Skip to content

Checking the filtering node operation

If everything is configured correctly, Wallarm filters the requests and proxies the filtered requests in accordance with the configuration file settings.

1. Execute the wallarm-status Request

You can get filter node operation statistics by requesting the /wallarm-status URL.

Run the command:


The output will be like:

{ "requests":0,"attacks":0,"blocked":0,"abnormal":0,"tnt_errors":0,"api_errors":0,
"requests_lost":0,"segfaults":0,"memfaults":0, "softmemfaults":0,"time_detect":0,"db_id":46,
"lom_id":16767,"proton_instances": { "total":1,"success":1,"fallback":0,"failed":0 },
"stalled_workers_count":0,"stalled_workers":[] }

This means that the filter node statistics service is running and working properly.

The Statistics Service

You can read more about the statistics service and how to configure it here.

2. Run a Test Attack

To check if Wallarm correctly detects attacks, send an invalid request to the
protected resource.

For example:


Wallarm must detect in the request the following:

Now the counter of the number of attacks will increase when a request for wallarm-status is executed, which means that the filter node is operating normally.

If the operation check is successful, the initial installation and setup is complete.