Getting Started: MineMeld

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
L7 Applicator
92% helpful (11/12)

Overview of MineMeld

MineMeld is a low latency processor of indicators feeds. You can think of it as the Swiss army knife of feeds. It can be used to continuously retrieve indicators from external sources, process them and produce new feeds that can be directly consumed by Palo Alto Networks platforms. Viceversa it can be used to continuously retrieve indicators from Palo Alto Networks platforms and produce feeds that can be consumed by trusted peers and 3rd party security platforms.

 

minemeld.png

 

Running MineMeld

A typical installation of MineMeld is made of different components, all of them will be made available in Open Source after the launch. MineMeld has been designed to run on a Linux system even with reasonably low system resources (1 VCPU and 1GB of RAM).

 

To quickly set up a basic installation of MineMeld a pre-configured loader is provided for the Ubuntu 14.04 LTS cloud images. The loader can be used to bootstrap MineMeld on all the platforms supported by Ubuntu cloud images: VMWare desktop, VMWare ESXi, Amazon EC2, OpenStack, KVM. It should work even on the good old bare metal!

 

At the first boot the loader will connect to the MineMeld auto update API to retrieve and install the latest available release of MineMeld. So, yes, you need Internet connectivity to install MineMeld for the first time.

 

Using MineMeld

Once you get MineMeld up and running, you can take a Quick Tour of MineMeld

Rate this article:
Comments
L0 Member

I feel like the answer to this question is painfully obvious and right in front of my face somewhere... but where is the link to download MineMeld? 

L7 Applicator

Hi Eric,

you should choose the virtualization environment you want to run MineMeld on (VMWare, Azure, AWS, ...), and then click on the appropriate article in the MineMeld Article section:

https://live.paloaltonetworks.com/t5/MineMeld-Articles/tkb-p/MineMeldArticles

L0 Member

Thanks! Is there not an on-prem version available? 

L7 Applicator
L2 Linker

After successfully setting up the Ubuntu + Minemeld CD, I'm having issues logging back into the console (shell) with the above credentials (u: admin / pw: minemeld). I have also tried ubuntu/rsplizardspock, but no luck. 

 

Do the login credentials change after setting up MineMeld?

L7 Applicator

Hi @chmotley,

no, they don't. Could you open a discussion in the forum so we can check the issue ?

 

Thanks !

L0 Member

 Hello All,

 

What is VMWare Desktop?  Is this the same thing as VMWare workstation.  I see instructions on installing MineMeld on VMWare desktop, but nothing regarding installing into ESXi.  We are running ESXi 6.0.  Any direction you can get me to get started will be much appreciated.

L7 Applicator

Hi @NickD.,

you can install on ESXi by loading the Ubuntu 14.04 cloud image OVA on ESXi and then attaching the ISO file to the instance. Or you can install Ubuntu 14.04 on a new instance and then install MineMeld on top of it.

L0 Member

Hi There, 

 

First time posting in here and completely new to MineMeld. My boss has asked me to see if there is a way to automate information from MineMeld to populate a rule in the Palo Alto. Essentially we want to have the restricted IPs found in MineMeld to be scheduled to automatically populate a rule we will be creating to block those IPs from users trying to access them. 

L5 Sessionator

@mramsaw : I think that the feature that you're looking for is the External Dynamic List  (EDL). You do not need to populate rules. You just need a rule using the EDL object and let MineMeld populate the contents of the EDL.

L1 Bithead

Services are running now! On Ubuntu, but after installation is complete and confirmed I have not been able to find  how I can access the web or access it? Can you provide us with after installation on a Ubuntu Server to then access minemeld gui?? Maybe i missed it, but could not findany info???

 

L0 Member

I have the same question as @WSTRIBES above...did anyone ever answer this?  I have this installed in Ubuntu Server and only have the terminal via SSH and I am not sure how to get to the MineMeld User Interface to be able to log in.  Can someone please help??

L0 Member

@WSTRIBES and @akoors. This took me an embarassing amount of time to figure out. If you are using the Ubuntu image installing manually, run Ifconfig and use the IP address to detect the URL needed to log in. Usually you will get a 192.168 IP, and in my case I was able to log in using https://192.168.10.137/#/config. Username : admin password :  minemeld

 

L0 Member

Does it require licence or is it integrated with PA licences?

L0 Member

The Minemeld Pre-built images links and the AWS Could formation templates are not working. Please share the 

correct links to download.Thanks.

L0 Member

Hi,

 

I'd tried to access using the same url format https://<minemeld server ip>/#/config. but still failed. can anyone help me on this?

L0 Member

Once you have installed MineMeld do 

https://<ipaddress>

 

that should be sufficient.

L1 Bithead

I will say that I have installed this on RHEL 7.9 and the services are running but I am not able to get to the webui.  Any idea's? 

  • 123753 Views
  • 18 comments
  • 0 Likes
Register or Sign-in
Contributors
Labels
Article Dashboard
Version history
Last Updated:
‎10-28-2019 08:29 AM
Updated by:
Retired Member