Configuring Siren Investigate
The Siren Investigate server reads properties from the investigate.yml
file on startup. The default settings configure Siren Investigate to run on localhost:5606
. To change the host or port number, or connect to Elasticsearch running on a different machine, you must update your investigate.yml
file. You can also enable SSL and set a variety of other options.
External datasource configuration is documented in the 3.11. JDBC datasources and Legacy REST datasources sections, while access control configuration is documented in the Search Guard integration and Siren Investigate access control section.
Environment Variable Placeholders. It is possible to use environment variable placeholders in configuration settings. The syntax of placeholders is ${ENV_VARIABLE_NAME}
.
For example, to set elasticsearch.url
to the value of the environment variable ES_URL
, edit config/investigate.yml
as follows:
elasticsearch.url: ${ES_URL}
Setting | Description |
---|---|
| Default: |
| Default: |
| Enables you to specify a path to mount Siren Investigate as if you are running behind a proxy. This only affects the URLs generated by Siren Investigate, your proxy is expected to remove the basePath value before forwarding requests to Siren Investigate. This setting cannot end in a slash ( |
| Default: |
| Default: |
| Default: |
| Default: |
| Default: |
| Default: |
| Default: |
| The tilemap is the base layer the map visualizations. To increase max zoom level for mapping visualizations, copy the following object in the tilemap: url: "https://{s}.tile.openstreetmap.org/{z}/{x}/{y}.png" options: attribution: '©[OpenStreetMap("http://www.openstreetmap.org/copyright")' subdomains: ['a'] minZoom: 0 maxZoom: 19 |
| The URL to the tile service that Siren Investigate uses to display map tiles in tilemap visualizations. By default, Siren Investigate reads this URL from an external metadata service, but users can still override this parameter to use their own Tile Map Service. |
| Default: |
| Default: |
| Default: |
| An array of subdomains used by the tile service. Specify the position of the subdomain in the URL with the token |
| Specifies additional vector layers for use in Region Map visualizations. Each layer object points to an external vector file that contains a GeoJSON FeatureCollection. The file must use the WGS84 coordinate reference system and only include polygons. If the file is hosted on a separate domain from Siren Investigate, the server needs to be CORS (Cross Origin Request Security) enabled so that Siren Investigate can download the file. The following example shows a valid regionmap configuration. regionmap: layers: name: "Departments of France" url: "http://my.cors.enabled.server.org/france_departements.geojson" attribution: "INRAP" fields: name: "department" description: "Full department name" name: "INSEE" description: "INSEE numeric identifier" |
| Mandatory. A description of the map being provided. |
| Mandatory. The location of the GeoJSON file as provided by a web server. |
| Optional. References the originating source of the GeoJSON file. |
| Mandatory. Each layer can contain multiple fields to indicate what properties from the geojson features you want to expose. This example shows how to define multiple properties. |
| Mandatory. This value is used to do an inner-join between the document stored in Elasticsearch and the GeoJSON file. For example, if the field in the GeoJSON is called |
| Mandatory. The human readable text that is shown under the Options tab when building the Region Map visualization. |
| If your Elasticsearch is protected with basic authentication, these settings provide the username and password that the Siren Investigate server uses to perform maintenance on the Siren Investigate index at startup. Your Siren Investigate users still need to authenticate with Elasticsearch, which is proxied through the Siren Investigate server. |
| Default: |
| Paths to the PEM-format SSL certificate and SSL key files, respectively. |
| The passphrase that will be used to decrypt the private key. This value is optional as the key may not be encrypted. |
| List of paths to PEM encoded certificate files that should be trusted. |
| Default: |
| Default: |
| Optional settings that provide the paths to the PEM-format SSL certificate and key files. These files are used to verify the identity of Siren Investigate to Elasticsearch and are required when |
| The passphrase that will be used to decrypt the private key. This value is optional as the key may not be encrypted. |
| Optional setting that enables you to specify a list of paths to the PEM file for the certificate authority for your Elasticsearch instance. |
| Default: |
| Default: the value of the |
| Default: |
| Default: |
| Default: |
| Default: |
| Default: |
| Specifies the path where Siren Investigate creates the process ID file. |
| Default: |
| Default: |
| Default: |
| Default: |
| Default: |
| Default: |
| Default: |
| Override for cgroup cpu path when mounted in manner that is inconsistent with |
| Override for cgroup cpuacct path when mounted in manner that is inconsistent with |
| Default: |
| Optional URL of the Elasticsearch tribe instance to use for all your queries. |
| If your Elasticsearch is protected with basic authentication, these settings provide the username and password that the Siren Investigate server uses to perform maintenance on the Siren Investigate index at startup. Your Siren Investigate users still need to authenticate with Elasticsearch, which is proxied through the Siren Investigate server. |
| Optional settings that provide the paths to the PEM-format SSL certificate and key files. These files validate that your Elasticsearch backend uses the same key files. |
| The passphrase that will be used to decrypt the private key. This value is optional as the key may not be encrypted. |
| Optional setting that enables you to specify a path to the PEM file for the certificate authority for your tribe Elasticsearch instance. |
| Default: |
| Default: the value of the |
| Default: |
| Default: |
| Default: |