본문 바로가기

Public Cloud/Cloudflare

[Cloudflare] API

반응형
  • email, zone_ip, api_key 정보 필요

Logpush


Logpush 설정 정보.

  • CF -> Analutics -> Logs
# GET JOB ID 
curl -s -H "X-Auth-Email: ${email}" -H "X-Auth-Key: ${api_key}" 'https://api.cloudflare.com/client/v4/zones/'${zone_id}'/logpush/jobs' | jq .
 
 {
  "errors": [],
  "messages": [],
  "result": [
    {
      "id": {JOB ID},
      "dataset": "firewall_events",
      "frequency": "high",
      "kind": "",
      "enabled": true,
      "name": null,
      "logpull_options": "fields=Action,ClientIP,ClientRequestHost,ClientRequestMethod,ClientRequestPath,ClientRequestQuery,Datetime,EdgeResponseStatus,RayID,Source,ClientCountry&timestamps=rfc3339",
      "destination_conf": "{logpush 목적지}",
      "last_complete": "2022-05-11T10:36:22Z",
      "last_error": null,
      "error_message": null
    }
  ],
  "success": true
}

 

  • JOB ID로 조회
# logstream set
curl -X PUT "https://api.cloudflare.com/client/v4/zones/${zone_id}/logpush/jobs/${job id}" \
     -H "X-Auth-Email: ${email}" \
     -H "X-Auth-Key: ${api_key}" \
     -H "Content-Type: application/json" \
     --data '{"logstream":true}' | jq

 

 

SPECTRUM


Spectrum Application 설정 정보

  • CF -> Spectrum
curl -X GET "https://api.cloudflare.com/client/v4/zones/${zone_id}/spectrum/apps" \
 -H "Content-Type: application/json" \
 -H "X-Auth-Key: ${api_key}" \
 -H "X-Auth-Email: ${email}"

 

Spectrum Current Connections

  • Spectrum Application ID 별 Current Connection.
  • 웹 대시보드에서는 볼 수 있는 방법이 없음.
  • ${colocode} : 한국의 경우 ICN
  • ${APPID} : Application ID
curl -X GET "https://api.cloudflare.com/client/v4/zones/${zone_ID}/spectrum/analytics/aggregate/current?coloName=${colocode}&appID=${APPID}" -H "X-Auth-Email: ${email}" -H "X-Auth-Key: ${api_key}" -H "Content-Type: application/json"
{
  "result": [
    {
      "appID": "{APPID}",
      "bytesIngress": 15549,
      "bytesEgress": 296500,
      "connections": 62,
      "durationAvg": 76958673.20967741
    }
  ],
  "success": true,
  "errors": [],
  "messages": []
}

 

Security


Firewall rules

 

  • CF -> Security -> WAF -> Firewall rules
#firewall rule list
curl -X GET "https://api.cloudflare.com/client/v4/zones/${zone_id}/firewall/rules" \
     -H "X-Auth-Email: ${email}" \
     -H "X-Auth-Key: ${api_key}" \
     -H "Content-Type: application/json"

 

IP Access Rules

  • CF -> Security -> WAF -> Tools -> IP Access Rules
  • Spectrum Allplication의 IP 차단 정책은 IP Access Rules에서만이 유일하게 적용된다.
# firewall access ip rule list
#curl -X GET "https://api.cloudflare.com/client/v4/zones/${zone_id}/firewall/access_rules/rules?page=1&per_page=100&mode=block&configuration.target=country" \
curl -X GET "https://api.cloudflare.com/client/v4/zones/${zone_id}/firewall/access_rules/rules?page=1&per_page=1000&mode=block&configuration.target=ip" \
     -H "X-Auth-Email: ${email}" \
     -H "X-Auth-Key: ${api_key}" \
     -H "Content-Type: application/json"

 

  • IP Access rules에 IP 추가
# firewall access ip rule add
curl -X POST "https://api.cloudflare.com/client/v4/zones/${zone_id}/firewall/access_rules/rules" \
     -H "X-Auth-Email: ${email}" \
     -H "X-Auth-Key: ${api_key}" \
     -H "Content-Type: application/json" \
     --data '{"mode":"whitelist","configuration":{"target":"ip","value":"23.23.23.23"},"notes":"test"}'

# 결과
     {
  "result": {
    "id": "9fdfc6788a4f41ab9111a6fb69a9b88b",
...
    "mode": "whitelist",
    "notes": "test",
    "configuration": {
      "target": "ip",
      "value": "23.23.23.23"
    },
 ...
  },
  "success": true,
  "errors": [],
  "messages": []
}

 

  • IP Access rules에 IP 삭제
  • Rule ID 필요하며 위에서 추가한 rules ID를 예시로 삭제
# firewall access ip rule delete
curl -X DELETE "https://api.cloudflare.com/client/v4/zones/${zone_id}/firewall/access_rules/rules/9fdfc6788a4f41ab9111a6fb69a9b88b" \
     -H "X-Auth-Email: ${email}" \
     -H "X-Auth-Key: ${api_key}" \
     -H "Content-Type: application/json" \
     --data '{"cascade":"none"}'
반응형