# Insights ## Retrieves Security Center Insights **get** `/{accounts_or_zones}/{account_or_zone_id}/security-center/insights` Lists all Security Center insights for the account or zone, showing security findings and recommendations. ### Path Parameters - `account_id: optional string` The Account ID to use for this endpoint. Mutually exclusive with the Zone ID. - `zone_id: optional string` The Zone ID to use for this endpoint. Mutually exclusive with the Account ID. ### Query Parameters - `dismissed: optional boolean` - `issue_class: optional array of string` - `"issue_class~neq": optional array of string` - `issue_type: optional array of IssueType` - `"compliance_violation"` - `"email_security"` - `"exposed_infrastructure"` - `"insecure_configuration"` - `"weak_authentication"` - `"configuration_suggestion"` - `"issue_type~neq": optional array of IssueType` - `"compliance_violation"` - `"email_security"` - `"exposed_infrastructure"` - `"insecure_configuration"` - `"weak_authentication"` - `"configuration_suggestion"` - `page: optional number` Specifies the current page within paginated list of results. - `per_page: optional number` Sets the number of results per page of results. - `product: optional array of string` - `"product~neq": optional array of string` - `severity: optional array of SeverityQueryParam` - `"low"` - `"moderate"` - `"critical"` - `"severity~neq": optional array of SeverityQueryParam` - `"low"` - `"moderate"` - `"critical"` - `subject: optional array of string` - `"subject~neq": optional array of string` ### Returns - `errors: array of object { code, message, documentation_url, source }` - `code: number` - `message: string` - `documentation_url: optional string` - `source: optional object { pointer }` - `pointer: optional string` - `messages: array of object { code, message, documentation_url, source }` - `code: number` - `message: string` - `documentation_url: optional string` - `source: optional object { pointer }` - `pointer: optional string` - `success: true` Whether the API call was successful. - `true` - `result: optional object { count, issues, page, per_page }` - `count: optional number` Indicates the total number of results. - `issues: optional array of object { id, dismissed, issue_class, 8 more }` - `id: optional string` - `dismissed: optional boolean` - `issue_class: optional string` - `issue_type: optional IssueType` - `"compliance_violation"` - `"email_security"` - `"exposed_infrastructure"` - `"insecure_configuration"` - `"weak_authentication"` - `"configuration_suggestion"` - `payload: optional object { detection_method, zone_tag }` - `detection_method: optional string` Describes the method used to detect insight. - `zone_tag: optional string` - `resolve_link: optional string` - `resolve_text: optional string` - `severity: optional "Low" or "Moderate" or "Critical"` - `"Low"` - `"Moderate"` - `"Critical"` - `since: optional string` - `subject: optional string` - `timestamp: optional string` - `page: optional number` Specifies the current page within paginated list of results. - `per_page: optional number` Sets the number of results per page of results. ### Example ```http curl https://api.cloudflare.com/client/v4/$ACCOUNTS_OR_ZONES/$ACCOUNT_OR_ZONE_ID/security-center/insights \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "count": 1, "issues": [ { "id": "id", "dismissed": false, "issue_class": "always_use_https_not_enabled", "issue_type": "compliance_violation", "payload": { "detection_method": "We detected security rules referencing multiple IP addresses directly in the rules.", "zone_tag": "zone_tag" }, "resolve_link": "resolve_link", "resolve_text": "resolve_text", "severity": "Low", "since": "2019-12-27T18:11:19.117Z", "subject": "example.com", "timestamp": "2019-12-27T18:11:19.117Z" } ], "page": 1, "per_page": 25 } } ``` ## Archives Security Center Insight **put** `/{accounts_or_zones}/{account_or_zone_id}/security-center/insights/{issue_id}/dismiss` Archives a Security Center insight for an account or zone, removing it from the active insights list while preserving historical data. ### Path Parameters - `issue_id: string` - `account_id: optional string` The Account ID to use for this endpoint. Mutually exclusive with the Zone ID. - `zone_id: optional string` The Zone ID to use for this endpoint. Mutually exclusive with the Account ID. ### Body Parameters - `dismiss: optional boolean` ### Returns - `errors: array of object { code, message, documentation_url, source }` - `code: number` - `message: string` - `documentation_url: optional string` - `source: optional object { pointer }` - `pointer: optional string` - `messages: array of object { code, message, documentation_url, source }` - `code: number` - `message: string` - `documentation_url: optional string` - `source: optional object { pointer }` - `pointer: optional string` - `success: true` Whether the API call was successful. - `true` ### Example ```http curl https://api.cloudflare.com/client/v4/$ACCOUNTS_OR_ZONES/$ACCOUNT_OR_ZONE_ID/security-center/insights/$ISSUE_ID/dismiss \ -X PUT \ -H 'Content-Type: application/json' \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -d '{}' ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true } ``` ## Domain Types ### Insight List Response - `InsightListResponse = object { count, issues, page, per_page }` - `count: optional number` Indicates the total number of results. - `issues: optional array of object { id, dismissed, issue_class, 8 more }` - `id: optional string` - `dismissed: optional boolean` - `issue_class: optional string` - `issue_type: optional IssueType` - `"compliance_violation"` - `"email_security"` - `"exposed_infrastructure"` - `"insecure_configuration"` - `"weak_authentication"` - `"configuration_suggestion"` - `payload: optional object { detection_method, zone_tag }` - `detection_method: optional string` Describes the method used to detect insight. - `zone_tag: optional string` - `resolve_link: optional string` - `resolve_text: optional string` - `severity: optional "Low" or "Moderate" or "Critical"` - `"Low"` - `"Moderate"` - `"Critical"` - `since: optional string` - `subject: optional string` - `timestamp: optional string` - `page: optional number` Specifies the current page within paginated list of results. - `per_page: optional number` Sets the number of results per page of results. ### Insight Dismiss Response - `InsightDismissResponse = object { errors, messages, success }` - `errors: array of object { code, message, documentation_url, source }` - `code: number` - `message: string` - `documentation_url: optional string` - `source: optional object { pointer }` - `pointer: optional string` - `messages: array of object { code, message, documentation_url, source }` - `code: number` - `message: string` - `documentation_url: optional string` - `source: optional object { pointer }` - `pointer: optional string` - `success: true` Whether the API call was successful. - `true` # Class ## Retrieves Security Center Insight Counts by Class **get** `/{accounts_or_zones}/{account_or_zone_id}/security-center/insights/class` Retrieves Security Center insight counts aggregated by classification class. ### Path Parameters - `account_id: optional string` The Account ID to use for this endpoint. Mutually exclusive with the Zone ID. - `zone_id: optional string` The Zone ID to use for this endpoint. Mutually exclusive with the Account ID. ### Query Parameters - `dismissed: optional boolean` - `issue_class: optional array of string` - `"issue_class~neq": optional array of string` - `issue_type: optional array of IssueType` - `"compliance_violation"` - `"email_security"` - `"exposed_infrastructure"` - `"insecure_configuration"` - `"weak_authentication"` - `"configuration_suggestion"` - `"issue_type~neq": optional array of IssueType` - `"compliance_violation"` - `"email_security"` - `"exposed_infrastructure"` - `"insecure_configuration"` - `"weak_authentication"` - `"configuration_suggestion"` - `product: optional array of string` - `"product~neq": optional array of string` - `severity: optional array of SeverityQueryParam` - `"low"` - `"moderate"` - `"critical"` - `"severity~neq": optional array of SeverityQueryParam` - `"low"` - `"moderate"` - `"critical"` - `subject: optional array of string` - `"subject~neq": optional array of string` ### Returns - `errors: array of object { code, message, documentation_url, source }` - `code: number` - `message: string` - `documentation_url: optional string` - `source: optional object { pointer }` - `pointer: optional string` - `messages: array of object { code, message, documentation_url, source }` - `code: number` - `message: string` - `documentation_url: optional string` - `source: optional object { pointer }` - `pointer: optional string` - `success: true` Whether the API call was successful. - `true` - `result: optional array of object { count, value }` - `count: optional number` - `value: optional string` ### Example ```http curl https://api.cloudflare.com/client/v4/$ACCOUNTS_OR_ZONES/$ACCOUNT_OR_ZONE_ID/security-center/insights/class \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "count": 1, "value": "value" } ] } ``` ## Domain Types ### Class Get Response - `ClassGetResponse = array of object { count, value }` - `count: optional number` - `value: optional string` # Severity ## Retrieves Security Center Insight Counts by Severity **get** `/{accounts_or_zones}/{account_or_zone_id}/security-center/insights/severity` Retrieves Security Center insight counts aggregated by severity level (critical, high, medium, low). ### Path Parameters - `account_id: optional string` The Account ID to use for this endpoint. Mutually exclusive with the Zone ID. - `zone_id: optional string` The Zone ID to use for this endpoint. Mutually exclusive with the Account ID. ### Query Parameters - `dismissed: optional boolean` - `issue_class: optional array of string` - `"issue_class~neq": optional array of string` - `issue_type: optional array of IssueType` - `"compliance_violation"` - `"email_security"` - `"exposed_infrastructure"` - `"insecure_configuration"` - `"weak_authentication"` - `"configuration_suggestion"` - `"issue_type~neq": optional array of IssueType` - `"compliance_violation"` - `"email_security"` - `"exposed_infrastructure"` - `"insecure_configuration"` - `"weak_authentication"` - `"configuration_suggestion"` - `product: optional array of string` - `"product~neq": optional array of string` - `severity: optional array of SeverityQueryParam` - `"low"` - `"moderate"` - `"critical"` - `"severity~neq": optional array of SeverityQueryParam` - `"low"` - `"moderate"` - `"critical"` - `subject: optional array of string` - `"subject~neq": optional array of string` ### Returns - `errors: array of object { code, message, documentation_url, source }` - `code: number` - `message: string` - `documentation_url: optional string` - `source: optional object { pointer }` - `pointer: optional string` - `messages: array of object { code, message, documentation_url, source }` - `code: number` - `message: string` - `documentation_url: optional string` - `source: optional object { pointer }` - `pointer: optional string` - `success: true` Whether the API call was successful. - `true` - `result: optional array of object { count, value }` - `count: optional number` - `value: optional string` ### Example ```http curl https://api.cloudflare.com/client/v4/$ACCOUNTS_OR_ZONES/$ACCOUNT_OR_ZONE_ID/security-center/insights/severity \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "count": 1, "value": "value" } ] } ``` ## Domain Types ### Severity Get Response - `SeverityGetResponse = array of object { count, value }` - `count: optional number` - `value: optional string` # Type ## Retrieves Security Center Insight Counts by Type **get** `/{accounts_or_zones}/{account_or_zone_id}/security-center/insights/type` Retrieves Security Center insight counts aggregated by insight type. ### Path Parameters - `account_id: optional string` The Account ID to use for this endpoint. Mutually exclusive with the Zone ID. - `zone_id: optional string` The Zone ID to use for this endpoint. Mutually exclusive with the Account ID. ### Query Parameters - `dismissed: optional boolean` - `issue_class: optional array of string` - `"issue_class~neq": optional array of string` - `issue_type: optional array of IssueType` - `"compliance_violation"` - `"email_security"` - `"exposed_infrastructure"` - `"insecure_configuration"` - `"weak_authentication"` - `"configuration_suggestion"` - `"issue_type~neq": optional array of IssueType` - `"compliance_violation"` - `"email_security"` - `"exposed_infrastructure"` - `"insecure_configuration"` - `"weak_authentication"` - `"configuration_suggestion"` - `product: optional array of string` - `"product~neq": optional array of string` - `severity: optional array of SeverityQueryParam` - `"low"` - `"moderate"` - `"critical"` - `"severity~neq": optional array of SeverityQueryParam` - `"low"` - `"moderate"` - `"critical"` - `subject: optional array of string` - `"subject~neq": optional array of string` ### Returns - `errors: array of object { code, message, documentation_url, source }` - `code: number` - `message: string` - `documentation_url: optional string` - `source: optional object { pointer }` - `pointer: optional string` - `messages: array of object { code, message, documentation_url, source }` - `code: number` - `message: string` - `documentation_url: optional string` - `source: optional object { pointer }` - `pointer: optional string` - `success: true` Whether the API call was successful. - `true` - `result: optional array of object { count, value }` - `count: optional number` - `value: optional string` ### Example ```http curl https://api.cloudflare.com/client/v4/$ACCOUNTS_OR_ZONES/$ACCOUNT_OR_ZONE_ID/security-center/insights/type \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "count": 1, "value": "value" } ] } ``` ## Domain Types ### Type Get Response - `TypeGetResponse = array of object { count, value }` - `count: optional number` - `value: optional string`