Skip to content

API Discovery Setup

This article describes how to enable, configure and debug the API Discovery module.


API Discovery is included in all forms of the Wallarm node installation, except for the Debian 11.x and Ubuntu 22.04 individual packages. During node deployment, it installs the API Discovery module but keeps it disabled by default.

To enable and run API Discovery correctly:

  1. If you install node from the individual packages, make sure your Wallarm node is of the supported version.

    To ensure that you always have access to the full range of the API Discovery features, it is recommended to check for updates to the wallarm-appstructure package on a regular basis as follows:

    sudo apt update
    sudo apt install wallarm-appstructure
    sudo yum update
    sudo yum install wallarm-appstructure
  2. Make sure your subscription plan includes API Discovery. To change the subscription plan, please send a request to

  3. In Wallarm Console → API DiscoveryConfigure API Discovery, enable traffic analysis with API Discovery.

Once the API Discovery module is enabled, it will start the traffic analysis and API inventory building. The API inventory will be displayed in the API Discovery section of Wallarm Console.


By clicking the Configure API Discovery button in the API Discovery section, you proceed to the API discovery fine-tuning options, such as choosing applications for API discovery and customizing the risk score calculation.

Choosing applications for API Discovery

You may enable/disable API Discovery for all applications or only the selected ones:

  1. Ensure that the applications are added as described in the Setting up applications article.

    If the applications are not configured, structures of all APIs are grouped in one tree.

  2. Enable API Discovery for the required applications in Wallarm Console → API DiscoveryConfigure API Discovery.

    API Discovery – Settings

When you add a new application in SettingsApplications, it is automatically added to the list of applications for API discovery in the disabled state.

Customizing risk score calculation

You can configure the weight of each factor in risk score calculation and calculation method.


To get and analyze the API Discovery logs, you can use the following methods:

  • If the Wallarm node is installed from individual DEM/RPM packages: run the standard utility journalctl or systemctl inside the instance.

    journalctl -u wallarm-appstructure
    systemctl status wallarm-appstructure
  • If the Wallarm node is deployed from the Docker container, Amazon Machine Image (AMI) or Google Cloud Machine Image: read the log file /opt/wallarm/var/log/wallarm/appstructure-out.log inside the container.

  • If the Wallarm node is deployed as the Kubernetes Ingress controller: check the status of the pod running the Tarantool and wallarm-appstructure containers. The pod status must be Running.

    kubectl get po -l app=nginx-ingress,component=controller-wallarm-tarantool

    Read the logs of the wallarm-appstructure container:

    kubectl logs -l app=nginx-ingress,component=controller-wallarm-tarantool -c wallarm-appstructure