events
Creates, updates, deletes, gets or lists an events resource.
Overview
| Name | events |
| Type | Resource |
| Id | cloudflare.cloudforce_one.events |
Fields
The following fields are returned by SELECT queries:
- get
Returns the event.
| Name | Datatype | Description |
|---|---|---|
attacker | string | |
attackerCountry | string | |
category | string | |
datasetId | string | |
date | string | |
event | string | |
hasChildren | boolean | |
indicator | string | |
indicatorType | string | |
indicatorTypeId | number | |
insight | string | |
killChain | number | |
mitreAttack | array | |
mitreCapec | array | |
numReferenced | number | |
numReferences | number | |
rawId | string | |
referenced | array | |
referencedIds | array | |
references | array | |
referencesIds | array | |
releasabilityId | string | |
tags | array | |
targetCountry | string | |
targetIndustry | string | |
tlp | string | |
uuid | string |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | account_id, dataset_id, event_id | Retrieves a specific event by its UUID. | |
post_event_update | insert | account_id, event_id, datasetId | ||
create_graphql | exec | account_id | Execute GraphQL aggregations over threat events. Supports multi-dimensional group-bys, optional date range filtering, and multi-dataset aggregation. | |
delete_relate | exec | account_id, event_id | ||
delete_delete | exec | account_id, dataset_id | eventIds | |
create_graphql_v2 | exec | account_id | Execute GraphQL aggregations over threat events. Supports multi-dimensional group-bys, optional date range filtering, and multi-dataset aggregation. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
account_id | string | The Cloudflare account ID. |
dataset_id | string | The dataset ID. |
event_id | string | The event ID. |
eventIds | array | Array of Event IDs to delete. |
SELECT examples
- get
Retrieves a specific event by its UUID.
SELECT
attacker,
attackerCountry,
category,
datasetId,
date,
event,
hasChildren,
indicator,
indicatorType,
indicatorTypeId,
insight,
killChain,
mitreAttack,
mitreCapec,
numReferenced,
numReferences,
rawId,
referenced,
referencedIds,
references,
referencesIds,
releasabilityId,
tags,
targetCountry,
targetIndustry,
tlp,
uuid
FROM cloudflare.cloudforce_one.events
WHERE account_id = '{{ account_id }}' -- required
AND dataset_id = '{{ dataset_id }}' -- required
AND event_id = '{{ event_id }}' -- required
;
INSERT examples
- post_event_update
- Manifest
No description available.
INSERT INTO cloudflare.cloudforce_one.events (
attacker,
attackerCountry,
category,
createdAt,
datasetId,
date,
event,
indicator,
indicatorType,
insight,
raw,
targetCountry,
targetIndustry,
tlp,
account_id,
event_id
)
SELECT
'{{ attacker }}',
'{{ attackerCountry }}',
'{{ category }}',
'{{ createdAt }}',
'{{ datasetId }}' /* required */,
'{{ date }}',
'{{ event }}',
'{{ indicator }}',
'{{ indicatorType }}',
'{{ insight }}',
'{{ raw }}',
'{{ targetCountry }}',
'{{ targetIndustry }}',
'{{ tlp }}',
'{{ account_id }}',
'{{ event_id }}'
RETURNING
attacker,
attackerCountry,
category,
datasetId,
date,
event,
hasChildren,
indicator,
indicatorType,
indicatorTypeId,
insight,
killChain,
mitreAttack,
mitreCapec,
numReferenced,
numReferences,
rawId,
referenced,
referencedIds,
references,
referencesIds,
releasabilityId,
tags,
targetCountry,
targetIndustry,
tlp,
uuid
;
# Description fields are for documentation purposes
- name: events
props:
- name: account_id
value: "{{ account_id }}"
description: Required parameter for the events resource.
- name: event_id
value: "{{ event_id }}"
description: Required parameter for the events resource.
- name: attacker
value: "{{ attacker }}"
- name: attackerCountry
value: "{{ attackerCountry }}"
- name: category
value: "{{ category }}"
- name: createdAt
value: "{{ createdAt }}"
- name: datasetId
value: "{{ datasetId }}"
description: |
Dataset ID containing the event to update.
- name: date
value: "{{ date }}"
- name: event
value: "{{ event }}"
- name: indicator
value: "{{ indicator }}"
- name: indicatorType
value: "{{ indicatorType }}"
- name: insight
value: "{{ insight }}"
- name: raw
value:
data: "{{ data }}"
source: "{{ source }}"
tlp: "{{ tlp }}"
- name: targetCountry
value: "{{ targetCountry }}"
- name: targetIndustry
value: "{{ targetIndustry }}"
- name: tlp
value: "{{ tlp }}"
Lifecycle Methods
- create_graphql
- delete_relate
- delete_delete
- create_graphql_v2
Execute GraphQL aggregations over threat events. Supports multi-dimensional group-bys, optional date range filtering, and multi-dataset aggregation.
EXEC cloudflare.cloudforce_one.events.create_graphql
@account_id='{{ account_id }}' --required
;
Returns success if operation succeeded.
EXEC cloudflare.cloudforce_one.events.delete_relate
@account_id='{{ account_id }}' --required,
@event_id='{{ event_id }}' --required
;
Returns the number of deleted events.
EXEC cloudflare.cloudforce_one.events.delete_delete
@account_id='{{ account_id }}' --required,
@dataset_id='{{ dataset_id }}' --required,
@eventIds='{{ eventIds }}'
;
Execute GraphQL aggregations over threat events. Supports multi-dimensional group-bys, optional date range filtering, and multi-dataset aggregation.
EXEC cloudflare.cloudforce_one.events.create_graphql_v2
@account_id='{{ account_id }}' --required
;