Minemeld
Minemeld
Details
Author |
Wes Lambert, Security Onion Solutions |
Version |
1.0 |
License |
AGPL-V3 |
Requires Registration |
No |
Requires Subscription |
No |
Free Subscription Available |
No |
DataType Supported |
thehive:case_artifact |
Service Homepage |
Description
Submit indicator to Minemeld
Configuration
Name |
Description |
minemeld_url |
URL for Minemeld instance |
minemeld_user |
User for Minemeld |
minemeld_password |
Password for Minemeld |
minemeld_indicator_list |
Name of indicator list to which indicators will be added |
minemeld_share_level |
Share level for indicator |
minemeld_confidence |
Confidence level for indicator |
minemeld_ttl |
TTL for indicator |
Additional details from the README file:
Palo Alto Minemeld
This responder sends observables you select to a Palo Alto Minemeld instance.
Requirements
The following options are required in the Palo Alto Minemeld Responder configuration:
minemeld_url: URL of the Minemeld instance to which you will be posting indicatorsminemeld_user: user accessing the Minemeld instanceminemeld_password: password for the user accessing the Minemeld instanceminemeld_indicator_list: name of Minemeld indicator list (already created in Minemeld)minemeld_share_level: share level for indicators (defaults tored)minemeld_confidence: confidence level for indicators (defaults to100)minemeld_ttl: TTL for indicators (defaults to86400seconds)