Siren Platform User Guide

Configuring Siren ML

When you first run Siren ML the default configuration file is placed in /etc/sirenml/sirenml.yml.

The following table outlines and describes the attributes which are configurable within the Siren ML config. Properties in bold are required.

Property

Description

Type

Default

elasticsearch.uri

URI for the Elasticsearch instance to read data from and write machine learning data to

URI

http://localhost:9200

console.logging.level

Sets the logging level to the console. Set to info for minimum logging and debug to see information on all requests received by Siren ML

info or debug

info

security.auth.username

Username used to communicate with Elasticsearch (only include if Elasticsearch is run with security enabled)

string

code

security.auth.password

Password used to communicate with Elasticsearch (only include if Elasticsearch is run with security enabled)

string

password

security.auth.backend

Name of the security plugin used to secure Elasticsearch (only include if Elasticsearch is run with security enabled)

searchguard or xpack

searchguard

api.tls.enabled

Boolean flag indicating if Siren ML should be run over https

boolean

false

api.tls.certificate

Path to the SSL certificate used by the Siren ML server

path

pki/api/api-cert.pem

api.tls.key

Path to the SSL key used by the Siren ML server

path

pki/api/api-key.pem

datasource.tls.enabled

Boolean flag indicating if Elasticsearch is being run over https

boolean

false

datasource.tls.certificate

Path to the SSL certificate used in the requests to a secure Elasticsearch instance (only used if datasource.tls.enabled: true)

path

pki/datasource/sirenml.pem

datasource.tls.key

Path to the SSL key used in the requests to a secure Elasticsearch instance (only used if datasource.tls.enabled: true)

path

pki/datasource/sirenml.key

datasource.tls.verify

Boolean flag indicating if the certificates should be verified (only used if datasource.tls.enabled: true)

boolean

false

number_workers.training

Maximum number of models that can be trained in parallel (additional model trainings jobs are queued until one of the running model trainings is complete)

int

1

number_workers.activation

Maximum number of model activations that can run in parallel (additional model activation jobs are queued until one of the running model activations is complete)

int

5

number_workers.historical

Maximum number of historical detections that can run in parallel (additional historical detection jobs are queued until one of the running historical detections is complete)

int

1