## Get email security summary by dimension

**get** `/radar/email/security/summary/{dimension}`

Retrieves the distribution of email security metrics by the specified dimension.

### Path Parameters

- `dimension: "SPAM" or "MALICIOUS" or "SPOOF" or 6 more`

  Specifies the attribute by which to group the results.

  - `"SPAM"`

  - `"MALICIOUS"`

  - `"SPOOF"`

  - `"THREAT_CATEGORY"`

  - `"ARC"`

  - `"DKIM"`

  - `"DMARC"`

  - `"SPF"`

  - `"TLS_VERSION"`

### Query Parameters

- `arc: optional array of "PASS" or "NONE" or "FAIL"`

  Filters results by ARC (Authenticated Received Chain) validation.

  - `"PASS"`

  - `"NONE"`

  - `"FAIL"`

- `dateEnd: optional array of string`

  End of the date range (inclusive).

- `dateRange: optional array of string`

  Filters results by date range. For example, use `7d` and `7dcontrol` to compare this week with the previous week. Use this parameter or set specific start and end dates (`dateStart` and `dateEnd` parameters).

- `dateStart: optional array of string`

  Start of the date range.

- `dkim: optional array of "PASS" or "NONE" or "FAIL"`

  Filters results by DKIM (DomainKeys Identified Mail) validation status.

  - `"PASS"`

  - `"NONE"`

  - `"FAIL"`

- `dmarc: optional array of "PASS" or "NONE" or "FAIL"`

  Filters results by DMARC (Domain-based Message Authentication, Reporting and Conformance) validation status.

  - `"PASS"`

  - `"NONE"`

  - `"FAIL"`

- `format: optional "JSON" or "CSV"`

  Format in which results will be returned.

  - `"JSON"`

  - `"CSV"`

- `limitPerGroup: optional number`

  Limits the number of objects per group to the top items within the specified time range. When item count exceeds the limit, extra items appear grouped under an "other" category.

- `name: optional array of string`

  Array of names used to label the series in the response.

- `spf: optional array of "PASS" or "NONE" or "FAIL"`

  Filters results by SPF (Sender Policy Framework) validation status.

  - `"PASS"`

  - `"NONE"`

  - `"FAIL"`

- `tlsVersion: optional array of "TLSv1_0" or "TLSv1_1" or "TLSv1_2" or "TLSv1_3"`

  Filters results by TLS version.

  - `"TLSv1_0"`

  - `"TLSv1_1"`

  - `"TLSv1_2"`

  - `"TLSv1_3"`

### Returns

- `result:  { meta, summary_0 }`

  - `meta:  { confidenceInfo, dateRange, lastUpdated, 2 more }`

    Metadata for the results.

    - `confidenceInfo:  { annotations, level }`

      - `annotations: array of  { dataSource, description, endDate, 4 more }`

        - `dataSource: "ALL" or "AI_BOTS" or "AI_GATEWAY" or 22 more`

          Data source for annotations.

          - `"ALL"`

          - `"AI_BOTS"`

          - `"AI_GATEWAY"`

          - `"BGP"`

          - `"BOTS"`

          - `"CONNECTION_ANOMALY"`

          - `"CT"`

          - `"DNS"`

          - `"DNS_MAGNITUDE"`

          - `"DNS_AS112"`

          - `"DOS"`

          - `"EMAIL_ROUTING"`

          - `"EMAIL_SECURITY"`

          - `"FW"`

          - `"FW_PG"`

          - `"HTTP"`

          - `"HTTP_CONTROL"`

          - `"HTTP_CRAWLER_REFERER"`

          - `"HTTP_ORIGINS"`

          - `"IQI"`

          - `"LEAKED_CREDENTIALS"`

          - `"NET"`

          - `"ROBOTS_TXT"`

          - `"SPEED"`

          - `"WORKERS_AI"`

        - `description: string`

        - `endDate: string`

        - `eventType: "EVENT" or "GENERAL" or "OUTAGE" or 3 more`

          Event type for annotations.

          - `"EVENT"`

          - `"GENERAL"`

          - `"OUTAGE"`

          - `"PARTIAL_PROJECTION"`

          - `"PIPELINE"`

          - `"TRAFFIC_ANOMALY"`

        - `isInstantaneous: boolean`

          Whether event is a single point in time or a time range.

        - `linkedUrl: string`

        - `startDate: string`

      - `level: number`

        Provides an indication of how much confidence Cloudflare has in the data.

    - `dateRange: array of  { endTime, startTime }`

      - `endTime: string`

        Adjusted end of date range.

      - `startTime: string`

        Adjusted start of date range.

    - `lastUpdated: string`

      Timestamp of the last dataset update.

    - `normalization: "PERCENTAGE" or "MIN0_MAX" or "MIN_MAX" or 5 more`

      Normalization method applied to the results. Refer to [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/).

      - `"PERCENTAGE"`

      - `"MIN0_MAX"`

      - `"MIN_MAX"`

      - `"RAW_VALUES"`

      - `"PERCENTAGE_CHANGE"`

      - `"ROLLING_AVERAGE"`

      - `"OVERLAPPED_PERCENTAGE"`

      - `"RATIO"`

    - `units: array of  { name, value }`

      Measurement units for the results.

      - `name: string`

      - `value: string`

  - `summary_0: map[string]`

- `success: boolean`

### Example

```http
curl https://api.cloudflare.com/client/v4/radar/email/security/summary/$DIMENSION \
    -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN"
```

#### Response

```json
{
  "result": {
    "meta": {
      "confidenceInfo": {
        "annotations": [
          {
            "dataSource": "ALL",
            "description": "Cable cut in Tonga",
            "endDate": "2019-12-27T18:11:19.117Z",
            "eventType": "EVENT",
            "isInstantaneous": true,
            "linkedUrl": "https://example.com",
            "startDate": "2019-12-27T18:11:19.117Z"
          }
        ],
        "level": 0
      },
      "dateRange": [
        {
          "endTime": "2022-09-17T10:22:57.555Z",
          "startTime": "2022-09-16T10:22:57.555Z"
        }
      ],
      "lastUpdated": "2019-12-27T18:11:19.117Z",
      "normalization": "PERCENTAGE",
      "units": [
        {
          "name": "*",
          "value": "requests"
        }
      ]
    },
    "summary_0": {
      "FAIL": "25.084366",
      "PASS": "50.168733"
    }
  },
  "success": true
}
```