> ## Documentation Index > Fetch the complete documentation index at: https://gcore.com/docs/llms.txt > Use this file to discover all available pages before exploring further. # Get filtered traffic data > Retrieves a traffic time series data over a set of domains. The response is suitable for plotting a time series chart. This method allows filtering the traffic data by various criteria. ## OpenAPI ````yaml /api-reference/services_documented/waap_api.yaml get /waap/v1/analytics/traffic-filtered openapi: 3.1.0 info: title: Gcore OpenAPI – WAAP API description: >- This OpenAPI is an aggregated OpenAPI specification that unifies all Gcore products into a single file. It covers Cloud, CDN, DNS, WAAP, DDoS Protection, Object Storage, Streaming, and FastEdge services. version: '2026-05-15T06:37:28.230198+00:00' servers: - url: https://api.gcore.com security: - APIKey: [] tags: - name: WAAP Service x-displayName: WAAP Service - name: Domains x-displayName: Domains - name: Policies x-displayName: Policies - name: Analytics x-displayName: Analytics - name: Custom Page Sets x-displayName: Custom Page Sets - name: Custom Rules x-displayName: Custom Rules - name: Filter Templates x-displayName: Filter Templates - name: Firewall Rules x-displayName: Firewall Rules - name: Advanced Rules x-displayName: Advanced Rules - name: Tags x-displayName: Tags - name: Network Organizations x-displayName: Network Organizations - name: API Discovery x-displayName: API Discovery - name: IP Spotlight x-displayName: IP Spotlight - name: Security Insights x-displayName: Security Insights - name: IP Reputation x-displayName: IP Reputation paths: /waap/v1/analytics/traffic-filtered: get: tags: - Analytics summary: Get filtered traffic data description: >- Retrieves a traffic time series data over a set of domains. The response is suitable for plotting a time series chart. This method allows filtering the traffic data by various criteria. operationId: get_traffic_filtered_v1_analytics_traffic_filtered_get parameters: - name: domains in: query required: false schema: type: array items: type: integer exclusiveMinimum: 0 description: Domain ID description: >- List of domain IDs. Empty list means all domains belonging to the current account. example: - 1 - 2 - 3 examples: - - 1 - 2 - 3 title: Domains description: >- List of domain IDs. Empty list means all domains belonging to the current account. - name: resolution in: query required: true schema: $ref: '#/components/schemas/Resolution' description: Specifies the granularity of the result data. description: Specifies the granularity of the result data. - name: bucket_size in: query required: false schema: anyOf: - enum: - 60 - 300 - 600 - 900 - 1800 - 3600 - 7200 - 10800 - 21600 - 43200 - 86400 type: integer - type: 'null' description: >- Optional explicit aggregation bucket width in seconds. When supplied, `bucket_size` supersedes `resolution` for aggregation granularity. title: Bucket Size description: >- Optional explicit aggregation bucket width in seconds. When supplied, `bucket_size` supersedes `resolution` for aggregation granularity. - name: start in: query required: true schema: type: string description: >- Filter data items starting from a specified date in ISO 8601 format example: '2024-04-13T00:00:00+01:00' examples: - '2024-04-13T00:00:00+01:00' title: Start description: Filter data items starting from a specified date in ISO 8601 format - name: end in: query required: false schema: anyOf: - type: string - type: 'null' description: >- Filter data items up to a specified end date in ISO 8601 format. If not provided, defaults to the current date and time. examples: - '2024-04-14T12:00:00Z' title: End description: >- Filter data items up to a specified end date in ISO 8601 format. If not provided, defaults to the current date and time. - name: ips in: query required: false schema: type: array items: type: string format: ipvanyaddress description: Filter traffic data by client IP. example: - 1.2.3.4 - ' 2001:678:194::3c25:ddad' examples: - - 1.2.3.4 - ' 2001:678:194::3c25:ddad' title: Ips description: Filter traffic data by client IP. - name: path in: query required: false schema: anyOf: - type: string - type: 'null' description: Filter by URL path with a glob-like pattern. examples: - /home - /users/*/profile title: Path description: Filter by URL