REST APIs in Siren Investigate

Siren Investigate exposes some REST APIs.

The example entry-points are those from "generate-query". They enable an external user to get the list of available saved dashboards and entity tables that are stored in the Investigate .siren index.

For each saved object (either a dashboard or an entity table), multiple informational fields are returned. Among them are some fields that contain the Elasticsearch query that can be sent directly to Elasticsearch to get the resulting list of documents.

The returned queries are expressed by using the Siren Federate query syntax, which is an extended Elasticsearch syntax, and they can be used by external applications.

Authentication

Access to the REST API is regulated by the authentication mechanism that is configured in Siren Investigate.

If Siren Investigate is configured to work with basic authentication (when using internal users or LDAP), requests to the API must include an Authorization header that contains the <username>:<password> encoded by using base64.

If Siren Investigate is configured to work with TLS certificates, requests to the API must present a valid client certificate.

If Siren Investigate is configured to work with Kerberos, requests to the API must include a negotiation header.

If Siren Investigate is configured to work with OpenID Connect, requests to the API must include a non-expired Investigate cookie that contains the access token.

The basic authentication scheme is based on the model that each request must authenticate itself with a user name and password. The user name and password must be the same ones that are used to access Elasticsearch.

The server authorizes the request only if it can validate the credentials. Upon receipt of an unauthorized request, the server responds with a 401 Unauthorized status code.

Using Siren Investigate APIs

Siren Investigate exposes APIs to retrieve the dashboards and entity tables that are stored in the system.

The APIs return a list of objects and includes in each of them the list of indexes and the query that can be understood by Elasticsearch.

Siren Investigate provides JDBC drivers for Elasticsearch, which are available on the CData website. The queries that are returned by the API can be used as views inside SQL queries, which are sent through these drivers and allow post processing in third-party tools.