GraphQLを使用したファイアウォールイベントのクエリ
この例では、指定された期間にわたるファイアウォールイベントをクエリするために、GraphQL Analytics APIを使用します。
以下のAPI呼び出しは、1時間の期間にわたるファイアウォールイベントを要求し、要求されたフィールドを出力します。<CLOUDFLARE_ZONE_ID>、<EMAIL>、および<API_KEY>をあなたのゾーンタグとAPI資格情報に置き換え、datetime_geqおよびdatetime_leqの値を好みに応じて調整してください。
echo '{ "query": "query ListFirewallEvents($zoneTag: string, $filter: FirewallEventsAdaptiveFilter_InputObject) { viewer { zones(filter: { zoneTag: $zoneTag }) { firewallEventsAdaptive( filter: $filter limit: 10 orderBy: [datetime_DESC] ) { action clientAsn clientCountryName clientIP clientRequestPath clientRequestQuery datetime source userAgent } } } }", "variables": { "zoneTag": "<CLOUDFLARE_ZONE_ID>", "filter": { "datetime_geq": "2022-07-24T11:00:00Z", "datetime_leq": "2022-07-24T12:00:00Z" } }}' | tr -d '\n' | curl --silent \https://api.cloudflare.com/client/v4/graphql \--header "Authorization: Bearer <API_TOKEN>" \--header "Accept: application/json" \--header "Content-Type: application/json" \--data @-返される結果はJSON形式(要求された通り)であるため、出力をjqにパイプすることで、読みやすくなります。例えば:
... | curl --silent \https://api.cloudflare.com/client/v4/graphql \--header "Authorization: Bearer <API_TOKEN>" \--header "Accept: application/json" \--header "Content-Type: application/json" \--data @- | jq .
#=> {#=> "data": {#=> "viewer": {#=> "zones": [#=> {#=> "firewallEventsAdaptive": [#=> {#=> "action": "log",#=> "clientAsn": "5089",#=> "clientCountryName": "GB",#=> "clientIP": "203.0.113.69",#=> "clientRequestPath": "/%3Cscript%3Ealert()%3C/script%3E",#=> "clientRequestQuery": "",#=> "datetime": "2020-04-24T10:11:24Z",#=> "source": "waf",#=> "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"#=> },#=> {#=> "action": "log",#=> "clientAsn": "5089",#=> "clientCountryName": "GB",#=> "clientIP": "203.0.113.69",#=> "clientRequestPath": "/%3Cscript%3Ealert()%3C/script%3E",#=> "clientRequestQuery": "",#=> "datetime": "2020-04-24T10:11:24Z",#=> "source": "waf",#=> "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"#=> },#=> {#=> "action": "log",#=> "clientAsn": "5089",#=> "clientCountryName": "GB",#=> "clientIP": "203.0.113.69",#=> "clientRequestPath": "/%3Cscript%3Ealert()%3C/script%3E",#=> "clientRequestQuery": "",#=> "datetime": "2020-04-24T10:11:24Z",#=> "source": "waf",#=> "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"#=> },#=> {#=> "action": "log",#=> "clientAsn": "5089",#=> "clientCountryName": "GB",#=> "clientIP": "203.0.113.69",#=> "clientRequestPath": "/%3Cscript%3Ealert()%3C/script%3E",#=> "clientRequestQuery": "",#=> "datetime": "2020-04-24T10:11:24Z",#=> "source": "waf",#=> "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"#=> },#=> {#=> "action": "log",#=> "clientAsn": "5089",#=> "clientCountryName": "GB",#=> "clientIP": "203.0.113.69",#=> "clientRequestPath": "/%3Cscript%3Ealert()%3C/script%3E",#=> "clientRequestQuery": "",#=> "datetime": "2020-04-24T10:11:24Z",#=> "source": "waf",#=> "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"#=> },#=> {#=> "action": "log",#=> "clientAsn": "5089",#=> "clientCountryName": "GB",#=> "clientIP": "203.0.113.69",#=> "clientRequestPath": "/%3Cscript%3Ealert()%3C/script%3E",#=> "clientRequestQuery": "",#=> "datetime": "2020-04-24T10:11:24Z",#=> "source": "waf",#=> "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"#=> },#=> {#=> "action": "log",#=> "clientAsn": "5089",#=> "clientCountryName": "GB",#=> "clientIP": "203.0.113.69",#=> "clientRequestPath": "/%3Cscript%3Ealert()%3C/script%3E",#=> "clientRequestQuery": "",#=> "datetime": "2020-04-24T10:11:24Z",#=> "source": "waf",#=> "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"#=> },#=> {#=> "action": "block",#=> "clientAsn": "5089",#=> "clientCountryName": "GB",#=> "clientIP": "203.0.113.69",#=> "clientRequestPath": "/%3Cscript%3Ealert()%3C/script%3E",#=> "clientRequestQuery": "",#=> "datetime": "2020-04-24T10:11:24Z",#=> "source": "waf",#=> "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"#=> },#=> {#=> "action": "log",#=> "clientAsn": "58224",#=> "clientCountryName": "IR",#=> "clientIP": "2.183.175.37",#=> "clientRequestPath": "/api/v2",#=> "clientRequestQuery": "",#=> "datetime": "2020-04-24T10:00:54Z",#=> "source": "waf",#=> "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"#=> },#=> {#=> "action": "log",#=> "clientAsn": "58224",#=> "clientCountryName": "IR",#=> "clientIP": "2.183.175.37",#=> "clientRequestPath": "/api/v2",#=> "clientRequestQuery": "",#=> "datetime": "2020-04-24T10:00:54Z",#=> "source": "waf",#=> "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"#=> }#=> ]#=> }#=> ]#=> }#=> },#=> "errors": null#=> }