AvantGuard - DNSFilter icon

AvantGuard - DNSFilter

AvantGuard - DNSFilter
Join our community

Actions277

Overview

This node operation fetches total traffic collection reports grouped by organizations. It is designed to retrieve aggregated network traffic data, including allowed and blocked traffic, from multiple organizations over a specified time range. This is useful for network administrators or security analysts who want to monitor traffic patterns, detect threats, or generate compliance reports across different organizational units.

Practical examples include:

  • Generating daily summaries of network traffic per organization.
  • Filtering traffic reports by specific agents, applications, or networks.
  • Analyzing threat-related traffic versus normal traffic.
  • Grouping results to compare traffic volumes between organizations.

Properties

Name Meaning
Additional Query Parameters Optional filters and parameters to customize the report query. Includes:
- Agent Ids: Comma separated list of user agent UUIDs (default all)
- Agent Types: Comma separated list of user agent types (default all)
- Application Ids: Comma separated list of application IDs (default all)
- Bucket Size: Desired bucket size for aggregation; options are auto, 15min, 1day (default auto)
- Collection Ids: Comma separated list of collection IDs (default all)
- From: Report start datetime in UTC (format YYYY-MM-DDThh:mm:ss or with Z)
- Mac Addresses: Comma separated MAC addresses without colons (default all)
- Network Ids: Comma separated list of network IDs (default all)
- Organization Ids: Comma separated list of organization IDs (default current user org)
- Private Ip: Private LAN IP filter
- Private Ip From/To: Range for private LAN IPs
- Security Report: Boolean to filter threats report (true/false), defaults to true
- Show Individual Organizations: Boolean to group results by organization ID, defaults to true
- Source: Traffic source filter, options: all, networks, agents, proxies (default all)
- To: Report end datetime in UTC (format YYYY-MM-DDThh:mm:ss or with Z)
- Type: Type of report, options: all, allowed, blocked (default all)
- User Ids: Comma separated list of local user IDs (default all)

Output

The node outputs JSON data representing the aggregated traffic report grouped by organizations. The structure typically includes:

  • Organization identifiers.
  • Aggregated traffic metrics such as counts or volumes.
  • Time buckets according to the selected bucket size.
  • Traffic type breakdown (allowed, blocked).
  • Threat indicators if security report filtering is enabled.

If binary data output is supported, it would represent raw report files or exports, but this node primarily outputs structured JSON data.

Dependencies

  • Requires an API key credential for authenticating requests to the AvantGuard DNSFilter service.
  • The node uses the base URL https://api.dnsfilter.com for API calls.
  • No additional external dependencies beyond the configured API authentication.

Troubleshooting

  • Invalid Date Format: If the from or to date parameters are not in the correct ISO 8601 format, the API may reject the request or return default date ranges. Ensure dates follow YYYY-MM-DDThh:mm:ss or YYYY-MM-DDThh:mm:ssZ.
  • Empty Results: If filters are too restrictive (e.g., specifying non-existent agent IDs or organization IDs), the report may return empty data. Try broadening filters or removing optional parameters.
  • Authentication Errors: Missing or invalid API credentials will cause authorization failures. Verify that the API key credential is correctly set up in n8n.
  • Bucket Size Misconfiguration: Using unsupported bucket sizes may lead to unexpected aggregation intervals. Use only auto, 15min, or 1day.

Links and References

Discussion