GET /accounts/{account_id}/cloudforce-one/events/aggregate
Aggregate threat events by one or more columns (e.g., attacker, targetIndustry) with optional date filtering and daily grouping. Supports multi-dimensional aggregation for cross-analysis.
Servers
- https://api.cloudflare.com/client/v4
Path parameters
Name | Type | Required | Description |
---|---|---|---|
account_id |
String | Yes |
Account ID. |
Query parameters
Name | Type | Required | Description |
---|---|---|---|
datasetId |
No |
Dataset ID(s) to filter by. Can be a single dataset ID or array of dataset IDs. If not provided, uses default dataset |
|
endDate |
String | No |
End date for filtering (ISO 8601 format, e.g., '2024-12-31') |
aggregateBy |
String | Yes |
Column(s) to aggregate by - single column or comma-separated list (e.g., 'attacker', 'targetIndustry', 'attacker,targetIndustry') |
limit |
Number | No |
Maximum number of results to return Default value: 100 |
groupByDate |
Boolean | No |
Whether to group results by date (daily aggregation) |
startDate |
String | No |
Start date for filtering (ISO 8601 format, e.g., '2024-01-01') |
How to start integrating
- Add HTTP Task to your workflow definition.
- Search for the API you want to integrate with and click on the name.
- This loads the API reference documentation and prepares the Http request settings.
- Click Test request to test run your request to the API and see the API's response.