MineMeld Discussions
cancel
Showing results for 
Search instead for 
Did you mean: 
MineMeld Discussions
About MineMeld Discussions

Welcome to the MineMeld discussion forum. Please feel free to ask questions and engage with other community members. Ideas, questions, research, and observations regarding MineMeld are all actively encouraged.

Note: Participation in the discussion forum requires a Live Community account. Registration is free and easy! Simply click here to sign up.

Forum Posts

Deploying Minemeld Using Vagrant and Virtualbox

Hello All, Based on @lmori's great guide for doing a manual install of Minemeld on Ubuntu 14.04, I have taken his configurations and wrapped them in a Vagrantfile for easy foolproof deployment of Minemeld. It's a simple 3 step process: Install latest...

nbilal by L3 Networker
  • 10146 Views
  • 2 replies
  • 9 Likes

How to know what output and processors to use?

Hello! Forgive me if this is too broad of a question, or something that i had overlooked, but i am still quite new to using MineMeld and i've ran into a few issues where i apparently had used the wrong processor or output node, and people have correc...

mjanik01 by L1 Bithead
  • 473 Views
  • 0 replies
  • 1 Likes

TAXII into Proofpoint TRAP - Minemeld Output

I am trying to integrate MineMeld and Proofpoint TRAP. It should be relatively simple and feel I am overlooking something. The first step was easy. Create an output using stdlib.taxiiDataFeed. Because this is the community edition auth is turned off ...

Romans6 by L1 Bithead
  • 802 Views
  • 0 replies
  • 0 Likes

Integrate AlientVault feeds into minemeld

I have been trying to add the alienvault otx feeds to minemeld and followed the steps mentioned in:https://live.paloaltonetworks.com/t5/MineMeld-Discussions/AlienVault-taxii-miner-versus-prebuilt-reputation-data-miner/td-p/157037 However, I get this ...

prateekj by L0 Member
  • 857 Views
  • 2 replies
  • 0 Likes

Minemeld Log Location

Using Minemeld and I have miners, aggregators and output configured. I want to be able to get as much details from the indicators into a log server or even Splunk. Where would I find these logs? See below:

Capture.PNG

Disable Transfer-Encoding: chunked

Hi,I want to use outputers from Minemeld that show the Content-Length in the http header. To do this, I've tried to disable the chunked transfer-encoding on nginx. I've edited the nginx.conf file. But, it doesn´t work. # Gzip Settings##gzip_static on...

Mtorre by L0 Member
  • 1236 Views
  • 0 replies
  • 0 Likes

PA units wont populate EDL

At the end of last week I installed MineMeld. Configured 0365 miners. When I access the miners via their URL I recieve an IP list. Next I configure EDL on two of my PA units. For this test I configured the miners to be anonymous. Tested the URL and i...

AOneR by L0 Member
  • 959 Views
  • 2 replies
  • 0 Likes

Getting a list of smtp.office365.com IP ranges

Hi, Pretty new to MM and so far I have it up and running in Azure. I used the O365 guide and it worked well however I was wondering if there is a way to get specifically the ranges used for SMTP and if someone could potentially help me with that? I s...

TyronF by L2 Linker
  • 4097 Views
  • 5 replies
  • 0 Likes

2 Output to the same destination

I need 2 output to Azure Sentinel, one for domain and the other for IP. The first output for IP is workingI add the second output for domain = the first output stop working. Is it normal behavior ? Where should I look ? How can I fix it ? THanks

Resolved! Output stop working

I have a Output to Azure Sentinel. I reboot, it work then stop working for a unknown reason. I have a bunch of ERROR.SUBMITHow do I troubleshoot that ?

mine.PNG

ImportError: No module named _sqlite3 on RHEL 6.7

Looking to install MM on RHEL 7.6 # cat /etc/*elease* NAME="Red Hat Enterprise Linux Server" VERSION="7.6 (Maipo)" ID="rhel" ID_LIKE="fedora" VARIANT="Server" VARIANT_ID="server" VERSION_ID="7.6" PRETTY_NAME="Red Hat Enterprise Linux Server 7.6 (Maip...

jhurtt by L0 Member
  • 981 Views
  • 0 replies
  • 0 Likes

Resolved! URLHaus complete list help

I am trying to pull the complete list from URLHaus (https://urlhaus.abuse.ch/api/) and specificly the CSV feed. (https://urlhaus.abuse.ch/downloads/csv/) The problem is this. The feed is huge! Over 200k right now, so the PAN will not take it because ...

Mattk by L2 Linker
  • 2356 Views
  • 2 replies
  • 0 Likes
Top Solution Authors