New features and improvements

Product compatibility

  • Introducing compatibility with Elasticsearch version 7.x. You can use Siren Investigate with the latest version of Elasticsearch that is supported by the Siren Federate plug-in.

Improved performance

  • To improve system performance, the Web app bundle size is reduced and Siren Platform now employs more efficient dashboard rendering. This enhancement speeds up a typical dashboard-switching scenario by several seconds.

  • New ability to set limits on searches, which prompts the user with a warning before they configure large joins or set broad filters.

  • Back-end performance improvements for large, multi-index, multi-shard settings.

New look interface

  • The user interface has a new look, which provides a more cohesive experience as you navigate the modules.

New core features

  • Web services: You can now dynamically retrieve data from external APIs. This data can be stored in Elasticsearch and relationally linked to your existing data. Siren Platform includes examples of commonly-used Web services, such as Webhose, JsonWhois, and Twitter. Additionally, follow our documentation to create your own Web service driver for other APIs. Web services can form part of your graph scripts, dashboard scripts, alerting scripts, or your new visual components.

  • Scripting API: You can now automate workflows and create ad-hoc visualizations by using a layer of scriptable JavaScript.

  • Natural Language Processing (beta): The Siren NLP plug-in provides an out-of-the-box Elasticsearch ingestion pipeline with a variety of processors for enriching documents with entity extraction. It can enrich text fields with predefined taxonomies and annotation for named entities, such as organization, person, or location.

  • JDBC/ODBC drivers: In collaboration with CDATA, a featured SQL driver is now available for Siren Platform. The drivers allow custom data exports for use in scripts and integrations.

Updates to maps

  • Loading map layers from Elasticsearch: The Enhanced Coordinate Map visualization now allows you to load map references that are stored in Elasticsearch indexes into pre-defined spatial groups. You can add multiple layers of shapes and points of interest (POI), set properties for each layer, and arrange and activate them, dynamically, at the dashboard level.

  • Siren supports advanced positioning use cases, by making the following enhancements:

    • The Graph Browser can now be used as a “tracker map” to track the movements of entities, both historically and by using live updates.

    • Example scripts are provided to trace contact between individuals. Other proximity use cases are available in the dashboard

Updates to graphs

  • A new Cards tab is available in the Graph Browser. Graph cards are selection-dependent visualizations that can be configured for many purposes. When you select nodes, the out-of-the-box cards display a neat summary of specific field values and allow you to quickly select a subset.

  • Numbers in the graph now change instantly as you change the relations that are active in the sidebar. Numbers can also be easily refreshed.

  • A new common communicator graph algorithm allows you to find nodes that act as communicators between 3 or more other nodes.

Updates to alerts

  • Improvements to versioning, configuration, and editing.

Breaking Changes

  • AngularJS library is now updated to version 1.7.9 from version 1.4.8.

  • Updated the EUI Library from the Siren custom version sirensolutions/eui#4.3.0-siren-patched-1 to "@elastic/eui": "22.1.0" across the entire Siren ecosystem.

  • Removed queries and the Query Viewer visualization due to the removal of old data sources.

  • REST data source support was removed and replaced with the new Web services feature.

Known Issues

  • Issues in expensive query limit feature:

    • Changing time above limits and navigating away can cause unexpected behaviour.

    • The number of document limits should work when a user disables the ‘invert’ filter or edits by hand a filter that is saved with a dashboard but currently does not work as expected.

Bug Fixes

  • Addressed issue with visual builder giving an "Invalid Interval error" when changing the interval value.

  • Improved the responsiveness of the icon picker for the dashboard, dashboard groups, and index pattern searches.

  • Addressed an issue where changing the timeline in the graph browser multiple times in rapid succession would not update the layout.

  • Improved the automatic sizing of nodes in the graph browser.

  • Saved objects validation no longer verifies the existence of remote indices.

  • Addressed an issue where index data was not immediately visible in the data model page after creating a new index pattern.

  • Addressed an issue where it was not possible to fix an index pattern search that points to a missing index without disabling the saved objects validation.

  • Fixed a regression that caused a normal barchart series to appear as stacked.

  • Addressed an issue that prevented assigning a label through lenses to grouped nodes.

  • Siren now prevents the automatic download of Chromium when launching Investigate on Windows.

  • Addressed an issue that caused an error to be displayed when switching quickly between two dashboards that contain a graph browser.

  • Addressed errors that displayed in the graph browser when expanding nodes in a data model with a very high number of relations.

  • Addressed an issue in date fields processing when adding nodes from heterogeneous index pattern searches to the graph browser.

  • Addressed issue the inability to remove relations linked to the same entity type.

  • Addressed issue when calculating counts on relational buttons that are linked with virtual index.

  • Resolved the the inability to add nodes from a remote elasticsearch to the graph browser.

  • Resolved issue related to unreliable behaviour using force recount on the graph.

  • Addressed related to display of date picker in Dashboard 360 time filter.

  • Addressed issue of Dashboard 360 filter strategy not being persisted.

  • Addressed problems when changing an index pattern search from "time based" in datamodel.

  • Resolved issues related to display of filter state on the dashboard menu.

  • Resolved issues related to the display format of date in the graph browser tooltips and sidebar.