Released: 24 May 2019 (release blog posts here, what’s new here)

The Siren Platform is comprised of two core components:

  • Siren Investigate, the node.js based browser application (includes the Siren Alert component).
    For those familiar with the ELK stack, this has a similar role to Kibana.
  • Elasticsearch cluster(s) in which the Siren Federate plugin has been installed

A conceptual overview of the platform

For more details please visit the product documentation

For more information about setting up the platform and Elasticsearch version compatibility, see documentation here.


Demo/POC distributions

Siren Platform with Demo Data

Do you want to try our preloaded Siren Platform with our classic company/investor/articles demo?
Just run siren-platform-demo-data and you're up and running. Not recommended for adding new data.

The 10.2.2 version of this package is available only on request. Please contact us for further details.

Siren Platform with No Data or Security

With no security and no preloaded data, this package is perfect for quick Proofs of Concept or trying out out Siren Platform with your own data. Upload your data to the bundled Elasticsearch instance, connect to your existing cluster or connect to existing JDBC datasources, and begin seeing your data in a new light. This is the package to use when following our getting started tutorial.

Production distributions

Siren Platform

Our preconfigured Siren Platform with with an empty Main Elasticsearch Cluster and a preinstalled
Siren Investigate plugin, configured with security but without preloaded demo data.

The 10.2.2 version of this package is available only on request. Please contact us for further details.

Individual components:

Siren Investigate

This deployment contains Siren Investigate with no Elasticsearch cluster.
Connect to your own Main Elasticsearch Cluster (which means Elasticsearch plus the Siren Investigate Plugin) and also possibly to existing JDBC backends.


Siren comes as Community Edition by default. Without an additional license, the platform will run in Community Edition mode and some of the Siren platform functionality is limited or disabled.

See here for more information on pricing model and editions.

Start your unlimited trial here (or contact us here).

View Online Documentation
View PDF
Download Zip

View Release Notes

Release notes:


  • Ability to halt a running CSV ingestion, display of errors while loading

  • Added Neo4J JDBC driver instructions, improved Neo4J support

  • Improvements to the data reflection wizard

  • Update to security permissions for backend user permissions and predefined Search Guard action groups

  • Added warning and check to the upgrade tool about Searchguard permission changes

  • Autorelation improvements

  • Address security vulnerabilities relating to XSS attacks, timelion and console plugins

  • Add cookie encryption for JWT-Authentication

  • Simplify lens configuration by improving checkboxes

  • Improve Geo lens UI

  • Backup and restore improvements

  • Performance improvement in Graph sidebar operation

  • Tooltip improvements in the graph

  • Auto-Stop on 'X' errors in Excel/CSV import

  • More levels of nested aggregations supported on JDBC virtual index

  • Auto-dashboard generator now uses the new enhanced map component

  • Remove hardcoded user role called alert_system

  • Alert/Sentinl works without * permission for the role

  • Migration script to modify permissions for investigate-admin and alert-system roles

  • Add ingestion ACl role to default bundle

  • New security permission documentation and upgrade instructions

  • Deprecate : in cluster and index names

Fixes for:

  • Migration issue when upgrading with security enabled

  • JDBC Postgresql connection issue when SSL is enabled

  • Unusable JDBC Virtual Index due to unsupported datatype

  • CSS interline issue

  • Auto-generate dashboard giving red message error due to the absence of a 'global time'

  • Two relations with same labels cause “Expand by relation" to fail in Graph Browser

  • Quickly changing dashboard causes error message from Graph Browser

  • [Excel/CSV import] - Wrong tooltip message on Choose a file" step"

  • Ontology lens does not work with grouping feature

  • Error while trying to draw a circle on the dashboard map

  • Adding EID when invisible makes links invisible forever

  • Arrow direction issues on graph nodes

  • Virtual Indices: Postgres Varchar type is not marked as aggregatable, so you can’t make relations

  • Regular expression causing troubles when loading the data model graph

  • Aggregated expansion from an EID node conflates EIDs with the same value but different type

  • The Web Service Processor fails when using the GET method

  • Thread pool limit reached when using Ingestion with Neo4J

  • Error when trying to connect with datasource

  • Removes the rule that makes fields of type TEXT non aggregatable

  • Icons misaligned on the watcher list page

  • Sentinl Tab redirects to empty page

  • Watchers with payload do not execute properly

  • Can’t execute custom watcher after migration to 10.2.2

  • Watcher wizard exception

  • Change label on exclude indices option to correct property name

  • Geo lens issue when multiple geopoints present

  • Filters not working on the Enhanced Table

  • Removing ability to add saved searches as visualization

  • Time filter Icon not being updated after saving dashboard with time filter added by brushing histogram

  • Timelion kibana=1 flag not compatible with Siren filter joins

  • Index pattern list required refresh sometime after deletion.

  • Error message when creating a new dashboard

  • Searching fields shows HTML

  • Invalid dashboard state after creating dashboard

  • Filters not working in Enhanced Table

  • Wrong field type returned from JDBC

  • Health-Checks result in 500 errors

  • Wrong counts in graph browser under certain circumstances

  • Relations between Entities in the Graph flickers when editing lens in time course mode

  • Issues when adding EID to the graph

  • EID and sidebar table problem

  • Concrete index is not removed after deleting a virtual index

  • Lenses are not applied when simply adding nodes

  • Cannot use font-awesome icons in graph

  • Malformed JDBC index if a template is applied

  • Denying a group should deny contained dashboards

  • Not able to delete saved search when underlying data index removed

  • Update the ontology model with migrated filters and queries

  • Extend migration runner to allow more admin users to run migrations

  • Join issues under certain conditions

  • Issue with Label when visualized in the graph browser

  • The field picker in the lens configuration does not show all the fields on a relatively small window

  • Lens improvements

  • Use a temporary directory for Restore

  • Unable to see columns with _ as first character

  • Improvements to label on some auto-generated visualizations

  • Wrong dashboard contextual menu with ACL

  • A pinned live filter icon issue

  • Group name window closes by itself if one selects too much

  • Removed extra logging every 30 seconds in Alert/Sentinl

  • Map could not show a saved search as embedded widget