path with a glob-like pattern. - name: countries in: query required: false schema: type: array items: type: string pattern: ^\w{2}$ description: >- Filter data by a country code of the originating IP address in ISO 3166-1 alpha-2 format. example: - DE - MY examples: - - DE - MY title: Countries description: >- Filter data by a country code of the originating IP address in ISO 3166-1 alpha-2 format. - name: status_codes in: query required: false schema: type: array items: type: integer maximum: 599 minimum: 100 description: Filter data by HTTP response status code. example: - '403' - '499' examples: - - '403' - '499' title: Status Codes description: Filter data by HTTP response status code. - name: http_methods in: query required: false schema: type: array items: $ref: '#/components/schemas/HttpMethodType' description: Filter by HTTP methods example: - GET - HEAD examples: - - GET - HEAD title: Http Methods description: Filter by HTTP methods - name: reference_ids in: query required: false schema: type: array items: type: string pattern: ^[a-f0-9]{32}$ description: Filter data by reference IDs. title: Reference Ids description: Filter data by reference IDs. - name: request_ids in: query required: false schema: type: array items: type: string pattern: ^[a-f0-9]{32}-[0-9]{6}$ description: Filter data by request IDs. title: Request Ids description: Filter data by request IDs. - name: session_ids in: query required: false schema: type: array items: type: string pattern: ^[a-f0-9]{32}$ description: Filter data by session IDs. title: Session Ids description: Filter data by session IDs. - name: security_rule_names in: query required: false schema: type: array items: type: string maxLength: 100 pattern: ^[a-zA-Z0-9_ ~!@#$%^&*()+\[\]{}|.,;:<>?/-]*$ description: Filter data by name of a security rule matched the request. example: - SQL injection examples: - - SQL injection title: Security Rule Names description: Filter data by name of a security rule matched the request. - name: decision in: query required: false schema: type: array items: $ref: '#/components/schemas/EventDecision' description: Filter data by the event decision. description: Filter data by decision. example: - allowed - blocked examples: - - allowed - blocked title: Decision description: Filter data by decision. - name: optional_action in: query required: false schema: type: array items: $ref: '#/components/schemas/OptionalAction' description: Filter data by the optional action. description: Filter data by optional action. example: - captcha - challenge examples: - - captcha - challenge title: Optional Action description: Filter data by optional action. - name: exclude_ips in: query required: false schema: type: array items: type: string format: ipvanyaddress description: Exclude traffic data by client IP. example: - 1.2.3.4 - 2001:678:194::3c25:ddad examples: - - 1.2.3.4 - 2001:678:194::3c25:ddad title: Exclude Ips description: Exclude traffic data by client IP. - name: exclude_countries in: query required: false schema: type: array items: type: string pattern: ^\w{2}$ description: >- Exclude data by a country code of the originating IP address in ISO 3166-1 alpha-2 format. example: - DE - MY examples: - - DE - MY title: Exclude Countries description: >- Exclude data by a country code of the originating IP address in ISO 3166-1 alpha-2 format. - name: exclude_session_ids in: query required: false schema: type: array items: type: string pattern: ^[a-f0-9]{32}$ description: Exclude data by session IDs. title: Exclude Session Ids description: Exclude data by session IDs. - name: exclude_reference_ids in: query required: false schema: type: array items: type: string pattern: ^[a-f0-9]{32}$ description: Exclude data by reference IDs. title: Exclude Reference Ids description: Exclude data by reference IDs. - name: exclude_security_rule_names in: query required: false schema: type: array items: type: string maxLength: 100 pattern: ^[a-zA-Z0-9_ ~!@#$%^&*()+\[\]{}|.,;:<>?