Prerequisites

The minimum hardware requirements fora test deployment are:

  • x64 CPU with four processing units (cores)

  • 16GB RAM

  • 10GB free SSD disk space

We support these operating systems:

  • Microsoft Windows (64-bit)

  • Linux 2.6.32 or later (x86-64)

We support these browsers:

  • Google Chrome

  • Mozilla Firefox

  • Microsoft Internet Explorer 11

  • Microsoft Edge

You must install one of these Java versions:

  • Oracle JDK 8

  • OpenJDK 8

Ensure the JAVA_HOME environment variable is set to the appropriate path.

Download the Siren platform

Download Siren Platform with No Data or Security for Microsoft Windows (64-bit) or Linux 2.63 (64-bit): https://support.siren.io/support/solutions/17000079918

If you have not yet obtained a license, contact support.

Note

Without a license, some functionality is limited or switched off.

Install Elasticsearch as a Windows service

  1. Copy the elasticsearch folder and its contents from the ZIP archive you downloaded to your Program Files folder.

  2. Edit the elasticsearch.yml file in the %ProgramFiles%\elasticsearch\config folder.

  3. In the Path section, enter the data and log paths, for example:

    path.data: C:\Program Files\elasticsearch\data
    path.logs: C:\Program Files\elasticsearch\logs
  4. In the Network section, change the network.host to 127.0.0.1 and save the file.

  5. From the command prompt, enter:

    cd %ProgramFiles%\elasticsearch
    bin\elasticsearch-service install
  6. Open the Services management console (you can enter services.msc at the command prompt).

  7. Locate the  Elasticsearch service and change Startup Type to Automatic.

  8. Right-click the service and select Start.

Install Elasticsearch as a Linux service

  1. Create a system user for the service, for example adduser --system elasticsearch.

  2. Copy the elasticsearch folder and its contents from the ZIP archive you downloaded to the /opt folder and then set the permissions for the system user, for example sudo chown -R elasticsearch /opt/elasticsearch

  3. Edit the elasticsearch.yml file in the /opt/elasticsearch/config folder.

  4. In the Path section, enter the data and log paths, for example:

    path.data: /opt/elasticsearch/data
    path.logs: /opt/elasticsearch/logs
  5. In the Network section, change the network.host to 127.0.0.1 and save the file.

  6. From the command prompt, as root enter:

    cat <<EOF >/opt/elasticsearch.environment
    ES_JAVA_OPTS="-Xms4g -Xmx4g"
    EOF
    
    cat <<EOF >/etc/systemd/system/elasticsearch.service
    [Unit]
    Description=Elasticsearch (Siren)
    After=network.target auditd.service
    
    [Service]
    WorkingDirectory=/opt/elasticsearch
    EnvironmentFile=-/opt/elasticsearch.environment
    ExecStart=/opt/elasticsearch/bin/elasticsearch
    KillMode=process
    Restart=on-failure
    RestartPreventExitStatus=255
    Type=simple
    User=elasticsearch
    LimitMEMLOCK=infinity
    LimitNOFILE=65536
    
    [Install]
    WantedBy=multi-user.target
    Alias=elasticsearch.service
    EOF
    
    echo "vm.max_map_count = 262144" > /etc/sysctl.d/99-elasticsearch.conf
    sysctl -p /etc/sysctl.d/99-elasticsearch.conf
    ln -s ../elasticsearch.service /etc/systemd/system/multi-user.target.wants/
    systemctl daemon-reload
    systemctl start elasticsearch

Install Siren Investigate as a Windows service

Installing Siren Investigate as a service with Windows requires use of the third-party tool NSSM (https://nssm.cc/download). Because it configures services, anti-virus software may identify it as "riskware". However, an SHA checksum and source code are provided. You can verify the checksum using the Microsoft File Checksum Integrity Verifier (https://www.microsoft.com/en-us/download/details.aspx?id=11533).

  1. Copy the siren-investigate folder and its contents from the Siren platform ZIP archive you downloaded to your %ProgramFiles% folder.

  2. Copy the nssm.exe program from the win64 folder in the NSSM ZIP archive you downloaded to the %ProgramFiles%\siren-investigate\bin folder.

  3. Set the INVESTIGATE_HOME environment variable to %ProgramFiles%\siren-investigate.

  4. From the command prompt, enter %ProgramFiles%\siren-investigate\bin\nssm install "Siren Investigate".

  5. In the Application Path box, enter %ProgramFiles%\siren-investigate\bin\investigate.bat.

  6. In the Startup directory box, enter %ProgramFiles%\siren-investigate.

  7. On the Details tab, in the Display name box, enter Siren Investigate.

  8. On the Dependencies tab, in the box enter elasticsearch-service-x64.

  9. Click Install service.

  10. Open the Services management console (you can enter services.msc at the command prompt).

  11. Locate the Siren Investigate  service, right-click it and select Start .

Install Siren Investigate as a Linux service

  1. Create a system user for the service, for example adduser --system siren.

  2. Copy the siren-investigate folder and its contents from the ZIP archive you downloaded to the /opt folder and then set the permissions for the system user, for example sudo chown -R siren /opt/siren-investigate.

  3. From the command prompt, as root enter:

    cat <<EOF >/etc/systemd/system/siren.service
    [Unit]
    Description=Siren Investigate
    After=network.target auditd.service
    
    [Service]
    WorkingDirectory=/opt/siren-investigate
    EnvironmentFile=-/opt/siren.environment
    ExecStart=/opt/siren-investigate/bin/investigate
    KillMode=process
    Restart=on-failure
    RestartPreventExitStatus=255
    Type=simple
    User=siren
    
    [Install]
    WantedBy=multi-user.target
    Alias=siren.service
    EOF
    
    ln -s ../siren.service /etc/systemd/system/multi-user.target.wants/
    systemctl daemon-reload
    systemctl start siren

Test your connection

In your browser, navigate to  localhost:5606/status. If the Elasticsearch and Siren Investigate services are running, the sign in screen is displayed.

Next steps

  1. Load CSV and JSON data sets with Logstash.

  2. (Optional) Connect an external datasource with Siren Federate.