Siren is a modern investigative intelligence platform – it uses the data schema (ontology) to coherently coordinate BI style dashboards with best in class, full text search, knowledge graph link exploration, domain specific visualizations and more.
Probably the best way to feel its difference is to watch Siren Investigate (the Siren Platform UI component) in action on media and investment data in this quick video.
An unified data model (or ontology) is a formal representation of the entities and relationships that exist in a domain – to a level of detail that is useful to answer core domain questions.
In a law enforcement example, a business intelligence drill down on a car make and color can be a start but would likely always produce way too many results to find a specific suspect vehicle.
With the capabilities of Siren and the unified data model, the investigator can drill down leveraging other datasets e.g. asking for “cars owned by males in this age group whose mobile was in this approximate location on that date”.
While previous ontology based tools worked on very limited datasets and were confined to niche applications, Siren Platform is very easy to deploy as it works at scale on top of the data you already have in your existing infrastructure.
Visit our technology page for more details.
Siren Investigate provides investigative intelligence functionality to the end user and is capable of generating alerts automatically when conditions happen in streaming data:
Possibly the biggest innovation of Siren Investigate is the unique “relational drill down” capabilities. Backed by Siren Federate/relational join technology, Siren Investigate can provide real-time relational analysis across indices and across external, non-elasticsearch systems (SQL, REST APIs, etc).
Furthermore, at each step of the relational navigation (also called “set to set” navigation), Siren Investigate can visualize and drill down using a variety of tools ranging from fulltext search to BI and link analysis.
Time might be just another variable in your data, but it deserves top of the line visualizations and tools. Siren Investigate temporal analytics and components shows connected events coming from one or multiple indices in a single zoomable view.
Siren Investigate incorporates some of the most advanced graph interactions tools available on the market to deliver a scalable, smooth and interactive graph analytics capability. There is no need for a separate graph data store: the Siren Investigate backend exposes the popular gremlin graph APIs and the Siren Investigate frontend allows investigators to switch anytime from regular data exploration to “graph mode” and back.
Siren Investigate leverages in full the big data aggregation capabilities of the underlying backend (Elasticsearch and others) to summarize huge amounts of connections into meaningful summary links at interactive speed. Sophisticated algorithms like the weighted significance auto discovery automatically ensure just the most significant connections emerge.
Siren Investigate comes with a set of components that are highly suited to scientific data visualization. Among this are big data/interactive speed scatterplots, heatmaps, probability density functions and several other visualizations which are key in advanced quantitative analysis.
Receive alerts and reports (PDFs in your email) with logic ranging from simple queries to advanced complex event processing (CEP) scripts. Also includes Siren Investigate UI integration.
In the following screenshot, an operator wants to receive an email when a new NASA article appears.
Sometimes setting rules and thresholds for alerts is problematic or not desirable.
Siren Alert scripting capabilities are powerful enough to implement the ebay statistical anomaly detection methodology.
Follow our documented recipes in Siren Alert(Siren Investigate alerting components) to have these alerts on any metric that might require it.
Siren Investigate comes with built in enterprise access control – at index, record or field level, auditing of user activity, SSL and encryption at rest, protect data and communications.
Siren Federate is a proprietary Siren plug-in for Elasticsearch, which delivers two core capabilities:
Federation, the ability to connect to remote JDBC sources and virtualize them making them respond as local Elasticsearch tables.
High performance, in cluster cross table join capabilities.
Whereas with Elasticsearch alone one can do simple “drilldowns” (restricting a result set by filtering on some of it’s attributes), Federate enables “relational drilldown” (filtering by attributes of relationally connected records) on local and remote sources, a game changing enhancement for investigators.
Featuring sophisticated patent pending join optimizations specifically designed for invested indexes like Elasticsearch, Federate can be also installed on existing Elasticsearch clusters, delivering non plus ultra realtime cross stream investigation capabilities.
Get in touch with one of our experts and let us show you how we can leverage your datasets to unearth powerful insights
We'll inform you of major releases and upcoming features.