MineMeld Discussions
cancel
Showing results for 
Search instead for 
Did you mean: 
MineMeld Discussions
About MineMeld Discussions

Welcome to the MineMeld discussion forum. Please feel free to ask questions and engage with other community members. Ideas, questions, research, and observations regarding MineMeld are all actively encouraged.

Note: Participation in the discussion forum requires a Live Community account. Registration is free and easy! Simply click here to sign up.

Forum Posts

Deploying Minemeld Using Vagrant and Virtualbox

Hello All, Based on @lmori's great guide for doing a manual install of Minemeld on Ubuntu 14.04, I have taken his configurations and wrapped them in a Vagrantfile for easy foolproof deployment of Minemeld. It's a simple 3 step process: Install latest...

nbilal by L3 Networker
  • 9990 Views
  • 2 replies
  • 9 Likes

Minemeld install error on RHEL

I am attempted to perform an ansible install of Minemeld on RHEL 7. I am receiving the following error. Anyone seen this and have any suggestions for remediation? Thanks I receive the following message when I run the ansible playbook: TASK [minemeld ...

taustin by L1 Bithead
  • 1307 Views
  • 2 replies
  • 0 Likes

Resolved! Anomali Limo Miner Creation

Hello, First, I am not a programmer, so please keep that in mind ;-) I would like to create a miner for the Anomali Limo TAXII feed. The Anomali documentation is not very good: You can also get the benefits of Limo without STAXX. Simply: ​ Configure ...

Capture.PNG

Resolved! API documentation

Hi, i want to query Mineneld using the API, in order to get indicators or information about the tool, to automate some reports. For example, i need to know how many indicatores we have added in the last X days, or last month..., how many indicators a...

MineMeld engine:fatal message

I'm getting the below message in my minemeld logs and not sure what is causing it 2018-07-11T00:30:28 (16652)config._destroy_old_nodes INFO: Destroyed nodes: [_ConfigChange(nodename=u'Amazon_IPv4_Agg_General', nodeclass=u'minemeld.ft.ipop.AggregateIP...

Minemeld and production installation

Hi, I'm considering how to do some of the following, if anyone has advice or links to documentation I'm not finding I would appreciate it: Export the configuration in a way that any local custom miners are also backed up, meaning the restore is a lit...

chirss by L3 Networker
  • 2133 Views
  • 1 replies
  • 2 Likes

TaxiiDataFeed - Aging out of Feed

Hi Guys, using as prototype the "stdlib.taxiiDataFeed" I've exposed through Minemeld a TAXII Feed. Now i've observed that this prototype is the only that can't be aged out, in fact the IoCs collected from the sources comes in addition to those alread...

rafy92 by L1 Bithead
  • 4116 Views
  • 7 replies
  • 0 Likes

GPCS and Minemeld

I wish there was a prototype in Minemeld to be able to track all GPCS endpoints via the API. Currently you can only do it using this rather messy way :- https://www.paloaltonetworks.com/documentation/10/cloud-services/globalprotect-cloud-service-gsg/...

Resolved! MineMeld install error bower install

Hi all, I have installed successfully minemeld on a test Ubuntu 16.04. I try to do the same now in production and get an error on bower install : fatal: [127.0.0.1]: FAILED! => {"changed": true, "cmd": ["bower", "install", "--allow-root"], "delta": "...

Resolved! Confidence level in logs

Hi, In minemeld logs from the nodes, taking AF-Ransomware node as an example, I have 2 questions regarding the confidence, thanks! 1. does the confidence level come from the source feed? 2. can customers change this confidence level?

chtoh82 by L2 Linker
  • 2356 Views
  • 2 replies
  • 0 Likes

DROP_UPDATE on Minemeld

Hello Community, the logs on my Minemeld shows the below error for all that IPs that catch, could you please advice how to get ride of this problem? Thanks in advance

DROP_UPDATE.png
Top Solution Authors
Top Liked Authors