Details
| Author | Wes Lambert, Security Onion Solutions |
| Version | 1.0 |
| License | AGPL-V3 |
| Requires Registration | No |
| Requires Subscription | No |
| Free Subscription Available | No |
| DataType Supported | thehive:case_artifact |
| Service Homepage | Minemeld |
Description
Submit indicator to Minemeld
Configuration
| Name | Description |
| minemeld_url | URL for Minemeld instance |
| minemeld_user | User for Minemeld |
| minemeld_password | Password for Minemeld |
| minemeld_indicator_list | Name of indicator list to which indicators will be added |
| minemeld_share_level | Share level for indicator |
| minemeld_confidence | Confidence level for indicator |
| minemeld_ttl | TTL for indicator |
Additional details from the README file:
This responder sends observables you select to a Palo Alto Minemeld instance.
The following options are required in the Palo Alto Minemeld Responder configuration:
minemeld_url: URL of the Minemeld instance to which you will be posting indicatorsminemeld_user: user accessing the Minemeld instanceminemeld_password: password for the user accessing the Minemeld instanceminemeld_indicator_list: name of Minemeld indicator list (already created in Minemeld)minemeld_share_level: share level for indicators (defaults tored)minemeld_confidence: confidence level for indicators (defaults to100)minemeld_ttl: TTL for indicators (defaults to86400seconds)