "amber",
  "uuid": "12345678-1234-1234-1234-1234567890ab",
  "insight": "insight",
  "releasabilityId": "releasabilityId"
}
Returns Examples
{
  "attacker": "Flying Yeti",
  "attackerCountry": "CN",
  "category": "Domain Resolution",
  "datasetId": "dataset-example-id",
  "date": "2022-04-01T00:00:00Z",
  "event": "An attacker registered the domain domain.com",
  "hasChildren": true,
  "indicator": "domain.com",
  "indicatorType": "domain",
  "indicatorTypeId": 5,
  "killChain": 0,
  "mitreAttack": [
    " "
  ],
  "mitreCapec": [
    " "
  ],
  "numReferenced": 0,
  "numReferences": 0,
  "rawId": "453gw34w3",
  "referenced": [
    " "
  ],
  "referencedIds": [
    0
  ],
  "references": [
    " "
  ],
  "referencesIds": [
    0
  ],
  "tags": [
    "malware"
  ],
  "targetCountry": "US",
  "targetIndustry": "Agriculture",
  "tlp": "amber",
  "uuid": "12345678-1234-1234-1234-1234567890ab",
  "insight": "insight",
  "releasabilityId": "releasabilityId"
}