Skip to content
Cloudflare API
Start here
API Reference
Email Security
Phishguard
Reports

Get PhishGuard reports

client.EmailSecurity.Phishguard.Reports.List(ctx, params) (*SinglePage[PhishguardReportListResponse], error)
GET/accounts/{account_id}/email-security/phishguard/reports

Retrieves PhishGuard security alert reports for a specified date range. Reports include detected threats, dispositions, and contextual information. Use for security monitoring and threat analysis.

Security
API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY
API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194
Accepted Permissions (at least one required)
Cloud Email Security: WriteCloud Email Security: Read
ParametersExpand Collapse
params PhishguardReportListParams
AccountID param.Field[string]

Path param: Identifier.

maxLength32
End param.Field[Time]Optional

Query param: End of the time range (RFC3339). Takes precedence over to_date.

formatdate-time
FromDate param.Field[Time]Optional

Query param: Deprecated, use start instead. Start date in YYYY-MM-DD format.

formatdate
Start param.Field[Time]Optional

Query param: Start of the time range (RFC3339). Takes precedence over from_date.

formatdate-time
ToDate param.Field[Time]Optional

Query param: Deprecated, use end instead. End date in YYYY-MM-DD format.

formatdate
ReturnsExpand Collapse
type PhishguardReportListResponse struct{…}
ID int64
Content string
Disposition PhishguardReportListResponseDisposition
One of the following:
const PhishguardReportListResponseDispositionMalicious PhishguardReportListResponseDisposition = "MALICIOUS"
const PhishguardReportListResponseDispositionMaliciousBec PhishguardReportListResponseDisposition = "MALICIOUS-BEC"
const PhishguardReportListResponseDispositionSuspicious PhishguardReportListResponseDisposition = "SUSPICIOUS"
const PhishguardReportListResponseDispositionSpoof PhishguardReportListResponseDisposition = "SPOOF"
const PhishguardReportListResponseDispositionSpam PhishguardReportListResponseDisposition = "SPAM"
const PhishguardReportListResponseDispositionBulk PhishguardReportListResponseDisposition = "BULK"
const PhishguardReportListResponseDispositionEncrypted PhishguardReportListResponseDisposition = "ENCRYPTED"
const PhishguardReportListResponseDispositionExternal PhishguardReportListResponseDisposition = "EXTERNAL"
const PhishguardReportListResponseDispositionUnknown PhishguardReportListResponseDisposition = "UNKNOWN"
const PhishguardReportListResponseDispositionNone PhishguardReportListResponseDisposition = "NONE"
Fields PhishguardReportListResponseFields
To []string
From stringOptional
OccurredAt TimeOptional
formatdate-time
PostfixID stringOptional
DeprecatedTs TimeOptional

Deprecated, use occurred_at instead

formatdate-time
Priority string
Title string
CreatedAt TimeOptional
formatdate-time
Tags []PhishguardReportListResponseTagOptional
Category string
Value string
DeprecatedTs TimeOptional

Deprecated, use created_at instead

formatdate-time
UpdatedAt TimeOptional
formatdate-time

Get PhishGuard reports

package main

import (
  "context"
  "fmt"

  "github.com/stainless-sdks/cloudflare-go"
  "github.com/stainless-sdks/cloudflare-go/email_security"
  "github.com/stainless-sdks/cloudflare-go/option"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  page, err := client.EmailSecurity.Phishguard.Reports.List(context.TODO(), email_security.PhishguardReportListParams{
    AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", page)
}

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": [
    {
      "id": 0,
      "content": "content",
      "disposition": "MALICIOUS",
      "fields": {
        "to": [
          "string"
        ],
        "from": "from",
        "occurred_at": "2019-12-27T18:11:19.117Z",
        "postfix_id": "postfix_id",
        "ts": "2019-12-27T18:11:19.117Z"
      },
      "priority": "priority",
      "title": "title",
      "created_at": "2019-12-27T18:11:19.117Z",
      "tags": [
        {
          "category": "category",
          "value": "value"
        }
      ],
      "ts": "2019-12-27T18:11:19.117Z",
      "updated_at": "2019-12-27T18:11:19.117Z"
    }
  ],
  "success": true
}
Returns Examples
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": [
    {
      "id": 0,
      "content": "content",
      "disposition": "MALICIOUS",
      "fields": {
        "to": [
          "string"
        ],
        "from": "from",
        "occurred_at": "2019-12-27T18:11:19.117Z",
        "postfix_id": "postfix_id",
        "ts": "2019-12-27T18:11:19.117Z"
      },
      "priority": "priority",
      "title": "title",
      "created_at": "2019-12-27T18:11:19.117Z",
      "tags": [
        {
          "category": "category",
          "value": "value"
        }
      ],
      "ts": "2019-12-27T18:11:19.117Z",
      "updated_at": "2019-12-27T18:11:19.117Z"
    }
  ],
  "success": true
}