Agent communication settings
Network & security
WhaTap transfers monitoring data after TCP connection between the server and the agent.
The agent handles data transfer and server control requests through a single TCP session. The node agent does not use UDP communication. Open the firewall from the node agent to the WhaTap collection server.
Collection server address and port
WhaTap servers are divided into data region servers, front servers, and Eureka. The data regions include Proxy, Yard, Keeper, etc. Among them, the agent communicates with the proxy server.
Set the proxy server address of the Whatap server in the Node agent (e.g. whatap.server.host=10.0.3.1/10.0.3.2
). When setting the server address, enter as many addresses as the proxy server count. WhaTap server can use one or multiple proxy servers depending on the installation method.
WhaTap Proxy server listens on the port 6600. If there is no separate setting in the agent, the agent attempts to connect the port 6600.
whatap.server.port=6600
wo proxy servers cannot use different ports. When using multiple proxy servers, the listening port must be the same.
Communication connectivity and security
WhaTap is designed on the premise of collecting monitoring data from public networks. Accordingly, all monitoring data is encrypted and transmitted to the server. When lots of encrypted data is sent, it may cause overhead. WhaTap selectively encrypts data. The communication procedure between agents and the server is as follows:
- Generate and copy the Project access key from the project creation menu.
- The Project access key includes the private key. Be careful not to be disclosed.
- Restart the application server.
- The WhaTap agent establishes the TCP session with the server.
- Request a security key for a new session by encrypting data with the private key for communication included in the Project access key.
- The server creates a new security key for the session requested by the agent and sends it down to the agent.
- The security key of the session has two encryption keys. They are encryption keys for the ASC algorithm and the simple password.
- Afterwards, the agent uses the ASC secret key for sensitive data such as text and control data. Relatively secure data such as numeric value undergoes simple encryption before transmission to the server.
To apply the changes, restart the server.