Siren Platform User Guide

Reports

Siren Alert watchers can generate snapshots of Siren Investigate, Kibana (or any other website) and deliver them on your schedule using the dedicated report action, powered by PhantomJS.

This example enables you to produce weekly charts.

{
  "_index": "watcher",
  "_type": "watch",
  "_id": "reporter_v8g6p5enz",
  "_score": 1,
  "_source": {
    "trigger": {
      "schedule": {
        "later": "on the first day of the week"
      }
    },
    "report": true,
    "actions": {
      "report_admin": {
        "report": {
          "to": "reports@localhost",
          "from": "sirenalert@localhost",
          "subject": "Siren Alert Report",
          "priority": "high",
          "body": "Sample Siren Alert Screenshot Report",
          "snapshot": {
            "res": "1280x900",
            "url": "http://www.google.com",
            "params": {
              "delay": 5000
            }
          }
        }
      }
    }
  }
}
Requirements

With Siren platform 10 and later, report actions require Chrome or Chromium v59 or later.

Note

Chromium is included in the Linux version of Siren Alert.

You can download Chromium (https://www.chromium.org/getting-involved/download-chromium) and change the sentinl.settings.report.executable_path to point to it, for example:

sentinl:
  app_name: 'Sentinl'
  settings:
    email:
      active: true
      host: 'localhost'
      #cert:
      #key: '/home'
    report:
      active: true
      executable_path: '/usr/bin/chromium'
  • Valid configuration in kibana.yml, for example
sentinl:
  settings:
    email:
      active: true
      host: 'localhost'
    report:
      active: true
      executable_path: '/usr/bin/chromium' # path to Chrome v59+ or Chromium v59+ # Siren Alert v5.6+
      # tmp_path = '/tmp/' # Siren Alert before v5.6

When report actions are correctly configured, you will soon receive your first report with a screen shot attached.

Common Issues

  • Unhandled rejection Error: spawn phantomjs ENOENT

    • PhantomJS is not available to Node-Horseman.