Rules

Magic Network Monitoring rules will allow you to monitor the traffic volume destined for IP addresses or IP prefixes on your network. You can also receive alerts if the volume of traffic arriving at specific destinations exceeds a defined threshold.

Create rules

Log in to the Cloudflare dashboard, and select your account.
Go to Analytics & Logs > Magic Monitoring.
Select Configure Magic Network Monitoring > Add new rule.
Create your rule according to your needs. Refer to Rule fields for more information on what each field does.
Select Create a new rule when you are finished.

Edit or delete rules

Log in to the Cloudflare dashboard, and select your account.
Go to Analytics & Logs > Magic Monitoring.
Select Configure Magic Network Monitoring.
Find the rule you want to edit, and select Edit. Optionally, you can also select Delete to delete a rule.
Edit the appropriate fields. Refer to Rule fields for more information on what each field does.
Select Save when you are finished.

Rule Auto-Advertisement

If you are an Enterprise customer using Magic Transit On Demand, enable Auto-Advertisement if you want to automatically activate Magic Transit when a certain threshold is exceeded.

Follow the previous steps to create or edit a rule. Then, make sure you enable Auto-Advertisement.

Rule fields

Field	Description
Rule name	Must be unique and cannot contain spaces. Supports characters `A-Z`, `a-z`, `0-9`, underscore (`_`), dash (`-`), period (`.`), and tilde (`~`). Max 256 characters.
Rule threshold type	Can be defined in either bits per second or packets per second.
Rule threshold	The number of bits per second or packets per second for the rule alert. When this value is exceeded for the rule duration, an alert notification is sent. Minimum of `1` and no maximum.
Rule duration	The amount of time in seconds the rule threshold must exceed to send an alert notification. The minimum is 60 seconds and maximum is six hours (21,600 seconds).
Auto-advertisement	If you are a Magic Transit On Demand customer, you can enable this feature to automatically enable Magic Transit if the rule alert is triggered.
Rule IP prefix	The IP prefix associated with the rule for monitoring traffic volume. Must be a CIDR range such as `160.168.0.1/24`. Max is 5,000 unique CIDR entries.

Enable per-prefix thresholds with the API

You can also use the Magic Network Monitoring API to configure custom thresholds for specific prefixes.

The system uses the concept of rules, and each rule consists of a group of prefixes. All prefixes inside a rule are evaluated as a whole, and you should set up a rule if you want the prefixes’ aggregated traffic to trigger an alert or advertisement. For thresholds on singular prefixes or IPs, you can create an individual rule with one prefix and the desired threshold.

Example

"rules":[        "name": "Too many packets",        "prefixes": ["192.168.0.0/24", "172.118.0.0/24"],        "packet_threshold": 10000,        "automatic_advertisement": true,        "duration": "1m0s",       ]

For more granular thresholds, create a more focused rule as shown below.

"rules":[        "name": "Too many packets",        "prefixes": ["172.118.0.0/24"],        "packet_threshold": 1000,        "automatic_advertisement": true,        "duration": "1m0s",       ]

Refer to the Magic Network Monitoring API documentation for more information.

Rules

​​ Create rules

​​ Edit or delete rules

​​ Rule Auto-Advertisement

​​ Rule fields

​​ Enable per-prefix thresholds with the API

​​ Example