Link11 WAAP
v5
v5
  • Link11 WAAP Documentation
  • Release Notes
  • Known Issues
  • User Guide
    • Introduction to Link11 WAAP
  • How Link11 WAAP Works
    • Traffic Filtering Process
    • Traffic Reporting and Analytics
    • Policy Mapping and Traffic Routing
    • Tagging
    • UI Overview and Common Elements
  • Console UI Walkthrough
    • Analytics
      • Dashboard
      • Events Log
    • Security
      • Global Filters
      • Flow Control Policies
      • Security Policies
      • Rate Limit Rules
      • ACL Profiles
      • Actions
      • Dynamic Rules
      • Quarantined
      • Content Filter
        • Content Filter Profiles
        • Content Filter Rules
    • Sites
      • Server Groups
      • Proxy Templates
      • Mobile Application Groups
      • Backend Services
      • Edge Functions
      • DNS Records
      • SSL
        • Load Balancers
        • Certificates
    • System
      • Interactive Challenge
      • SSO Configuration
      • Purge CDN Cache
      • Users Management
      • Security Alerts
      • Log Exporters
      • Version Control
      • System DB
      • Publish Changes
    • Account
  • Using the product
    • Best Practices
      • Saving and Publishing Your Changes
      • Enabling Passive Challenges
      • Understanding and Diagnosing Traffic Issues
    • How Do I...
      • Authenticate mobile app users
      • Ban, unban, and allowlist traffic sources
      • Bypass Link11 WAAP for loadtesting or other purposes
      • Configure a new path/section of a site
      • Control caching behavior
      • Enable GraphQL traffic
      • Enable mTLS (mutual TLS)
      • Protect sensitive information in logs and analytics
      • Quickly block an attacker
      • Redirect or block HTTP traffic
      • Run custom code
      • Set rate limits and exemptions
      • Stream event data to a SIEM solution or other destination
    • The Link11 WAAP API
      • Overview
      • Internal data structures
      • Using Swagger UI
      • Using curl
  • Reference Information
    • Acronyms
    • API
      • API access to traffic data
      • Types of namespaces
      • Namespace reference
        • ACL Profiles
        • Actions
        • Backend Services
        • Certificates
        • Configs
        • Content Filter Profiles
        • Content Filter Rules
        • Data queries
        • Dynamic Rules
        • Edge Functions
        • Flow Control Policies
        • Global Filters
        • Load Balancers
        • Log Exporters
        • Mobile Application Groups
        • Planets
        • Proxy Templates
        • Rate Limit Rules
        • Security Alerts
        • Security Policies
        • Server Groups
        • Tags
        • Tools
        • Users
    • Hostile Bot Detection / LWCSI
      • Environmental detection and browser verification
      • Client authentication
      • Biometric behavioral verification
    • HTTP Response Codes
    • Log Exporter Output
    • Pattern Matching Syntax
    • Query Filter Syntax and Best Practices
  • Support
Powered by GitBook
On this page
  • Overview
  • The fundamental data structure: Configuration

Was this helpful?

Export as PDF
  1. Using the product
  2. The Link11 WAAP API

Internal data structures

PreviousOverviewNextUsing Swagger UI

Last updated 1 month ago

Was this helpful?

Overview

Link11 WAAP maintains most of its security parameters as Entries, which are contained in Documents, which are contained in Configurations.

A Configuration is a complete definition of L11WAAP's behavior for a specific environment. An organization can maintain multiple Configurations (e.g., development, staging, and production).

Most API calls require a parameter named config, representing the configuration id. Out of the box, the default value for this parameter is prod.

Each Configuration contains multiple Documents of various types (Global Filters, ACL Profiles, etc.) Each Document contains at least one Entry, i.e., an individual security rule or definition.

A Configuration also includes data blobs, which currently are used to store the geolocation database. This is where L11WAAP obtains its geolocation data and ASN for each request it processes.

All of these data structures can be edited via API:

  • A Document is a file treated as a JSON list of entries.

  • An Entry is a JSON dictionary with a unique identifier. This field value must be unique inside the Document, and must be a valid part of an URL. Often, this field is labeled id (for example, configurations). At other times, it has a specific name (for example, Routing Profiles use the field planet_name.)

  • A blob is a file treated as binary data.

The fundamental data structure: Configuration

The Configuration is the atomic unit for all of L11WAAP's parameters. Any edits to a Configuration result in a new Configuration being created. Configurations are versioned, and can be reverted at any time.

When a Configuration is created or modified (whether by the UI console or an API call), the admin must push the changes out to the planet. This is the .

publishing process