Getting Started: MineMeld

Printer Friendly Page

Overview of MineMeld

MineMeld is a low latency processor of indicators feeds. You can think of it as the Swiss army knife of feeds. It can be used to continuously retrieve indicators from external sources, process them and produce new feeds that can be directly consumed by Palo Alto Networks platforms. Viceversa it can be used to continuosly retrieve indicators from Palo Alto Networks platforms and produce feeds that can be consumed by trusted peers and 3rd party security platforms.

 

minemeld.png

 

Running MineMeld

A typical installation of MineMeld is made of different components, all of them will be made available in Open Source after the launch. MineMeld has been designed to run on a Linux system even with reasonably low system resources (1 VCPU and 1GB of RAM).

 

To quickly set up a basic installation of MineMeld a pre-configured loader is provided for the Ubuntu 14.04 LTS cloud images. The loader can be used to bootstrap MineMeld on all the platforms supported by Ubuntu cloud images: VMWare desktop, VMWare ESXi, Amazon EC2, OpenStack, KVM. It should work even on the good old bare metal!

 

At the first boot the loader will connect to the minemeld auto update API to retrieve and install the latest available release of MineMeld. So, yes, you need Internet connectivity to install MineMeld for the first time.

 

Using MineMeld

Once you get MineMeld up and running, you can take a Quick Tour of MineMeld

Tags (3)
Comments

I feel like the answer to this question is painfully obvious and right in front of my face somewhere... but where is the link to download MineMeld? 

Hi Eric,

you should choose the virtualization environment you want to run MineMeld on (VMWare, Azure, AWS, ...), and then click on the appropriate article in the MineMeld Article section:

https://live.paloaltonetworks.com/t5/MineMeld-Articles/tkb-p/MineMeldArticles

Thanks! Is there not an on-prem version available? 

After successfully setting up the Ubuntu + Minemeld CD, I'm having issues logging back into the console (shell) with the above credentials (u: admin / pw: minemeld). I have also tried ubuntu/rsplizardspock, but no luck. 

 

Do the login credentials change after setting up MineMeld?

Hi @chmotley,

no, they don't. Could you open a discussion in the forum so we can check the issue ?

 

Thanks !

 Hello All,

 

What is VMWare Desktop?  Is this the same thing as VMWare workstation.  I see instructions on installing MineMeld on VMWare desktop, but nothing regarding installing into ESXi.  We are running ESXi 6.0.  Any direction you can get me to get started will be much appreciated.

Hi @NickD.,

you can install on ESXi by loading the Ubuntu 14.04 cloud image OVA on ESXi and then attaching the ISO file to the instance. Or you can install Ubuntu 14.04 on a new instance and then install MineMeld on top of it.

Hi There, 

 

First time posting in here and completely new to MineMeld. My boss has asked me to see if there is a way to automate information from MineMeld to populate a rule in the Palo Alto. Essentially we want to have the restricted IPs found in MineMeld to be scheduled to automatically populate a rule we will be creating to block those IPs from users trying to access them. 

@mramsaw : I think that the feature that you're looking for is the External Dynamic List  (EDL). You do not need to populate rules. You just need a rule using the EDL object and let MineMeld populate the contents of the EDL.

Services are running now! On Ubuntu, but after installation is complete and confirmed I have not been able to find  how I can access the web or access it? Can you provide us with after installation on a Ubuntu Server to then access minemeld gui?? Maybe i missed it, but could not findany info???

 

I have the same question as @WSTRIBES above...did anyone ever answer this?  I have this installed in Ubuntu Server and only have the terminal via SSH and I am not sure how to get to the MineMeld User Interface to be able to log in.  Can someone please help??

@WSTRIBES and @akoors. This took me an embarassing amount of time to figure out. If you are using the Ubuntu image installing manually, run Ifconfig and use the IP address to detect the URL needed to log in. Usually you will get a 192.168 IP, and in my case I was able to log in using https://192.168.10.137/#/config. Username : admin password :  minemeld

 

Ask Questions Get Answers Join the Live Community
Version history
Revision #:
10 of 10
Last update:
‎09-12-2019 11:19 AM
Updated by: