MineMeld Discussions
cancel
Showing results for 
Search instead for 
Did you mean: 
MineMeld Discussions
About MineMeld Discussions

Welcome to the MineMeld discussion forum. Please feel free to ask questions and engage with other community members. Ideas, questions, research, and observations regarding MineMeld are all actively encouraged.

Note: Participation in the discussion forum requires a Live Community account. Registration is free and easy! Simply click here to sign up.

Forum Posts

Deploying Minemeld Using Vagrant and Virtualbox

Hello All, Based on @lmori's great guide for doing a manual install of Minemeld on Ubuntu 14.04, I have taken his configurations and wrapped them in a Vagrantfile for easy foolproof deployment of Minemeld. It's a simple 3 step process: Install latest...

nbilal by L3 Networker
  • 10269 Views
  • 2 replies
  • 9 Likes

About Share Level

Quick note about share_level attribute in indicators Each indicator has an associated share_level attribute. There are 3 possible values for this attribute: RED, YELLOW or GREEN. This attribute is added to the indicator by the Miner to signal to othe...

lmori by L7 Applicator
  • 9118 Views
  • 0 replies
  • 2 Likes

Resolved! Support for static local IP and Domain Lists

I'd like to start by saying, that this is an amazing tool! Thanks for sharing this, it has great potential and my customer is excited. One question: is there currently any support for creating and maintaining local IP and domain blocklists on the Min...

nbilal by L3 Networker
  • 3265 Views
  • 4 replies
  • 0 Likes

Question/FR for mining rDNS zones?

I have a environment that is currently using rDNS to identify host security policies, and it has older Checkpoint firewalls use this data dynamically via CP Domain Objects to tie rDNS lookups to security policies. This obviously has some challenges a...

mpetzold by L0 Member
  • 1401 Views
  • 1 replies
  • 0 Likes

Enhancement Request: URL aggregator optimization

Today, the stdlib.aggregatorURL aggregator processes a list of URLs, removes duplicates, and manages withdrawals/whitelists. However, no optimization is performed on the output of this aggregator. I would like to recommend the following enhancements:...

rhagen by L3 Networker
  • 2827 Views
  • 3 replies
  • 0 Likes

issue with malwaredomainlist.ip

Dear, I added the "malwaredomainlist.ip" as miner.This is working (shows that it has mined about 1500 IPs), but when I add the miner input to a ipv4 or domain aggregator I do not get any output...

2016-04-18 16_09_21-minemeld.png
mr.linus by L4 Transporter
  • 1788 Views
  • 2 replies
  • 0 Likes

What's new in MineMeld 0.9.7

Release Date: 2016-03-24 How to update: Updating MineMeld Nodes - Miner for ProofPoint ET Pro feeds - Miner for PAN-OS syslog messages, let you extract indicators from PAN-OS logs according to a set of rules UI - now you can add a new static indicato...

Screen Shot 2016-03-29 at 10.55.39.png
Screen Shot 2016-03-29 at 10.54.55.png
lmori by L7 Applicator
  • 4078 Views
  • 7 replies
  • 0 Likes

What's new in MineMeld 0.9.8

Release Date: 2016-04-10 How to update: Updating MineMeld Nodes - Miner for AusCERT feeds (thanks to Leigh Vincent !) - Miner for IPv6 local list Prototypes - Prototype for simple IPv6 aggregator

lmori by L7 Applicator
  • 921 Views
  • 0 replies
  • 0 Likes

URL White Listing

Hi all, First of all, we are impressed about MineMeld, thanks Luigi for your ideas and work. We have just started to play with MineMeld and wandering the format to whitelist domains and network ranges using stdlib.listURLGeneric (as wlURL) We would l...

ipv6 aggregator

Is there an ipv6 aggregator on the roadmap?I noted that the URL aggregator can already extract them when the miners includes ipv6 IPs in the URLs (ex: office365), but did not find a way to get just the IPv6 addresses.

mr.linus by L4 Transporter
  • 1255 Views
  • 1 replies
  • 0 Likes

Minemeld 0.9.7

Hi, whats new with 0.9.7 ? just noticed that Minemeld has been upgraded to 0.9.7 roughly 3 days ago. Thanks

bartoq by L3 Networker
  • 1246 Views
  • 1 replies
  • 0 Likes

What's New in MineMeld 0.9.5

Release Date: 2016-03-07 How to update: Updating MineMeld Nodes - Added new counter to track errors polling - Added support for watchlists in TAXII Miner Prototypes - Added abuse.ch ransomware feeds (suggested by Brandon Levene). All the blocklist fr...

lmori by L7 Applicator
  • 1448 Views
  • 0 replies
  • 0 Likes

Resolved! Improvement Request: DaGPusher

Hi Luigi, Is there any plans to customize the tag criteria sent through DaGPusher? If you have two DagPusher from two different miners, it is complex to figure out which one is coming from one DaGPusher and which one is coming from another. Thanks Re...

blebail by L3 Networker
  • 2688 Views
  • 3 replies
  • 0 Likes

Resolved! BUG : DAGPusher Output Node UI?

Hi Luigi, With MineMeld 0.9.3 running on VMware Fusion, DAGPusher Output Node Handled devices list does not appear (see attached screenshots). Tested with Safari 9.0.3 (11601.4.4) and 48.0.2564.116 Thanks Bertrand

blebail by L3 Networker
  • 6154 Views
  • 5 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors