Skip to main content

Securedns Categoryget

RetrieveThe SecureDNS transactionCategory API enables retrieval of categorization information for SecureDNS transactions using their unique identifiers. This endpoint is essential for understanding what type of DNS activity or threat category informationwas byassociated UUID.with a specific transaction, providing crucial context for security analysis and compliance reporting.

Base URL: https://control.zequenze.com/api/v1

Authentication: All endpoints require a Bearer token:

Authorization: Bearer <your-api-token>

Overview

The SecureDNS Category API provides access to transaction categorization data within Zequenze's SecureDNS service. When SecureDNS processes DNS requests, each transaction is assigned a unique identifier (UUID) and categorized based on the type of content, threat level, or policy match that occurred.

This API category is particularly valuable for:

    Security Analysis: Understanding what categories of content users are accessing Compliance Reporting: Generating reports on blocked or allowed content categories Incident Investigation: Researching specific DNS transactions during security incidents Policy Validation: Confirming that DNS filtering policies are working as expected

    The categorization system helps administrators understand whether DNS requests were related to malware, phishing, social media, productivity tools, or other predefined categories. This information is crucial for maintaining security posture and ensuring compliance with organizational policies.

    Endpoints

    GET /securedns_categoryget/

    ReturnsDescription: Retrieves the category name ofassociated with a specific SecureDNS transaction identified byusing its UUID. This endpoint allowsis essential when you need to retrieveunderstand classificationwhat informationtype of content or threat was associated with a particular DNS request, whether it was blocked, allowed, or flagged for specificreview.

    Use Cases:

      Investigating security incidents by looking up transaction categories Generating compliance reports showing what categories of content were accessed Validating DNS securityfiltering transactions.policy effectiveness Providing detailed context for DNS transaction logs

      Full URL Example:

      https://control.zequenze.com/api/v1/securedns_categoryget/?uuid=550e8400-e29b-41d4-a716-446655440000

      Parameters:

      Parameter Type In Required Description
      uuid string query Yes The UUIDunique identifier of the SecureDNS transaction for which you want to retrieve the category information

      ExamplecURL Request:Example:

      curl -X GET "https://control.zequenze.com/api/v1/securedns_categoryget/?uuid=550e8400-e29b-41d4-a716-446655440000446655440000" \
  -H "Authorization: Bearer <your-api-token>YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

      Example Response:

      {
  "uuid": "550e8400-e29b-41d4-a716-446655440000",
  "category": "malware"Social Media",
  "category_id": 23,
  "threat_level": "low",
  "policy_action": "allowed",
  "timestamp": "2024-01-15T10:30:00Z"15T14:23:45Z",
  "domain": "facebook.com",
  "subcategory": "Social Networking"
}

      Response Codes:

      Status Description
      200 Category request Ok - Successfully retrieved category information
      401 Category request not authorized - Invalid or missing Bearer token
      403 Category request forbidden / not allowed - Insufficient permissions to access this transaction
      404 Provided UUID don't match any transaction - The specified UUID does not exist in the system

      Common Use Cases

      Use Case 1: Security Incident Investigation

      When investigating a potential security breach, security analysts can use transaction UUIDs from their SIEM or log analysis tools to quickly determine what categories of content were involved in suspicious DNS activity.

      Use Case 2: Compliance Reporting

      Organizations can batch process transaction UUIDs to generate comprehensive reports showing what categories of content users accessed during specific time periods, helping demonstrate compliance with industry regulations.

      Use Case 3: Policy Effectiveness Analysis

      IT administrators can sample transaction UUIDs from their DNS logs to verify that their SecureDNS policies are correctly categorizing and handling different types of content according to organizational requirements.

      Use Case 4: User Activity Context

      Help desk teams can look up specific transactions when users report blocked content, providing immediate context about why certain domains were categorized and blocked.

      Best Practices

      • UUID Validation: Always validate UUIDsUUID format before making requestsAPI calls to avoid unnecessary 404 errorsresponses
      • Store Rate Limiting: Implement appropriate delays when processing large batches of UUIDs to respect API rate limits
      Error Handling: Design your application to gracefully handle 404 responses for UUIDs that may have aged out of the system Caching: Consider caching category informationresults locally if you need to reference itfor frequently queried UUIDs to reduce API calls and improve performance Implement properSecurity: Never log or expose Bearer tokens in your application code or configuration files Monitoring: Track API response times and error handlingrates forto 404ensure responsesoptimal performance when UUIDsprocessing mayhigh notvolumes existof Usecategory appropriate retry logic for 401/403 errors after checking authentication credentials Categories typically include values like: malware, phishing, spam, adult-content, or safelookups
      Back to top