/-]*$ description: Exclude data by name of a security rule matched the request. example: - SQL injection examples: - - SQL injection title: Exclude Security Rule Names description: Exclude data by name of a security rule matched the request. - name: exclude_domains in: query required: false schema: type: array items: type: integer description: Exclude data by domain ID. title: Exclude Domains description: Exclude data by domain ID. - name: ja3 in: query required: false schema: anyOf: - type: string pattern: ^[0-9a-fA-F]{32}$ - type: 'null' description: >- Filter by JA3 TLS client fingerprint. When present, the value must be exactly 32 hexadecimal characters (mixed case allowed) and is case-folded to lowercase when the backend filter is built. Omit the parameter entirely to apply no JA3 filter. examples: - e7d705a3286e19ea42f587b344ee6865 title: Ja3 description: >- Filter by JA3 TLS client fingerprint. When present, the value must be exactly 32 hexadecimal characters (mixed case allowed) and is case-folded to lowercase when the backend filter is built. Omit the parameter entirely to apply no JA3 filter. - name: user_agent in: query required: false schema: anyOf: - type: string maxLength: 300 - type: 'null' description: >- Include entries whose user agent contains the supplied text, case-insensitive partial match. Omit the parameter to apply no user agent text filter. examples: - Mozilla/5.0 title: User Agent description: >- Include entries whose user agent contains the supplied text, case-insensitive partial match. Omit the parameter to apply no user agent text filter. - name: user_agent_clients in: query required: false schema: type: array items: type: string maxLength: 50 maxItems: 10 description: >- Include entries whose parsed user agent client exactly equals any supplied value. Omit or provide an empty list to apply no user agent client filter. example: - Chrome - Firefox examples: - - Chrome - Firefox title: User Agent Clients description: >- Include entries whose parsed user agent client exactly equals any supplied value. Omit or provide an empty list to apply no user agent client filter. - name: user_agent_devices in: query required: false schema: type: array items: type: string maxLength: 50 maxItems: 10 description: >- Include entries whose parsed user agent device exactly equals any supplied value. Omit or provide an empty list to apply no user agent device filter. example: - mac - Nokia - PlayStation examples: - - mac - Nokia - PlayStation title: User Agent Devices description: >- Include entries whose parsed user agent device exactly equals any supplied value. Omit or provide an empty list to apply no user agent device filter. - name: tags in: query required: false schema: type: array items: type: string maxLength: 50 maxItems: 5 description: >- Include entries whose tag exactly equals any supplied value. Omit or provide an empty list to apply no tag filter. example: - evasiveclient - injectionattack examples: - - evasiveclient - injectionattack title: Tags description: >- Include entries whose tag exactly equals any supplied value. Omit or provide an empty list to apply no tag filter. - name: organizations in: query required: false schema: type: array items: type: string maxLength: 100 maxItems: 10 description: >- Include entries whose organization exactly equals any supplied value. Omit or provide an empty list to apply no organization filter. example: - Example Org - Acme Corp examples: - - Example Org - Acme Corp title: Organizations description: >- Include entries whose organization exactly equals any supplied value. Omit or provide an empty list to apply no organization filter. - name: exclude_user_agent in: query required: false schema: anyOf: - type: string maxLength: 300 - type: 'null' description: >- Exclude entries whose user agent contains the supplied text, case-insensitive partial match. Omit the parameter to apply no user agent text exclusion. examples: - python-requests title: Exclude User Agent description: >- Exclude entries whose user agent contains the supplied text, case-insensitive partial match. Omit the parameter to apply no user agent text exclusion. - name: exclude_user_agent_clients in: query required: false schema: type: array items: type: string maxLength: 50 maxItems: 10 description: >- Exclude entries whose parsed user agent client exactly equals any supplied value. Omit or provide an empty list to apply no user agent client exclusion. example: - OpenAI GPTBot - Uptimerobot examples: - - OpenAI GPTBot - Uptimerobot title: Exclude User Agent Clients description: >- Exclude entries whose parsed user agent client exactly equals any supplied value. Omit or provide an empty list to