Introduction to Siren Platform

Siren Platform is an AI-based, search-powered investigation platform. It enables users to streamline the investigative process by sifting through data, uncovering connections, and effortlessly generating comprehensive reports. It consists of the user interface component, Siren Investigate and the backend system, Siren Federate .

For the highlights of Siren Platform version 14.1, see What’s new.

  • You can select different versions of the documentation by using the dropdown menu in the navigation bar.

  • For a guide to the formatting and conventions in this documentation, see the Documentation guide.

Architectural overview

Siren Investigate

A Web application that provides active dashboards and the easy-to-use Siren Search that can act as a starting point for the exploration of data. It includes powerful graphical, analytical, and reporting capabilities.

Siren Federate

A plugin installed in an Elasticsearch cluster that forms the Siren Platform backend system.

These elements are tied together by an associative data model, which allows you to specify the relations between datasets and, in doing so, drives your ability to analyze connected data.

Siren Platform architecture diagram

Working with data in Siren Platform

Structured or unstructured data can enter Siren Platform in the following ways:

  • Data imported by the user, such as by uploading a .csv file, which creates an Elasticsearch index.

  • A native Elasticsearch index that’s managed externally from Siren Platform. For example, a set of logs that are streaming into the system. For information about how to configure this option, see Creating entity tables.

  • Data from a Web service invocation, which automatically loads response data into the Elasticsearch cluster.

  • Data from remote datasources, which pull tables or slices of remote JDBC data into Elasticsearch, either periodically or as one-off jobs.

Now that you have a picture of Siren Platform and its architecture, it’s time to get started.