Details
Author | Wes Lambert, Security Onion Solutions |
Version | 1.0 |
License | AGPL-V3 |
Requires Registration | No |
Requires Subscription | No |
Free Subscription Available | No |
DataType Supported | thehive:case_artifact |
Service Homepage | Minemeld |
Description
Submit indicator to Minemeld
Configuration
Name | Description |
minemeld_url | URL for Minemeld instance |
minemeld_user | User for Minemeld |
minemeld_password | Password for Minemeld |
minemeld_indicator_list | Name of indicator list to which indicators will be added |
minemeld_share_level | Share level for indicator |
minemeld_confidence | Confidence level for indicator |
minemeld_ttl | TTL for indicator |
Additional details from the README file:
This responder sends observables you select to a Palo Alto Minemeld instance.
The following options are required in the Palo Alto Minemeld Responder configuration:
minemeld_url
: URL of the Minemeld instance to which you will be posting indicatorsminemeld_user
: user accessing the Minemeld instanceminemeld_password
: password for the user accessing the Minemeld instanceminemeld_indicator_list
: name of Minemeld indicator list (already created in Minemeld)minemeld_share_level
: share level for indicators (defaults tored
)minemeld_confidence
: confidence level for indicators (defaults to100
)minemeld_ttl
: TTL for indicators (defaults to86400
seconds)