Performance

You can configure Siren Investigate to perform faster.

Avoiding extra pre-authentication for requests routed through the Elasticsearch proxy

Investigate enables routes like /elasticsearch to proxy to the Elasticsearch instance. By default, these routes are protected with additional authentication, meaning each request is pre-authenticated before being forwarded to Elasticsearch. When using basic authentication, you can disable this extra security layer by setting the following configuration in investigate.yml:

investigate_access_control.disableExtraEsProxyAuth: true (default false)

Enable this setting on a network with higher than usual latency. This significantly speeds up each request going through the proxy.

Each proxied request already includes an authorization header. If access is denied, Elasticsearch will respond with a 403 Forbidden error.