Skip to content

API Sessions Overview

Wallarm's API Sessions provide visibility into user sessions within your traffic. For each session, Wallarm gathers detailed request data, enabling a structured view of session activity. This article gives an overview of API Sessions: issues addressed by it, its purpose and main possibilities.

API Sessions require NGINX Wallarm node 5.1.0 or native Wallarm node 0.8.0.

!API Sessions section - monitored sessions

Addressed issues

The primary challenge the API Sessions address is the lack of full context when viewing only individual attacks detected by Wallarm. By capturing the logical sequence of requests within each session, API Sessions provide insights into broader attack patterns and helps identify the areas of business logic impacted by security measures.

As there are API sessions precisely identified by Wallarm, they:

As you have the API sessions monitored by Wallarm, you can:

How API Sessions work

All traffic that Wallarm node is enabled to secure is organized into sessions and displayed in the API Sessions section.

You can customize how requests should be grouped into sessions based on your applications' logic. Also, you can specify which parameters should be displayed within session to help you to understand the session content: what and in what order the user did (context parameters). See details in API Sessions Setup.

Note that Wallarm stores and displays sessions only for the last week. The older sessions are deleted to provide an optimal performance and resource consumption.

API Sessions and API Abuse Prevention

Wallarm's API Abuse Prevention detects malicious bots analyzing the sequences of requests in one or several related sessions, for example, sessions having the same value of the SESSION-ID header and only divided by time/date.

Thus, when you customize how requests are grouped into sessions in accordance with your specific application logic, it affects the work of API Abuse Prevention making both session identification and bot detection more precise.