Release Notes

Siren Search UI is completely removed in this version.

Fixed a bug where the geo shape query would throw an error when executed on a non-existing field.

Fixed a bug in Siren web services which did not allow any to be the field type.

Fixed an issue where the relationship matches preview would not work with relations based on the _id field.

Fixed a bug in the global search configuration where the fields would get sorted as soon as the values were updated.

Fixed an issue where data wasn’t ingested when the payload was too large.

Fixed a bug where it wasn’t possible to export data to Jira if the Summary field was not in the English language.

Fixed a bug where creating a search in an empty .siren index wouldn’t use the open API schema to create the Elasticsearch mappings.

Fixed an issue where the migrations in dashboards with Web service visualizations would be incorrectly triggered.

Fixed a bug in Siren Investigate logger where the logs would stop updating on Windows when using Node.js version 18.x.

Fixed an issue where alerts would continue to be executed by multiple Siren Investigate nodes at the same time when one node was briefly disconnected from the network.

Fixed an issue where an Investigate process would always create data.json file in the main folder when sentinl.settings.cluster.enabled was set to true.

Fixed a bug where visualizations with errors caused by missing/invalid typeNames prevented other saved objects from being loaded.

Fixed a bug where it was not possible to delete properties from a saved advanced watcher.

Fixed an issue where the Siren API currentVisualization.openModal wasn’t working as expected with multiple graph browser visualizations on the same dashboard.

Added current version value to the version property in saved objects to be displayed in the API documentation.

Bumped Node.js to version 18.18.2. For more information, refer to the changelog.

Improved responsiveness of components on the graph sidebar.

Babel has been bumped to 7.23.2. This addresses CVE-2022-25883 and CVE-2023-45133.

All files created when Investigate runs in multi-node alerts configuration are now created inside the optimize folder by default.

Both options sentinl.settings.cluster.gun.cache and sentinl.settings.cluster.host.cache are now respected.

Graph browser layouts are now deterministic: for a given set of nodes, the layout always puts the nodes in the same position even when the layout is run multiple times.

Improved the performance of the standard graph browser layout and the gforce layout.

A basic template structure is now provided when trying to create a new template.

Added a migration that moves all the saved graphs from Investigate version 13.x into a sidebar folder called 'migrated graphs'.

Fixed an issue that threw the fatal error on the data model page if the user permissions were misconfigured.

Fixed a bug where an error was shown when user tried to delete default scripts.

Fixed a bug which showed a warning when saving a script multiple times.

Fixed an issue where the migration process would display false positive objects to migrate.

Fixed an issue that made it impossible to edit aggregated relations.

Fixed a bug where the login screen background was broken on mobile devices.

Fixed an issue where the WMS layers dropdown in the enhanced tilemap configuration would not appear making it impossible to select a layer.

Fixed an issue where the watcher script would throw an error when saving the script the second time.

The Siren API currentVisualization.groupSelectedNodes now accepts an optional object that can contain the name of the group.

When the sidebar is in an unlocked state, the drop area gets highlighted when dragging a sidebar item.

The hierarchy layout is now executed on each subgraph thus making the complete graph easier to peruse.

The Siren Fontcustom Docker image base was updated from Debian 11 to Debian 12.

The datasource_cache_size property is completely removed.

The response time for queries with aggregations is decreased by optimizing the JSON to string operations.

The standard layout on the graph browser is improved further by using the clustering information.

It is now possible to set a preferred direction of a relationship in the relations tab in the data model. For more details, see Setting preferred relation directions.

Siren Investigate now validates the contents of saved objects before they are saved in Elasticsearch. For details, see Object Definitions API

The scripting editor now provides code autocompletion.

You can create and view graphs on a sidebar. For more details, see Graphs.

Siren Investigate now provides the capability to set a default dataspace by setting the kibana.defaultDataspace property in the investigate.yml.

This release includes the new Siren logo and rebranding changes.

The base image of the Docker images has been bumped from Debian 11 (bullseye) to Debian 12 (bookworm).

The calculation of the counts of relations has been optimized to use aggregation-based counts for relations landing on a single value.

The default client side cache size is increased to 5000 objects. Additionally, it is now possible to configure the property via the investigate_core.client_side_cache_size setting in the investigate.yml.

The computation of inherited relations was improved to decrease the loading time of the graph browser.

EID counts are disabled when dropping a dashboard into the graph browser if counts are disabled for the underlying relation.

Fixed a bug in which all the nodes were not selected when loading a saved graph.

Fixed a bug where it was not possible to make changes to i2 export JSON fields.

Fixed an issue where a lot of errors were shown in the browser console when trying to edit template columns.

Fixed a bug where the upgrade procedure would throw an error if the user set kibana.index to an alias in investigate.yml.

Fixed a bug that prevented mouse drag operations in the parallel charts visualization.

Fixed a bug where the apply changes button was being disabled for the line chart visualization on the edit page.

Fixed a bug where modifying the saved search would not update the record table.