This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject

About SantiBT

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SantiBT
‎01-22-2019
since ‎02-20-2017
L2 Linker
User Activity
User Profile
Posts I Liked
View All
User Badges
Community Statistics
Member Since ‎02-20-2017 08:57 AM
Date Last Visited ‎01-22-2019 10:57 AM
Posts 15

How I can change the url access on minemeld for output feed

by in General Topics
‎03-27-2017 02:02 AM
‎03-27-2017 02:02 AM
Hi,   Actually I've configured my access output feed like "https:// IP_ address"   So , how I can change that url by other IP or hostname??? sample can be: https://myminmedl.loca/... or https:// IP public/...     Thanks a lot   ... View more

Re: Drop_update

by in General Topics
‎03-02-2017 08:07 AM
‎03-02-2017 08:07 AM
**bleep**!!!!   jajajajaja   Sorry, I'm stupid.   Thanks a lot!!! ... View more

Re: Drop_update

by in General Topics
‎03-02-2017 07:42 AM
‎03-02-2017 07:42 AM
Hi Imori,   Yes, is on aggregator processor, you can see over the logs:   2/3/2017 16:01:56 +0100  TEST -aggr-TEST DROP_UPDATE 0.0.0.0 confidence: 80 share_level: red sources: ["test.ipsrc"] first_seen: 1488466915898 type: ipv4 last_seen: 1488466915898 source_node: TEST-IP-TEST   2/3/2017 16:01:56 +0100  TEST -aggr-TEST DROP_UPDATE 0.0.0.0 confidence: 80 share_level: red sources: ["test.ipsrc"] first_seen: 1488466915898 type: ipv4 last_seen: 1488466915898 source_node: TEST-IP-TEST   My node is config so:   CLASS minemeld.ft.http.HttpFT INDICATOR TYPES IPv4IPv6 TAGS CONFIG attributes confidence: 80 share_level: red type: ipv4 delimeter # fieldnames indicator ignore_regex ^# interval 3600 source_name test.ipsrc url http://test.server.local/ip-test.txt My aggregator config is:   CLASS minemeld.ft.ipop.AggregateIPv4FT INDICATOR TYPES IPv4 TAGS None CONFIG infilters NAME CONDITIONS ACTIONS accept withdraws __method == 'withdraw' accept accept IPv4 type == 'IPv4' accept drop all drop whitelist_prefixes wl I'm seening prefectly the IP on my node but its impossible can see these IPs on the aggregator, I see this message "DROP_UPDATE" always.   Do you know why??     Thanks! ... View more

Drop_update

by in General Topics
‎02-27-2017 09:02 AM
‎02-27-2017 09:02 AM
Hi,   I've just created a new node and I'm seeing events such us: DROP_UPDATE on aggregator type.    My miner has all domain list but the aggregator has this meessge with "drop_update", do you know it??? Why???   Thanks a lot   ... View more

Re: Integrate with MISP

by in General Topics
‎02-23-2017 12:21 AM
‎02-23-2017 12:21 AM
Of course! Tell me when and I'll check your mine!   Thanks a lot ... View more
Register or Sign-in
Contact Me
Online Status
Offline
Date Last Visited
‎01-22-2019 10:57 AM
Latest Tags
No tags yet
Likes Given To
View All
LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks