Changing the HotDB
Optional – Changing the Airlock Anomaly Shield HotDB (Redis instance)

A Redis instance is used as HotDB for communication and storage of the request data between Airlock Anomaly Shield and the Security Gate process.

  • By default, the globally configured Redis (session store) instance of the Gateway is used, but this can be changed as follows:
  • 1.
    Define the new Redis instance in the global Expert Settings.
  • copy
    Redis.Service.0.Name                                 "Local" 
    Redis.Service.Local.Mode                             "SOCKET" 
    Redis.Service.Local.SocketFile                       "/var/run/redis-ml/redis-ml.sock" 
      
    Redis.Service.1.Name                                 "RedisWithSsl" 
    Redis.Service.RedisWithSsl.Mode                      "SERVER" 
    Redis.Service.RedisWithSsl.Server.0.Host             "80.264.93.142" 
    Redis.Service.RedisWithSsl.Server.0.Port             "6379" 
    Redis.Service.RedisWithSsl.Server.0.SSLEnable        "TRUE" 
    Redis.Service.RedisWithSsl.Server.0.SSLServerCA      "/opt/airlock/custom-settings/gatekeeper/redis_server_ca.pem" 
    Redis.Service.RedisWithSsl.Server.0.SSLClientCert    "/opt/airlock/custom-settings/gatekeeper/redis_client_cert.pem" 
    Redis.Service.RedisWithSsl.Server.0.SSLClientCertKey "/opt/airlock/custom-settings/gatekeeper/redis_client_cert_key.pem" 
    
  • 2.
    Reference which Redis service is used as HotDB for the Anomaly Shield AnomalyShield.Redis.Service.
  • copy
    AnomalyShield.Redis.Service          "RedisWithSsl"
  • 3.
    Add the Redis server address and port information to the configuration file of the ML-Service.
  • Path: /opt/airlock/ml-service/conf/ml.ini

    hot_db = server:80.264.93.142:6379

The AnomalyShield.Redis.Service can not handle Redis clusters. Make sure to reference a Redis service that is either configured with mode SERVER or SOCKET.