AvantGuard - DNSFilter icon

AvantGuard - DNSFilter

AvantGuard - DNSFilter
Join our community

Actions277

Overview

This node operation, Traffic Reports Top Organizations, retrieves summarized traffic report data focused on organizations. It is designed to fetch top organizations based on various traffic-related filters and parameters such as time range, agent types, network IDs, and security threat reports.

Typical use cases include:

  • Analyzing which organizations generate the most traffic within a specified timeframe.
  • Filtering traffic data by specific user agents, applications, or networks.
  • Generating security-focused reports that highlight threats or allowed/blocked traffic per organization.
  • Paginating through large datasets of organizational traffic reports.

For example, a security analyst could use this node to get a list of organizations with the highest number of blocked traffic events in the last 24 hours, filtered by certain network IDs and agent types.

Properties

Name Meaning
Additional Query Parameters Optional filters and query parameters to refine the traffic report request. These include:
- Agent Ids: Comma-separated user agent UUIDs (default all)
- Agent Types: Comma-separated user agent types (default all)
- Application Ids: Comma-separated application IDs (default all)
- Collection Ids: Comma-separated collection IDs (default all)
- From: UTC lower limit datetime for report (format YYYY-MM-DDThh:mm:ss or with Z)
- Mac Addresses: Comma-separated MAC addresses without colons (default all)
- Name: Filter organizations whose name contains this value
- Nat Ips: Comma-separated NAT IPs (valid integers 101-106)
- Network Ids: Comma-separated network IDs (default all)
- Organization Ids: Comma-separated organization IDs (default user org ID)
- Page: JSON object specifying page number (default 1) and size (default 10, max 100)
- Private Ip: Private LAN IP
- Private Ip From: Lower limit of private LAN IP range
- Private Ip To: Upper limit of private LAN IP range
- Security Report: Boolean to filter threats report (true/false), if empty includes both
- Source: Traffic source filter with options: All, Networks, Agents, Proxies (default All)
- To: UTC upper limit datetime for report
- Type: Type of report with options: All, Allowed, Blocked (default All)
- User Ids: Comma-separated local user IDs (default all)

Output

The node outputs JSON data representing the traffic report results for top organizations matching the specified filters. The structure typically includes:

  • A list or array of organization traffic summaries.
  • Each item may contain fields such as organization ID, name, traffic counts, threat counts, allowed/blocked traffic statistics, and other metadata relevant to the traffic report.
  • Pagination information if applicable (e.g., current page, total pages).

No binary data output is indicated for this operation.

Dependencies

  • Requires an API key credential for authenticating requests to the AvantGuard DNSFilter service.
  • The node sends HTTP requests to the base URL https://api.dnsfilter.com.
  • Proper configuration of the API authentication token in n8n credentials is necessary.

Troubleshooting

  • Common issues:

    • Invalid date/time format for from or to parameters can cause the API to default to fallback values or return errors.
    • Exceeding maximum page size (over 100) may result in API errors.
    • Providing invalid or malformed comma-separated lists (e.g., agent IDs, network IDs) might lead to no results or errors.
    • Missing or incorrect API authentication will cause authorization failures.

  • Error messages:

    • Authentication errors indicating missing or invalid API keys require checking the configured credentials.
    • Validation errors related to query parameters suggest reviewing the input formats and allowed values.
    • Rate limiting or quota exceeded errors indicate too many requests in a short period; users should implement retry logic or reduce request frequency.

Links and References

Discussion