apply no user agent client exclusion. - name: exclude_user_agent_devices in: query required: false schema: type: array items: type: string maxLength: 50 maxItems: 10 description: >- Exclude entries whose parsed user agent device exactly equals any supplied value. Omit or provide an empty list to apply no user agent device exclusion. example: - SMART TV examples: - - SMART TV title: Exclude User Agent Devices description: >- Exclude entries whose parsed user agent device exactly equals any supplied value. Omit or provide an empty list to apply no user agent device exclusion. - name: exclude_ja3 in: query required: false schema: anyOf: - type: string pattern: ^[0-9a-fA-F]{32}$ - type: 'null' description: >- Exclude entries whose JA3 TLS client fingerprint equals the supplied value. Must be exactly 32 hexadecimal characters (mixed case allowed) and is case-folded to lowercase when the backend filter is built. Omit the parameter to apply no JA3 exclusion. examples: - e7d705a3286e19ea42f587b344ee6865 title: Exclude Ja3 description: >- Exclude entries whose JA3 TLS client fingerprint equals the supplied value. Must be exactly 32 hexadecimal characters (mixed case allowed) and is case-folded to lowercase when the backend filter is built. Omit the parameter to apply no JA3 exclusion. - name: exclude_tags in: query required: false schema: type: array items: type: string maxLength: 50 maxItems: 5 description: >- Exclude entries whose tag exactly equals any supplied value. Omit or provide an empty list to apply no tag exclusion. example: - mousedevice examples: - - mousedevice title: Exclude Tags description: >- Exclude entries whose tag exactly equals any supplied value. Omit or provide an empty list to apply no tag exclusion. - name: exclude_organizations in: query required: false schema: type: array items: type: string maxLength: 100 maxItems: 10 description: >- Exclude entries whose organization exactly equals any supplied value. Omit or provide an empty list to apply no organization exclusion. example: - Acme corp examples: - - Acme corp title: Exclude Organizations description: >- Exclude entries whose organization exactly equals any supplied value. Omit or provide an empty list to apply no organization exclusion. responses: '200': description: Successful Response content: application/json: schema: type: array items: $ref: '#/components/schemas/CompactTrafficMetrics' title: >- Response Get Traffic Filtered V1 Analytics Traffic Filtered Get '400': content: application/problem+json: schema: $ref: '#/components/schemas/APIError' example: type: http-bad-request title: Bad Request status: 400 detail: 'Invalid domain name: ''''''''' description: Bad Request '401': description: Unauthorized content: application/problem+json: example: detail: Auth token is missing or invalid '403': description: Unauthenticated content: application/problem+json: example: detail: Permission denied '404': content: application/problem+json: schema: $ref: '#/components/schemas/APIError' example: type: http-not-found title: Not Found status: 404 detail: The resource is not found description: Not Found '422': content: application/problem+json: schema: $ref: '#/components/schemas/APICompositeError' example: type: request-validation-failed title: Request validation error. status: 422 detail: One or more fields have validation errors. errors: - loc: - body - name detail: Input should be a valid string - loc: - body - date detail: Field required - loc: - query - limit detail: Field required description: Unprocessable Entity '500': content: application/problem+json: schema: $ref: '#/components/schemas/APIError' example: type: internal-server-error title: Internal server error. status: 500 detail: >- An unexpected condition was encountered which prevented the server from fulfilling the request. description: Internal Server Error x-codeSamples: - lang: Python source: >- import os from gcore import Gcore client = Gcore( api_key=os.environ.get("GCORE_API_KEY"), # This is the default and can be omitted ) waap_compact_traffic_metrics = client.waap.analytics.get_traffic_filtered( resolution="daily", start="2024-04-13T00:00:00+01:00", ) print(waap_compact_traffic_metrics) - lang: Go source: "package main\n\nimport (\n\t\"context\"\n\t\"fmt\"\n\n\t\"github.com/G-Core/gcore-go\"\n\t\"github.com/G-Core/gcore-go/option\"\n\t\"github.com/G-Core/gcore-go/waap\"\n)\n\nfunc