DNSFilter
**Note:** If you are a distributor integrating with DNSFilter, please check out our [Distributors Development Guide](/docs/distributors).### Authentication- Authentication is required for most, but not all, endpoints.- Authentication is done by setting the `Authorization` request header. The header value is the API key itself. For example: `Authorization: eyJ...`- An API key can be obtained through the DNSFilter dashboard under Account Settings. For additional information see [this KB article](https://help.dnsfilter.com/hc/en-us/articles/21169189058323-API-Tokens).### Rate Limiting- All endpoints are rate limited.- The limits may vary by endpoint, but are generally consistent.- When the rate limit is exceeded the API will return the standard `429` HTTP status.- The following headers will also be provided in the response: `Retry-After`, `RateLimit-Policy`, `RateLimit`, `RateLimit-Limit`, `RateLimit-Remaining`, `RateLimit-Reset`. For details on the values of these headers, see the following articles [here](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Retry-After), [here](https://www.ietf.org/archive/id/draft-ietf-httpapi-ratelimit-headers-08.html), and [here](https://www.ietf.org/archive/id/draft-polli-ratelimit-headers-05.html).- For additional information see [this KB article](https://help.dnsfilter.com/hc/en-us/articles/38202811088403-API-Rate-Limits).### Error Handling- The API uses standard HTTP status codes to indicate success or failure.- For _V1_ endpoints the response format is: ```json { "error": "string", "type": "string(optional)" } ```- For _V2_ endpoints the response format is: ```json { "error": { "message": "string", "type": "string(optional)" } } ```### PaginationFor the _V1_ endpoints, the pagination parameters are nested. That is to say,if passed as JSON they look like this: `{"page[number]": 1, "page[size]": 10}`.To pass this information in the URL query string, it would be formatted likethis: `...?page%5Bnumber%5D=1&page%5Bsize%5D=10`.In this guide, the UI will indicate that `page` is an `object` and if youwant to set values when trying the request, you must enter it as if it wasthe JSON above.### A Quick ExampleThe following will return information about the currentlyauthenticated user.```bash% curl -H 'Authorization: ***' https://api.dnsfilter.com/v1/users/self{ "data": { "id": "12345", "type": "users", "attributes": { "name": "John Doe", "email": "john@example.com", ...additional fields...}}}```
Actions328
- AgentLocalUsers Actions
- ApiKeys Actions
- ApplicationCategories Actions
- Applications Actions
- Billings Actions
- BlockPages Actions
- Categories Actions
- CollectionUsers Actions
- User(Current) Actions
- Distributors Actions
- Health Check
- Update
- Show MSP
- Show Organization
- Reactivate suborg
- Users Search
- Show User
- Remove membership
- Get usage info
- Get user info by date
- Health Check
- MSP Search
- Show MSP
- Reactivate
- Show Organization
- Cancel suborganization
- Remove Sku
- Create user
- Reset password
- Get usage info by SKU
- Get
- Cancel suborganization
- Add Sku
- Add membership
- Create
- Update
- Reactivate
- Organizations Search
- Create suborganization
- Remove Sku
- Create user
- Update membership
- Reset password
- Reset password URL
- Get usage info by SKU
- Get
- Update
- Create
- Update
- Cancel
- Organizations Search
- Create suborganization
- Update suborganization
- Reactivate suborg
- Add Sku
- Show User
- Users Search
- Add membership
- Update membership
- Remove membership
- Reset password URL
- Get usage info
- Get user info by date
- DomainNotes Actions
- Domains Actions
- EnterpriseConnections Actions
- Invoices Actions
- IPAddresses Actions
- MACAddresses Actions
- Metrics Actions
- NetworkLANIPs Actions
- NetworkSubnets Actions
- Networks Actions
- OrganizationUsers Actions
- Organizations Actions
- PoliciesBulkActions Actions
- Policies Actions
- Get extant
- Get all
- Delete
- Get application
- Remove allow domain
- Add allow category
- Add block application
- Update permissive mode
- Create
- Show policy
- Update
- Update application
- Add block domain
- Remove block domain
- Add allow domain
- Add block category
- Remove block category
- Remove allow category
- Remove block application
- Get permissive mode
- PolicyIPs Actions
- ScheduledPolicies Actions
- ScheduledReportPreviews Actions
- ScheduledReports Actions
- TrafficReports Actions
- Total threats users
- Category reqs organizations
- Category reqs users
- Domain reqs organizations
- Domain reqs collections
- Collection reqs orgs
- Queries per second
- QPS users
- Top domains
- Top organizations
- Top users
- Organization stats
- Top Organizations Requests
- Deployments
- Application reqs org
- Total requests/time
- Total requests/organizations
- Total threats/time
- Total threats organizations
- Total threats clients
- Total threats collections
- Total category requests
- Category reqs clients
- Category reqs collections
- Total domain reqs
- Domain reqs users
- Total collection reqs
- Collection reqs clients
- Collection reqs users
- QPS organizations
- QPS clients
- QPS collections
- Top categories
- Top application categories
- Top networks
- Top collections
- Query Logs
- Domain stats
- Category stats
- Total Org Requests
- Total Domain Requests
- Total client stats
- Roaming clients
- Application requests
- Application reqs users
- Application reqs collections
- Application reqs clients
- Trials Actions
- UserAgentBulkDeletes Actions
- UserAgentBulkUpdates Actions
- UserAgentCleanups Actions
- UserAgentReleases Actions
- UserAgents Actions
- Users Actions
- UserUISettingsV2 Actions
- NetworksCSVExports Actions
- AgentLocalUserBulkDeletes Actions
- DictionaryLookups Actions
- PSAIntegrations Actions
- UserAgentCSVExports Actions
- CybersightCSVExports Actions
Overview
This node interacts with the DNSFilter API to retrieve traffic report data specifically related to domain requests by users. It is useful for analyzing network traffic, monitoring domain access patterns, and understanding user behavior in an organization. For example, it can be used to fetch the total number of domain requests made by users within a specified time range, filtered by various parameters such as agent IDs, application IDs, categories, and more.
Use Case Examples
- Fetch total domain requests by users for the last 7 days to analyze user access patterns.
- Retrieve domain request data filtered by specific user IDs and application IDs to monitor usage.
- Get domain requests grouped by individual users to identify top domain consumers.
Properties
| Name | Meaning |
|---|---|
| Return All | Whether to return all results or only a single page. When disabled, no pagination parameters are sent and only one page of results is returned. |
| Additional Fields | Optional filters and parameters to refine the domain requests query, such as agent IDs, application IDs, bucket size, domain prefix, date range, MAC addresses, network IDs, organization IDs, private IP ranges, security report flag, grouping by individual users, traffic source, report type, and user IDs. |
| Options | Additional request options such as custom body, custom headers, query filters, batching, debug mode, pagination settings, and timeout configuration. |
Output
JSON
json- The JSON response from the DNSFilter API containing domain request data for users.
Dependencies
- DNSFilter API key credential
Troubleshooting
- Ensure the DNSFilter API key credential is correctly configured and has necessary permissions.
- Check that the resource is set to 'TrafficReports' and operation to 'Domain reqs users'.
- Verify that date and time formats for 'from' and 'to' fields are correct ISO8601 strings.
- If pagination is enabled, ensure pagination parameters are correctly set to avoid incomplete data.
- Enable debug mode to see the actual API request details for troubleshooting errors.
Links
- DNSFilter API Tokens - Information on obtaining and using API tokens for authentication.
- DNSFilter API Rate Limits - Details on API rate limiting and headers returned on limit exceedance.