Search, filter and group Event Logs for a Shield Zone
Path Parameters
The ID of the Shield Zone.
Body
Request body for searching a Shield Zone's Event Logs within a time window.
Window start as Unix time in milliseconds (UTC). Required.
Window end as Unix time in milliseconds (UTC). Required; must be after BunnyNet.Shield.Api.Entities.Waf.WafLogging.EventLogsSearchRequest.from and within the last 72 hours.
Optional free-text search across IP, ruleId, URL, User-Agent and rule name.
Optional filters, combined with AND. Repeated values within one filter combine with OR.
Optional ordered dimensions to group by, e.g. ["ip","ja4"]. Omit for flat rows. Allowed: feature, ruleId, ip, ja4, ua, url, asn, country, action.
Zero-based page index.
Page size; clamped to 1–500 (defaults to 50 when unset).
Response
OK
Result of an Event Logs search. Exactly one of BunnyNet.Shield.Api.Entities.Waf.WafLogging.EventLogsSearchResponse.rows or BunnyNet.Shield.Api.Entities.Waf.WafLogging.EventLogsSearchResponse.groups is populated.
Flat event rows (populated when the request had no groupBy).
Aggregated groups (populated when the request had a groupBy).
Total flat rows, or total distinct groups when grouped.
Total number of pages for the current page size.
Zero-based index of the returned page.
Generic response object containing status information for API operations.