Introduction to Siren Platform
Welcome to the documentation for Siren Platform version 11.0.
You can select a previous version by using the dropdown menu in the navigation bar. To access all previous versions, go to www.docs.siren.io.
Sometimes, the answer to a specific question is simple. However, the investigative process that is used to find that answer is often complex and unique to that single investigation.
While business intelligence, enterprise search, link analysis (in a knowledge graph), and log or stream searching and alerting are useful for completing specific tasks, Siren Platform combines all of these methods to answer new questions.
Siren Platform comprises two main elements and several add-on modules and integrations.
- Siren ER (beta): An artificial intelligence (AI) component that enables entity resolution. Entity resolution is the ability to recognize that two or more separate records in the data are referring to the same real-world entity.
- Siren NLP (beta): A plug-in that adds pipeline operators to perform Natural Language Processing on data ingestion.
- Jira plugin (beta): The Jira plugin allows you to connect Siren Investigate to a Jira cloud or server instance. You can keep track of assigned tickets and export dashboard information as attachments to the tickets, directly from Siren Investigate.
- IBM® i2® Analyst’s Notebook plugin (beta): The i2 plugin allows you to save the graph that is currently displayed in the Graph Browser with all lenses applied and download it as an ANB graph file, which is compatible with IBM i2 Analyst’s Notebook.
The following diagram shows the relationship between the components:
In this diagram, the Siren Investigate front-end system connects to the Elasticsearch back-end system, where the Siren Federate plug-in is installed.
The back-end system, in turn, can connect to JDBC datasources (SQL or NoSQL) and to other Elasticsearch clusters or Web services.
An Associative Data Model is used to turn tables into a knowledge graph by specifying relations between datasets and, in doing so, drives the user experience.
Siren NLP is provided as an Elasticsearch plug-in, while Siren ML and Siren ER are Dockers that communicate with the main Siren Platform through their APIs.
You can download the plug-ins from Siren Support Portal.
Another way of understanding the architecture is taking the point of view of an analyst.
When an analyst sees records in a dashboard or in the knowledge graph, these records are coming from any of the following sources:
The Elasticsearch back-end system, as a native index that is managed externally from Siren Platform. For example, a set of logs that are streaming into the system, continuously.
Elasticsearch, but imported directly by the user, such as by uploading a
Elasticsearch, as part of a Web service invocation, which automatically loads response data into the cluster.
Elasticsearch, as part of reflection jobs, which pull tables or slices of remote JDBC data into Elasticsearch, either periodically or as one-off jobs.
Directly from remote datasources, thanks to the Siren Platform virtualization capability, which makes remote JDBC tables look like virtual Elasticsearch indexes with no need for an extract-transform-load (ETL) process.
Now that you have a picture of Siren Platform and its architecture, it’s time to get started.