Minemeld#
README
Palo Alto Minemeld#
This responder sends observables you select to a Palo Alto Minemeld instance.
Requirements#
The following options are required in the Palo Alto Minemeld Responder configuration:
minemeld_url: URL of the Minemeld instance to which you will be posting indicatorsminemeld_user: user accessing the Minemeld instanceminemeld_password: password for the user accessing the Minemeld instanceminemeld_indicator_list: name of Minemeld indicator list (already created in Minemeld)minemeld_share_level: share level for indicators (defaults tored)minemeld_confidence: confidence level for indicators (defaults to100)minemeld_ttl: TTL for indicators (defaults to86400seconds)
Minemeld#
Author: Wes Lambert, Security Onion Solutions
License: AGPL-V3
Version: 1.0
Supported data types:
- thehive:case_artifact
Registration required: False
Subscription required: False
Free subscription: False
Third party service: https://github.com/PaloAltoNetworks/minemeld
Description#
Submit indicator to Minemeld
Configuration#
| minemeld_url | URL for Minemeld instance |
|---|---|
| Default value if not configured | https://x.x.x.x |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| minemeld_user | User for Minemeld |
|---|---|
| Default value if not configured | apiuser |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| minemeld_password | Password for Minemeld |
|---|---|
| Default value if not configured | password |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| minemeld_indicator_list | Name of indicator list to which indicators will be added |
|---|---|
| Default value if not configured | my_block_list |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| minemeld_share_level | Share level for indicator |
|---|---|
| Default value if not configured | red |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| minemeld_confidence | Confidence level for indicator |
|---|---|
| Default value if not configured | 100 |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| minemeld_ttl | TTL for indicator |
|---|---|
| Default value if not configured | 86400 |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
Last update: November 15, 2021 06:39:14