- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
04-28-2016 05:50 AM
I'd like to start by saying, that this is an amazing tool! Thanks for sharing this, it has great potential and my customer is excited. One question: is there currently any support for creating and maintaining local IP and domain blocklists on the MineMeld? Instead of setting up a miner to go out and consume a feed, we'd like to be able to create and modify a static list locally, then publish it to firewalls as an EDL or DAG like other MineMeld outputs.
If this is already supported, how would I go about configuring it? If not, is it something we could add?
Thanks!
Nasir
04-28-2016 06:01 AM
Hi Nasil,
this is supported already. Just create a node based on stdlib.listDomainGeneric prototype to manage a static list of domains. For IPv4 you can use stdlib.listIPv4Generic, for IPv6 stdlib.listIPv6Generic.
DON'T USE NAME WITH PREFIX "wl" OTHERWISE THE AGGREGATOR WILL USE THE LIST AS WHITELISTS !
HTH,
Luigi
05-02-2016 07:36 AM
I was using "Class = minemeld.ft.redis.RedisSet" and "Prototype = stdlib.feedHCGreen".
However, I found out the reason they were being withdrawn - I wasn't setting the "Share Level" of the indicators to Green (it was left blank). After deleting those indicators and adding them in with a share level, they show up even in the Miner > Output scenario. Thanks for your support!
04-28-2016 06:01 AM
Hi Nasil,
this is supported already. Just create a node based on stdlib.listDomainGeneric prototype to manage a static list of domains. For IPv4 you can use stdlib.listIPv4Generic, for IPv6 stdlib.listIPv6Generic.
DON'T USE NAME WITH PREFIX "wl" OTHERWISE THE AGGREGATOR WILL USE THE LIST AS WHITELISTS !
HTH,
Luigi
04-28-2016 07:06 AM
Thanks Luigi! That worked. It's interesting though, I had to use a Miner > Processor > Output. When I tried to use Miner > Output, the output would process and "withdraw" all of the indicators from the Miner. So are all three components required? I thought that it would be possible to point a Miner right at an Output.
04-28-2016 03:17 PM
Hi Nasil,
do you remember which Output prototype did you use for the Miner > Output test ?
luigi
05-02-2016 07:36 AM
I was using "Class = minemeld.ft.redis.RedisSet" and "Prototype = stdlib.feedHCGreen".
However, I found out the reason they were being withdrawn - I wasn't setting the "Share Level" of the indicators to Green (it was left blank). After deleting those indicators and adding them in with a share level, they show up even in the Miner > Output scenario. Thanks for your support!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!