Released: 16 November 2018 (release blog post here, what’s new here)

The Siren Platform is comprised of two core components:

  • Siren Investigate, the node.js based browser application (includes the Siren Alert component).
    For those familiar with the ELK stack, this has a similar role to Kibana.
  • Elasticsearch cluster(s) in which the Siren Federate plugin has been installed

A conceptual overview of the platform

For more details please visit the product documentation

For more information about setting up the platform and Elasticsearch version compatibility, see documentation here.


Demo/POC distributions

Siren Platform with Demo Data

Do you want to try our preloaded Siren Platform with our classic company/investor/articles demo?
Just run siren-platform-demo-data and you're up and running. Not recommended for adding new data.

The 10.1.0 version of this package is available only on request. Please contact us for further details.

Siren Platform with No Data or Security

With no security and no preloaded data, this package is perfect for quick Proofs of Concept or trying out out Siren Platform with your own data. Upload your data to the bundled Elasticsearch instance, connect to your existing cluster or connect to existing JDBC datasources, and begin seeing your data in a new light. This is the package to use when following our getting started tutorial.

Production distributions

Siren Platform

Our preconfigured Siren Platform with with an empty Main Elasticsearch Cluster and a preinstalled
Siren Investigate plugin, configured with security but without preloaded demo data.

The 10.1.0 version of this package is available only on request. Please contact us for further details.

Individual components:

Siren Investigate

This deployment contains Siren Investigate with no Elasticsearch cluster.
Connect to your own Main Elasticsearch Cluster (which means Elasticsearch plus the Siren Investigate Plugin) and also possibly to existing JDBC backends.


Siren comes as Community Edition by default. Without an additional license, the platform will run in Community Edition mode and some of the Siren platform functionality is limited or disabled.

See here for more information on pricing model and editions.

Start your unlimited trial here (or contact us here).

View Online Documentation
View PDF
Download Zip

View Release Notes

Release notes:

Siren Platform User Guide

Toggle navigation

Release notes

Siren 10.1.0

Table 17. New features in Siren 10.1.0



Job cancellation

You can launch jobs and cancel them on demand. Siren Investigate can use this API to cancel jobs (for example, planner requests) that are still active when switching dashboard to minimize unnecessary load on the cluster.

Support ES task API to cancel planner request

Implement the ES CancellableTask for each task and throw an exception when the event is received.

Job throttling

Throttle the number of jobs, tasks per job, and workers per task for better control of resources. Improved server resource management under concurrent workload with job throttling.

Improved execution statistics

Additional planner execution statistics in debug response.

Elasticsearch compatibility

Siren platform is now compatible with Elasticsearch 6.3.2 and 5.6.10.

Saved object API

Creation saved objects API that works with both ES 5 and 6.

Graph link aggregates

Inner aggregated filter expansion and aggregates links to automatically resize based on the count of the bucket.

Alert watcher builder

A wizard to help build an Alert threshold watcher.

Alert watcher templates

Templates are scripts that use data from dashboards to build Alert watchers for particular purposes.

Autorelations (beta)

An experimental feature that analyses data fields in indices and suggests relations that can be created in the data model.

Data model and saved searches

A new integrated interface for managing index patterns, saved searches and the relational model.

Enhanced tiled map plugin (beta)

A tiled map visualization with layers.

Correlation explorer plugin (beta)

A visualization the can chart many dimensions together to explore correlations.

Enhanced table plugin (beta)

An enhanced data table with pivot functionality.

Excel import plugin (beta)

A plugin that enables the import of spreadsheet data.

Table 18. Issues closed in Siren 10.1.0




Fixes and improvements to Multichart visualization.

Filter count

The count on self relations on navigation filter not updating.

Graph date fields

Date fields not retrieved for expanded nodes in Graph.

Multiple graph browsers

Multiple Graph browsers do not work in same dashboard.

Floating point joins

Missing support for joining floating points.

Index propagation

Indices options were not properly propagated in the query plan.

Prefilter exception

Exception when prefiltering search phase was triggered.

Index timestamp

Indices version timestamp initialization.

Table 19. Known issues in Siren 10.1.0



Java path with Windows 10

A JAVA_HOME path with () in it on Windows 10 will cause an error starting Elastic Search 6.3. This is a known issue in Elasticsearch. You can workaround this by not locating Java or Elasticsearch under a directory with () in the name.

Graph relations filter expansion

Graph expansion relations filter has a limitation when entities have relations with identical labels. Nodes from both relations will be expanded even when only one is selected from the filter list. You can workaround this issue by labeling all relations differently.

Graph aggregated relations

This feature does not currently support JDBC virtual indices.

Search results

    No results found