Reply
Highlighted
L3 Networker
Posts: 51
Registered: ‎12-13-2017
Accepted Solution

Stable MineMeld version and new Office 365 API

Hi guys,

 

I'm using Minemeld 0.9.44.post1 and would like to test the new prototype O365 API MINER, since microsoft decided to change the way they publish IPs and URLs. I know that the development version of Minemeld (0.9.46) already comes with it, however I would like to maintain my stable version and only get the mentioned prototype to test. Is it possible? How can I get it? Is it necessary to reinstall the MineMeld Engine? Do I have to do major changes?

 

Thank you in advanced.

L5 Sessionator
Posts: 272
Registered: ‎11-15-2012

Re: Stable MineMeld version and new Office 365 API

Hi @danilo.souza,

 

0.9.46 is already in the Master channel

L3 Networker
Posts: 51
Registered: ‎12-13-2017

Re: Stable MineMeld version and new Office 365 API

Hi xhmos,

 

Is there a guide to update MineMeld keeping local miners and config? I only get that:

 

https://live.paloaltonetworks.com/t5/MineMeld-Articles/Updating-MineMeld/ta-p/72151

 

which I think is too vague. If something goes wrong is it possible to backwards?

 

Thank you for the reply.

L3 Networker
Posts: 51
Registered: ‎12-13-2017

Re: Stable MineMeld version and new Office 365 API

Hi xhoms

 

I get nothing when I use:

 

$ /usr/sbin/minemeld-auto-update

 even with "sudo" before the command line. I'm using ansible version for CentOS. Any tip?

 

The other point is, can I keep the office365 actual miners (0.9.44) in the new version (0.9.46)? Can the new API and the old office365 miners live togheter? I would like to guarantee my stable environment until the Office (old way publishing) shutdown in october.

 

Thank you again.

L3 Networker
Posts: 51
Registered: ‎12-13-2017

Re: Stable MineMeld version and new Office 365 API

Hi guys,

Can someone help with this? I used ansible to install Minemeld 0.9.44 for CentOS. Now I would like test 0.9.46.

 

In the link below, 

 

https://live.paloaltonetworks.com/t5/MineMeld-Discussions/Running-Minemeld-on-CentOS/td-p/76264/page...

 

the last comment, by lmori, he mentions that: "Experimental CentOS 7 support has been added to MineMeld Ansible playbook. This means you can now run MineMeld CentOS 7, but automatic upgrade are not supported yet."

 

So, what would be the correct precedure to update it? Reinstall Minemeld to get the latest version? Would it maintain my local prototypes and my actual config? I wouldn't like to lose my stables enviroment. I have many policies (rules) based on it.

 

Best regards.

L7 Applicator
Posts: 927
Registered: ‎03-03-2011

Re: Stable MineMeld version and new Office 365 API

Hi @danilo.souza,

you can update your MineMeld installation using Ansible by following this procedure (backup your /opt/minemeld/local directory before starting):

$ sudo systemctl stop minemeld.service
$ sudo rm -rf /opt/minemeld/engine/ /opt/minemeld/prototypes/ /opt/minemeld/www/
$ cd minemeld-ansible
$ ansible-playbook -K -i 127.0.0.1, local.yml
$ shutdown -r now

 

Once updated to 0.9.46, you can add the new Miners to your existing O365 aggregators - they will just coexist with the existing O365 miners.

L3 Networker
Posts: 51
Registered: ‎12-13-2017

Re: Stable MineMeld version and new Office 365 API

Hi lmori

 

thank you, it really helped me. But I still have an issue. My MM engine is restarting at each minute (image attached 1). When I was running the 0.9.44 version, my extensions, in the admin tab, were showed as, let's say installed (image attached 2). Now, it is not the case (image attached 3). Could it be the problem? What should I do?

 

Thank you once again.

 

L7 Applicator
Posts: 927
Registered: ‎03-03-2011

Re: Stable MineMeld version and new Office 365 API

Hi @danilo.souza,

have you already reactivated the extensions after the update? You can do this by clicking on the check icon.

 

luigi

L0 Member
Posts: 1
Registered: ‎08-17-2017

Re: Stable MineMeld version and new Office 365 API

Could you please add this helpful information to the README.md of the minemeld-ansible project

 

Thanks!

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!