Siren Platform User Guide

Install Siren Investigate with ZIP package

Siren Investigate is provided for Linux and Windows as a .zip package. These packages are the easiest formats to use when trying out Siren Investigate.

The latest stable version of Siren Investigate can be found on the Siren Support Portal. Descriptions of the separate demonstration packages are also available there.

Download and install the Linux 64-bit package

After you have obtained your license, you should have access to the Siren Support Portal's download pages. The siren-investigate package can be downloaded from there, either by clicking the package link in the browser or, right click the link, then use the copied link as investigate-link as follows:

wget {investigate-link}.zip
sha1sum siren-investigate-10.0.0-linux-x86_64.zip 1
unzip siren-investigate-10.0.0-linux-x86_64.zip -d .
cd siren-investigate-10.0.0-linux-x86_64/ 2

1

Compare the SHA produced by sha1sum or shasum with the published sha1.txt (found on the Siren Investigate download page on the Siren Support Portal).

2

This folder is known as $INVESTIGATE_HOME.

Running Siren Investigate from the command prompt

Siren Investigate can be started from the command prompt as follows:

./bin/investigate

By default, Siren Investigate runs in the foreground, prints its logs to the standard output (stdout), and can be stopped by pressing Ctrl+C.

Siren Investigate configuration

Siren Investigate loads its configuration from the $INVESTIGATE_HOME/config/investigate.yml file by default. The format of this configuration file is explained in Configuring Siren Investigate.

Folder layout of Linux ZIP archive

The .zip packages are entirely self-contained.

This is very convenient because you do not have to create any directories to start using Siren Investigate, and uninstalling is as easy as removing the folder. However, it is advisable to change the default locations of the configuration and data folders so that you do not remove important data later on.

Type

Description

Default Location

Setting

home

Siren Investigate home folder or $INVESTIGATE_HOME

Folder created by unpacking the archive; in demonstration distributions, the folder is siren-investigate.

bin

Binary scripts including kibi to start the Siren Investigate server and kibi-plugin to install plugins

$INVESTIGATE_HOME\bin

config

Configuration files including investigate.yml

$INVESTIGATE_HOME\config

data

The location of the data files written to disk by Siren Investigate and its plugins

$INVESTIGATE_HOME\data

optimize

Transpiled source code. Certain administrative actions, for example plugin install, result in the source code being retranspiled on the fly.

$INVESTIGATE_HOME\optimize

plugins

The location of the plugin files. Each plugin will be contained in a subfolder.

$INVESTIGATE_HOME\plugins

Search results

    No results found