add new radar tool attacks

Author: sabina

apps/radar/README.md

@@ -13,6 +13,7 @@ Currently available tools:
 | **Category**           | **Tool**                  | **Description**                                                                                                           |
 | ---------------------- | ------------------------- | ------------------------------------------------------------------------------------------------------------------------- |
 | **HTTP Requests**      | `get_http_requests_data`  | Fetches HTTP request data (timeseries, summaries, and grouped timeseries across dimensions like `deviceType`, `botClass`) |
+| **L7 Attacks**      | `get_l7_attack_data`  | Fetches L7 attack data (timeseries, summaries, and grouped timeseries across dimensions like `mitigationProduct`, `ipVersion`) |
 | **Autonomous Systems** | `list_autonomous_systems` | Lists ASes; filter by location and sort by population size                                                                |
 |                        | `get_as_details`          | Retrieves detailed info for a specific ASN                                                                                |
 | **IP Addresses**       | `get_ip_details`          | Provides details about a specific IP address                                                                              |

apps/radar/src/tools/radar.ts

@@ -17,6 +17,7 @@ import {
 	DomainParam,
 	DomainRankingTypeParam,
 	HttpDimensionParam,
+	L7AttackDimensionParam,
 	IpParam,
 	LocationArrayParam,
 	LocationListParam,
@@ -268,7 +269,7 @@ export function registerRadarTools(agent: RadarMCP) {
 		'get_http_requests_data',
 		'Retrieve HTTP request trends. Provide either a `dateRange`, or both `dateStart` and `dateEnd`, to define the time window. ' +
 			'Use arrays to compare multiple filters — the array index determines which series each filter value belongs to.' +
-			'For each filter series, you must provide a corresponding `dateRange`, or a `dateStart`/`dateEnd` pair.',
+			'For each filter series, you must provide a corresponding `dateRange`, or a `dateStart`/`dateEnd` pair. For parsing the results here are some suggestions: Analyze the data if the response is a summary, If the response is a timeseries visualize the data',
 		{
 			dateRange: DateRangeArrayParam.optional(),
 			dateStart: DateStartArrayParam.optional(),
@@ -322,4 +323,64 @@ export function registerRadarTools(agent: RadarMCP) {
 			}
 		}
 	)
+
+
+	agent.server.tool(
+		'get_l7_attack_data',
+		'Retrieve L7 app attack trends. Provide either a `dateRange`, or both `dateStart` and `dateEnd`, to define the time window. ' +
+			'Use arrays to compare multiple filters — the array index determines which series each filter value belongs to.' +
+			'For each filter series, you must provide a corresponding `dateRange`, or a `dateStart`/`dateEnd` pair.',
+		{
+			dateRange: DateRangeArrayParam.optional(),
+			dateStart: DateStartArrayParam.optional(),
+			dateEnd: DateEndArrayParam.optional(),
+			asn: AsnArrayParam,
+			continent: ContinentArrayParam,
+			location: LocationArrayParam,
+			format: DataFormatParam,
+			dimension: L7AttackDimensionParam,
+		},
+		async ({ dateStart, dateEnd, dateRange, asn, location, continent, format, dimension }) => {
+			try {
+				if (format !== 'timeseries' && !dimension) {
+					throw new Error(`The '${format}' format requires a 'dimension' to group the data.`)
+				}
+
+				const client = getCloudflareClient(agent.props.accessToken)
+				const endpoint = (...args: any) =>
+					format === 'timeseries'
+						? client.radar.attacks.layer7[format](...args)
+						: client.radar.attacks.layer7[format][dimension!](...args)
+
+				const r = await endpoint({
+					asn,
+					continent,
+					location,
+					dateRange,
+					dateStart,
+					dateEnd,
+				})
+
+				return {
+					content: [
+						{
+							type: 'text',
+							text: JSON.stringify({
+								result: r,
+							}),
+						},
+					],
+				}
+			} catch (error) {
+				return {
+					content: [
+						{
+							type: 'text',
+							text: `Error getting L7 attack data: ${error instanceof Error && error.message}`,
+						},
+					],
+				}
+			}
+		}
+	)
 }

apps/radar/src/types/radar.ts

@@ -4,6 +4,8 @@
 import { z } from 'zod'
 
 import type { HTTPTimeseriesParams, RankingTopParams } from 'cloudflare/resources/radar'
+import type {  Layer7TimeseriesParams } from 'cloudflare/resources/radar/attacks'
+
 import type { ASNListParams } from 'cloudflare/resources/radar/entities'
 
 export const AsnParam = z
@@ -153,3 +155,16 @@ export const HttpDimensionParam = z
 	.describe(
 		"Dimension used to group HTTP data. Allowed only when the format is 'summary' or 'timeseriesGroups'."
 	)
+
+export const L7AttackDimensionParam = z
+	.enum([
+	
+		'httpMethod',
+		'httpVersion',
+		'ipVersion',
+		'mitigationProduct',
+	])
+	.optional()
+	.describe(
+		"Dimension used to group L7 attack data. Allowed only when the format is 'summary' or 'timeseriesGroups'."
+	)