Leverage your existing Elasticsearch cluster and empower your investigative needs with the Siren platform
The Siren platform extends core ELK capabilities with distributed big data join and true knowledge graph functionalities.
If you’re looking at terabytes of data, whether it’s application-generated, transaction, communications or activity logs, real-time join capabilities are crucial for troubleshooting, providing core alerts, detecting fraud and breaches, and investigating the impact and extent of incidents.
Have an existing Elasticsearch cluster? No problem, just add the Siren Federate plugin for Elasticsearch and you’re good to go
Thanks to Siren’s enhancements to Elasticsearch, users get the great interactive experience of an indexed search engine, plus:
Also: see Siren in action on cyber security logs
In Siren, you can define a true relational schema which ties the ES indices together, as well as remote virtualized JDBC datasources.
Build on top of Siren and make your users understand and leverage the knowledge graph in the data you already have in Elasticsearch or other datasources.
Siren Federate’s Elasticsearch cross index join algorithms are parallelized in order to leverage multi-core architecture enabling vertical scaling with the amount of cores with no compromises for the basic Elasticsearch performance thanks to the use of off-heap memory.
The platform is ready for multiple user usage, performing multiple queries concurrently over hundreds of millions of records
Get in touch with one of our experts and let us show you how we can leverage your datasets to unearth powerful insights