Session Collector Session Filter

  • Updated on Oct 23, 2025
  • Published on Jun 10, 2021
  • 3 minute(s) read
  • AH
  • AH
  • AC
 Prev Next

Sometimes you don't want all the data coming into Sensor Collector (previously Roadrunner) to be sent up to Cisco Provider Connectivity Assurance. You can control what data moves up the ingestion pipeline by using session filters.

Cisco Provider Connectivity Assurance lets you configure policies that determine what data our collector agents (Sensor Collector) allow through.

Session Filters can:

  • Function as a blocklist or an allowlist
  • Operate on exact or partial matching
  • Allow for one or more session filters to be added to a session filter profile, which can then be assigned to one or more connectors

By default, if a connector is not assigned a session filter, all data is allowed through.
These policies are managed centrally via Analytics APIs as filter profiles that can be applied to one or more Sensor Collectors, and once active, they are automatically distributed to each Sensor Collector.

image.png

Reference Steps

image.png

For more information on how to create one or more session filters, see: https://api.analytics.accedian.io/session.html#operation/CreateSessionFilterV2

For more information on how to create a session profile including one or more filters, see: https://api.analytics.accedian.io/session.html#operation/CreateSessionFilterProfileV2

For more information on how to update the Sensor Collector config to reference the new session filter profile, see: https://api.analytics.accedian.io/session.html#operation/UpdateConnectorConfigV2

Example Flow

Here is an example of how to setup the new Session Filter via APIs. You can use Postman or any other REST/API tool for this:

Note: Every API request here requires a valid Authorization header.

To setup the new Session Filter via APIs:

  1. Create session filter profile.
    In the example below, we're creating a session filter profile and including a relationship to the session filter entity with ID 11. If this entity does not exist, the following call will fail with an error message. The following call will return a session filter profile object with an ID. We will need this ID later.
curl -X POST \
  https://{{tenantSubdomain}}/api/v2/session-filter-profiles \
  -H 'Content-Type: application/vnd.api+json' \
  -d '{
    "data": {
        "attributes": {
            "name": "{{name}}"
        },
        "relationships": {
            "sessionFilters": {
                "data": [
		    {
                        "id": "11",
                        "type": "sessionFilters"
                    }
                ]
            }
        },
        "type": "sessionFilterProfiles"
    }
}'
  • {{name}} - a user given name for this session filter profile
  • {{tenantSubdomain}} - subdomain of the tenant
  1. Create one or more session filters.
    In the example below, we're creating a session filter that will allow any object that has 22600 OR 11111 in its ID. The following call will return a session filter object with an ID. We will need this ID in the next step.
curl -X POST \
  https://{{tenantSubdomain}}/api/v2/session-filters \
  -H 'Content-Type: application/vnd.api+json' \
  -d '{
    "data": {
        "attributes": {
            "name": "{{name}}",
            "type": "whitelist",
            "filterItems" : [
	       {"field": "objectId", "value" : "11111", "isPartialMatch": true},
	       {"field": "objectId", "value" : "22600", "isPartialMatch": true}
            ]
        },
        "type": "sessionFilters"
    }
}'
  • {{name}} - a user given name for this session filter profile
  • {{tenantSubdomain}} - subdomain of the tenant
  1. Assign session filters to the session filter profile.
curl -X PUT \
  https://{{tenantSubdomain}}/api/v2/session-filter-profiles/{{sfpID}} \
  -H 'Content-Type: application/vnd.api+json' \
  -d '{
    "data": {
        "attributes": {
            "name": "{{name}}"
        },
        "id": "{{sfpID}}",
        "relationships": {
            "sessionFilters": {
                "data": [
                    {
                        "id": "{{sfID}}",
                        "type": "sessionFilters"
                    }
                ]
            }
        },
        "type": "sessionFilterProfiles"
    }
}'
  • {{sfID}} - ID of the session filter from Step 2
  • {{sfpID}} - ID of the session filter profile from Step 1
  • {{name}} - a user given name for this session filter profile
  • {{tenantSubdomain}} - subdomain of the tenant
  1. Update the Sensor Collector configuration to reference the newly created session filter. For the connector update call, it is important to include the whole configuration object in the payload.

Note: When the payload is sent to update the connector configuration, you will need to ensue the "_rev" value is updated with the correct value. This value gets updated often so you'll need to run the GetConnectorConfig request to get the latest and update this call quickly. Be quick, otherwise the value will change and you'll get a 409 response.
:::

curl -X PATCH \
  https://{{tenantSubdomain}}/api/v2/connector-configs/{{connectorID}} \
  -H 'Content-Type: application/json' \
  -d '{  
   "data":{  
      "type":"connectorConfigs",
      "attributes": {
   		  ...
        "SessionFilterProfileID": "{{sfpID}}"
        ...
      }
   }
}'
  • {{sfpID}} - ID of the session filter profile from Step 1
  • {{connectorID}} - ID of the connector
  • {{tenantSubdomain}} - subdomain of the tenant

© 2025 Cisco and/or its affiliates. All rights reserved.

For more information about trademarks, please visit: Cisco trademarks
For more information about legal terms, please visit: Cisco legal terms
For legal information about Accedian Skylight products, please visit: Accedian legal terms and trademarks