Contact SupportProduct

HTTPS Collector

What Is the SeaLights HTTPS Collector

The SeaLights HTTPS Collector is an on‑premise service provided by SeaLights that acts as an HTTPS proxy and middleware layer between SeaLights agents and the SeaLights SaaS backend.

It is designed to support scenarios where SeaLights agents cannot or should not communicate directly with SeaLights cloud endpoints, such as where time and bandwidth are limited, restricted networks, or security‑sensitive deployments.

Benefits:

  • Receives data and requests from SeaLights agents

  • Provides a web interface and logging details to monitor communication

  • Handles agent communication

    • Lambda

      • Handles the handshake communication between the agent and the backend allowing the agent to only send footprints which greatly reduces overhead and cost

    • Frontend

      • Handles the handshake communication between the agent and the backend allowing the agent to only send footprints which greatly reduces overhead

      • Handles the mapping of the method ID’s from the bundled code to the original code

      • Optionally allows to not include the token in the instrumented code when it might be a security risk to do so

    • Other agents

      • Optionally performs as a proxy providing a single endpoint between the agents and Sealights

  • Facilitating communication without capturing data independently

  • Enhances performance, reduces latency issues, minimizes outbound connections to Sealights servers, and serves as a local cache

  • Note: All agent requests are stored in memory and do not persist on disk, enabling better security auditing for customers by routing all traffic to the Sealights backend via the collector.

Security

All communications must be encrypted via TLS v1.2/1.3 according to the latest SSL security policy to safeguard network traffic. Supported cipher suites include:

  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

  • TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256

The TLS configuration involves enabling TLS, and if enabled, specifying the certificate and key data or their file paths. Additionally, CA certificates and P12 files with their passwords can be configured. The server must be accessible by Fully Qualified Domain Name (FQDN), and a TLS certificate for the FQDN must be provided.

Architecture Overview

PreviousUninstall ABAP AgentNextDownload and Installation

Last updated

Was this helpful?