API Reference

Magic Network Monitoring

Rules

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

List rules

GET/accounts/{account_id}/mnm/rules

Lists network monitoring rules for account.

Security

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Magic Network Monitoring AdminMagic Network Monitoring Config WriteMagic Network Monitoring Config Read

Path ParametersExpand Collapse

account_id: string

ReturnsExpand Collapse

errors: array of ResponseInfo { code, message, documentation_url, source }

code: number

minimum1000

message: string

documentation_url: optional string

source: optional object { pointer }

pointer: optional string

messages: array of ResponseInfo { code, message, documentation_url, source }

code: number

minimum1000

message: string

documentation_url: optional string

source: optional object { pointer }

pointer: optional string

result: array of MagicNetworkMonitoringRule { automatic_advertisement, name, prefixes, 8 more }

automatic_advertisement: boolean

Toggle on if you would like Cloudflare to automatically advertise the IP Prefixes within the rule via Magic Transit when the rule is triggered. Only available for users of Magic Transit.

name: string

The name of the rule. Must be unique. Supports characters A-Z, a-z, 0-9, underscore (_), dash (-), period (.), and tilde (~). You can’t have a space in the rule name. Max 256 characters.

prefixes: array of string

type: "threshold" or "zscore" or "advanced_ddos"

MNM rule type.

One of the following:

"threshold"

"zscore"

"advanced_ddos"

id: optional string

The id of the rule. Must be unique.

bandwidth_threshold: optional number

The number of bits per second for the rule. When this value is exceeded for the set duration, an alert notification is sent. Minimum of 1 and no maximum.

minimum1

duration: optional "1m" or "5m" or "10m" or 5 more

The amount of time that the rule threshold must be exceeded to send an alert notification. The final value must be equivalent to one of the following 8 values ["1m","5m","10m","15m","20m","30m","45m","60m"].

One of the following:

"1m"

"5m"

"10m"

"15m"

"20m"

"30m"

"45m"

"60m"

packet_threshold: optional number

The number of packets per second for the rule. When this value is exceeded for the set duration, an alert notification is sent. Minimum of 1 and no maximum.

minimum1

prefix_match: optional "exact" or "subnet" or "supernet"

Prefix match type to be applied for a prefix auto advertisement when using an advanced_ddos rule.

One of the following:

"exact"

"subnet"

"supernet"

zscore_sensitivity: optional "low" or "medium" or "high"

Level of sensitivity set for zscore rules.

One of the following:

"low"

"medium"

"high"

zscore_target: optional "bits" or "packets"

Target of the zscore rule analysis.

One of the following:

"bits"

"packets"

success: true

Whether the API call was successful

result_info: optional object { count, page, per_page, total_count }

count: optional number

Total number of results for the requested service

page: optional number

Current page within paginated list of results

per_page: optional number

Number of results per page of results

total_count: optional number

Total results available without any search parameters

List rules

HTTP

HTTP

TypeScript

Python

Go

Terraform

curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/mnm/rules \
    -H "X-Auth-Email: $CLOUDFLARE_EMAIL" \
    -H "X-Auth-Key: $CLOUDFLARE_API_KEY"

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": [
    {
      "automatic_advertisement": true,
      "name": "my_rule_1",
      "prefixes": [
        "203.0.113.1/32"
      ],
      "type": "zscore",
      "id": "2890e6fa406311ed9b5a23f70f6fb8cf",
      "bandwidth_threshold": 1000,
      "duration": "1m",
      "packet_threshold": 10000,
      "prefix_match": "exact",
      "zscore_sensitivity": "high",
      "zscore_target": "bits"
    }
  ],
  "success": true,
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000
  }
}

Returns Examples

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": [
    {
      "automatic_advertisement": true,
      "name": "my_rule_1",
      "prefixes": [
        "203.0.113.1/32"
      ],
      "type": "zscore",
      "id": "2890e6fa406311ed9b5a23f70f6fb8cf",
      "bandwidth_threshold": 1000,
      "duration": "1m",
      "packet_threshold": 10000,
      "prefix_match": "exact",
      "zscore_sensitivity": "high",
      "zscore_target": "bits"
    }
  ],
  "success": true,
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000
  }
}