main() {\n\tclient := gcore.NewClient(\n\t\toption.WithAPIKey(\"My API Key\"),\n\t)\n\twaapCompactTrafficMetrics, err := client.Waap.Analytics.GetTrafficFiltered(context.TODO(), waap.AnalyticsGetTrafficFilteredParams{\n\t\tResolution: waap.AnalyticsGetTrafficFilteredParamsResolutionDaily,\n\t\tStart: \"2024-04-13T00:00:00+01:00\",\n\t})\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\tfmt.Printf(\"%+v\\n\", waapCompactTrafficMetrics)\n}\n" components: schemas: Resolution: type: string enum: - daily - hourly - minutely title: Resolution description: Specifies the granularity of the result data. HttpMethodType: type: string enum: - DELETE - GET - HEAD - OPTIONS - PATCH - POST - PUT - TRACE title: HttpMethodType description: An HTTP method of a request. EventDecision: type: string enum: - blocked - monitored - allowed - passed title: EventDecision description: >- The decision made for processing a request through the WAAP. - BLOCKED: Traffic that was directly blocked by security policies, rules, CAPTCHA, challenge or L7 DDoS. Works for protected domains only. - MONITORED: Traffic that was identified as malicious by security policies. Currently works for monitored domains only. Later, monitored mode for rules will be added. - ALLOWED: Traffic that was allowed directly with some policies or rules. - PASSED: Traffic that was passed to the origin and didn't trigger any rules. OptionalAction: type: string enum: - captcha - challenge title: OptionalAction description: >- An optional action that may be applied in addition to the primary decision. - CAPTCHA: Traffic that triggered the CAPTCHA. - CHALLENGE: Traffic that triggered the Browser validation challenge. CompactTrafficMetrics: properties: timestamp: type: integer title: Timestamp description: UNIX timestamp indicating when the traffic data was recorded passed: type: integer title: Passed description: >- Traffic (number of requests) that was passed to the origin and didn't trigger any rules default: 0 blocked: type: integer title: Blocked description: >- Traffic blocked by a security policy, custom rule, or DDoS protection default: 0 monitored: type: integer title: Monitored description: >- Traffic that was identified as malicious by security policies (for monitored domains) default: 0 allowed: type: integer title: Allowed description: Traffic passed due to a permissive security rule default: 0 type: object required: - timestamp title: CompactTrafficMetrics description: >- Represents the compact traffic metrics for a domain at a given time window APIError: properties: type: type: string title: Type description: A URI identifier that categorizes the type of error. title: type: string title: Title description: A brief, human-readable title for the error. status: type: integer title: Status description: The HTTP status code applicable to this error. detail: anyOf: - type: string - type: 'null' title: Detail description: A detailed human-readable explanation of the error. type: object required: - type - title - status - detail title: APIError APICompositeError: properties: type: type: string title: Type description: A URI identifier that categorizes the type of error. title: type: string title: Title description: A brief, human-readable title for the error. status: type: integer title: Status description: The HTTP status code applicable to this error. detail: anyOf: - type: string - type: 'null' title: Detail description: A detailed human-readable explanation of the error. errors: items: $ref: '#/components/schemas/APIFieldError' type: array title: Errors description: A list of detailed errors for individual fields. type: object required: - type - title - status - detail - errors title: APICompositeError APIFieldError: properties: loc: anyOf: - items: anyOf: - type: integer - type: string type: array - {} title: Loc description: The location of the field or a character number causing the error. detail: type: string title: Detail description: A human-readable message describing the error. type: object required: - loc - detail title: APIFieldError securitySchemes: APIKey: description: >- API key for authentication. Make sure to include the word `apikey`, followed by a single space and then your token. Example: `apikey 1234$abcdef` type: apiKey in: header name: Authorization ````