MineMeld Discussions
Showing results for 
Search instead for 
Did you mean: 
MineMeld Discussions
About MineMeld Discussions

Welcome to the MineMeld discussion forum. Please feel free to ask questions and engage with other community members. Ideas, questions, research, and observations regarding MineMeld are all actively encouraged.

Note: Participation in the discussion forum requires a Live Community account. Registration is free and easy! Simply click here to sign up.

Forum Posts

Deploying Minemeld Using Vagrant and Virtualbox

Hello All, Based on @lmori's great guide for doing a manual install of Minemeld on Ubuntu 14.04, I have taken his configurations and wrapped them in a Vagrantfile for easy foolproof deployment of Minemeld. It's a simple 3 step process: Install latest...

nbilal by L3 Networker
  • 2 replies

Config, System, Supervisor timing out

I cloned few output prototypes and created my own miner -> ipv4 agg -> output config. I logged off for some reason and now that I login, I am getting timeout error for config, system, supervisor etc. I dont see any config info or indicaters in System...

syslogMiner not working

I have configured the syslogminer node as per https://live.paloaltonetworks.com/t5/MineMeld-Articles/Using-the-syslog-Miner/ta-p/77262 I have checked the firewall is sending syslog for threat events on TCP 13514, BSD format, LOG_USER facility and I c...


Trouble installing manually or from ISO on ESX

Have followed all the articles I can find. Trying the ISO, I can login and basically gets stuck right after login at "initializing minemeld, this can take some minutes......", and left it for minutes/hours/days, just never finishes. Tried canceling o...

Spetka by L1 Bithead
  • 7 replies

TAXII or STIX generic miners?

Is it possible to have TAXII or STIX generic miners for internal custom feeds? We are exploring the data sharing between different vendors for our internal environment and instead of waiting for the vendor to come up with the integration, rely on ext...

Resolved! Connection aborted error when 'running' miner job

I'm seeing error indicators for 3/4Miner nodes. The error is ('Connection aborted.', gaierror(-2, 'Name or service not known')) I would suspect this is not desireable and would like some direction how to fix that? This is a new installation which has...


Logs in GUI are blank

We noticed that the log view in the gui for the nodes, indicators, etc no longer populate anything. The node view does show indicators being added and removed, so we know they are pulling in data, the logs just don't show anything. Any idea where we ...

feeeds by L1 Bithead
  • 4 replies

TruStar IT-ISAC prototype?

Hi, I was wondering if any has been working on a Prototype to integrate IT-ISAC feed from TruStar (https://info.trustar.co/it-isac). As far as I now, this is a traditional TAXII server, not aware if they have an API too. I'll try to get more detailed...

MarcelST by L3 Networker
  • 8 replies

Output Node Disables

using the minemeld.ft.redis.RedisSet prototype for output and 'state' is started but the output is disabled. on the configuration tab the output says 'enabled' however still not working. I have the URL in the Palo Alto and it connects successfully to...

jsamide by L2 Linker
  • 1 replies

Syslog Matcher not matching on Indicators

Team, I'm following the process outlined in the technote below, but I'm not seeing any indicators triggered within Minemeld. I have verified that syslog is configured correctly on the FW and when I attempt to ping IP's sourced by various miners (dshi...

jnewsome by L2 Linker
  • 0 replies

Minemeld exports feed to another Minemeld via TAXII

Hi Guys, I am a newbie in Minemeld. I have deployed two Minemeld in two VM. Recenlty I am studying how to export the output feed via TAXII to my second Minemeld. May I know is there any way to do that or do we have any miner can poll the feed ? For t...

Jutice by L0 Member
  • 2 replies
Top Solution Authors
Top Liked Authors