Configuring synchronization between Wallarm node and Cloud¶
The filtering node regularly synchronizes with the Wallarm Cloud to:
-
Get updates for traffic processing rules (LOM)
-
Get updates of proton.db
-
Send data on detected attacks and vulnerabilities
-
Send metrics for processed traffic
These instructions describe parameters and methods used to configure filtering node and Wallarm Cloud synchronization.
Access parameters¶
Parameters such as the filtering node name, UUID, and Wallarm API secret key, which enable filtering node to access the Cloud, are explicitly set in node.yaml
. This file is automatically generated by the register-node
script.
-
For Docker NGINX-based image, cloud images, NGINX Node all-in-one installer and Native Node installations, find the file at
/opt/wallarm/etc/wallarm/node.yaml
, unless overridden by thewallarm_api_conf
directive. -
For other installations, the
node.yaml
location may vary or be overridden by thewallarm_api_conf
directive. Use search or check thewallarm_api_conf
value to locate the file.
The node.yaml
file may contain the following access parameters:
Parameter | Description | Default value |
---|---|---|
hostname | Filtering node name. This variable is required to be set in the node.yaml file. | Provided by register-node |
regtoken | Token for node to be able to access the Wallarm API. | Provided by register-node |
uuid | Filtering node UUID. This variable is required to be set in the node.yaml file. | Provided by regtoken |
secret | Secret key to access the Wallarm API. This variable is required to be set in the node.yaml file. | Provided by regtoken |
api.host | Wallarm API endpoint. Can be:
| api.wallarm.com |
api.port | Wallarm API port. | 443 |
api.use_ssl | Whether to use SSL when connecting to Wallarm API. | true |
api.ca_verify | Whether to enable/disable Wallarm API server certificate verification. Can be:
| true |
api.ca_file | Path to the SSL certificate file. | /usr/share/wallarm-common/ca.pem |
api.localhost | Local IP address of the network interface through which requests to Wallarm API are sent. This parameter is required if the network interface used by default restricts access to Wallarm API (for example, access to the Internet may be closed). | - |
api.localport | Port of the network interface through which requests to Wallarm API are sent. This parameter is required if the network interface used by default restricts access to Wallarm API (for example, access to the Internet may be closed). | - |
To change synchronization parameters, proceed with the following steps:
-
Make changes to the
node.yaml
file by adding the required parameters and assigning the desired values to them. -
Restart NGINX to apply updated settings to the synchronization process:
Synchronization interval¶
By default, the filtering node synchronizes with the Wallarm Cloud every 120‑240 seconds (2‑4 minutes). You can change the synchronization interval via the system environment variable WALLARM_SYNCNODE_INTERVAL
.
To change the interval between filtering node and Wallarm Cloud synchronizations:
-
Open the file
/etc/environment
. -
Add the
WALLARM_SYNCNODE_INTERVAL
variable to the file and set a desired value to the variable in seconds. The value cannot be less than the default value (120
seconds). For example: -
Save the changed file
/etc/environment
. New interval value will be applied to the synchronization process automatically.
Configuration example¶
Note that besides parameters providing the filtering node access to the Cloud (general and api
sections, described in this article), the node.yaml
file may also contain parameters providing different processes the access to files needed for the node operation (syncnode
section).
Example of the valid node.yaml
contents: