Roadrunner Session Filter

Updated on 07 Feb 2022
3 Minutes to read
Contributors

Print
Share
Dark
Light
PDF

Article Summary

Share feedback

Thanks for sharing your feedback!

Sometimes you don't want all of the data coming into Roadrunner to make its way up to Skylight Analytics - filter what moves up the ingestion pipeline using this feature!

Skylight Analytics offers the ability to configure policies about what data our collector agents (Roadrunner) allow through.

Session Filters can be either blacklist or whitelist
They can operate on exact or partial matching.
One or more Session Filters can be added to a Session Filter Profile, which can then be assigned to one or more Connectors.
By default, if a connector is not provided a Session Filter, everything is allowed through.
These policies are managed centrally via Analytics APIs as filter profiles that can be applied to one or more roadrunners, and once active, are automatically distributed to each roadrunner

Reference Steps

Create one or more session filters:

https://api.analytics.accedian.io/session.html#operation/CreateSessionFilterV2

Create a session profile including one or more filters:

https://api.analytics.accedian.io/session.html#operation/CreateSessionFilterProfileV2

Update the Roadrunner config to reference the new session filter profile:

https://api.analytics.accedian.io/session.html#operation/UpdateConnectorConfigV2

Example Flow

Here is an example of how to setup the new Session Filter via APIs. You can use Postman or any other REST/API tool for this:

Every API request here requires a valid Authorization header.

Create session filter profile. In the example below, we're creating a session filter profile. In this example we're including a relationship to the session filter entity with ID 11. If this entity does not exist, the following call will fail with an error message. The following call will return a session filter profile object with an ID. We will need this ID later.

curl -X POST \
  https://{{tenantSubdomain}}/api/v2/session-filter-profiles \
  -H 'Content-Type: application/vnd.api+json' \
  -d '{
    "data": {
        "attributes": {
            "name": "{{name}}"
        },
        "relationships": {
            "sessionFilters": {
                "data": [
		    {
                        "id": "11",
                        "type": "sessionFilters"
                    }
                ]
            }
        },
        "type": "sessionFilterProfiles"
    }
}'

{{name}} - a user given name for this session filter profile
{{tenantSubdomain}} - subdomain of the tenant

Create one or more session filters. In the example below, we're creating a session filter that will allow any object that has 22600 OR 11111 in its ID. The following call will return a session filter object with an ID. We will need this ID in the next step.

curl -X POST \
  https://{{tenantSubdomain}}/api/v2/session-filters \
  -H 'Content-Type: application/vnd.api+json' \
  -d '{
    "data": {
        "attributes": {
            "name": "{{name}}",
            "type": "whitelist",
            "filterItems" : [
	       {"field": "objectId", "value" : "11111", "isPartialMatch": true},
	       {"field": "objectId", "value" : "22600", "isPartialMatch": true}
            ]
        },
        "type": "sessionFilters"
    }
}'

{{name}} - a user given name for this session filter profile
{{tenantSubdomain}} - subdomain of the tenant

Assign session filters to the session filter profile

curl -X PUT \
  https://{{tenantSubdomain}}/api/v2/session-filter-profiles/{{sfpID}} \
  -H 'Content-Type: application/vnd.api+json' \
  -d '{
    "data": {
        "attributes": {
            "name": "{{name}}"
        },
        "id": "{{sfpID}}",
        "relationships": {
            "sessionFilters": {
                "data": [
                    {
                        "id": "{{sfID}}",
                        "type": "sessionFilters"
                    }
                ]
            }
        },
        "type": "sessionFilterProfiles"
    }
}'

{{sfID}} - ID of the session filter from Step 2
{{sfpID}} - ID of the session filter profile from Step 1
{{name}} - a user given name for this session filter profile
{{tenantSubdomain}} - subdomain of the tenant

Update RR config to reference the newly created session filter. For the connector update call, it is important to include the whole config object in the payload.

When the payload is sent to update the connector config you'll need to ensue the "_rev" value is updated with the correct value. This value gets updated often so you'll need to run the GetConnectorConfig request to get the latest and update this call quickly. You have to be quick otherwise the value will change and you'll get a 409 response.

curl -X PATCH \
  https://{{tenantSubdomain}}/api/v2/connector-configs/{{connectorID}} \
  -H 'Content-Type: application/json' \
  -d '{  
   "data":{  
      "type":"connectorConfigs",
      "attributes": {
   		  ...
        "SessionFilterProfileID": "{{sfpID}}"
        ...
      }
   }
}'

{{sfpID}} - ID of the session filter profile from Step 1
{{connectorID}} - ID of the connector
{{tenantSubdomain}} - subdomain of the tenant

© 2024 Accedian Networks Inc. All rights reserved. Accedian^®, Accedian Networks^®, the Accedian logo™, Skylight™, Skylight Interceptor™ and per-packet intel™, are trademarks or registered trademarks of Accedian Networks Inc. To view a list of Accedian trademarks visit: http://accedian.com/legal/trademarks/.

Was this article helpful?

What's Next

Connector Configuration

Table of contents

Reference Steps
Example Flow