#873 minemeld

2024-11-06 09:05:19 +00:00 · 2020-11-18 17:22:27 +01:00 · 2020-11-18 17:22:27 +01:00 · 4de696c9b0
commit 4de696c9b0
parent c9722aabad
3 changed files with 97 additions and 67 deletions
--- a/responders/Minemeld/README.md
+++ b/responders/Minemeld/README.md
@ -0,0 +1,14 @@
+### Palo Alto Minemeld
+
+This responder sends observables you select to a [Palo Alto Minemeld](https://www.paloaltonetworks.com/products/secure-the-network/subscriptions/minemeld) instance.
+
+#### Requirements
+The following options are required in the Palo Alto Minemeld Responder configuration:
+
+- `minemeld_url` : URL of the Minemeld instance to which you will be posting indicators   
+- `minemeld_user`: user accessing the Minemeld instance
+- `minemeld_password`:  password for the user accessing the Minemeld instance
+- `minemeld_indicator_list`: name of Minemeld indicator list (already created in Minemeld)
+- `minemeld_share_level`: share level for indicators (defaults to `red`)
+- `minemeld_confidence`: confidence level for indicators (defaults to `100`)
+- `minemeld_ttl`: TTL for indicators (defaults to `86400` seconds)
--- a/responders/Minemeld/assets/MM-logo.png
+++ b/responders/Minemeld/assets/MM-logo.png
--- a/responders/Minemeld/minemeld.json
+++ b/responders/Minemeld/minemeld.json
@ -1,69 +1,85 @@
 {
-  "name": "Minemeld",
-  "version": "1.0",
-  "author": "Wes Lambert, Security Onion Solutions",
-  "url": "https://github.com/TheHive-Project/Cortex-Analyzers",
-  "license": "AGPL-V3",
-  "description": "Submit indicator to Minemeld",
-  "dataTypeList": ["thehive:case_artifact"],
-  "command": "Minemeld/minemeld.py",
-  "baseConfig": "Minemeld",
-  "configurationItems": [
-    {
-      "name": "minemeld_url",
-      "description": "URL for Minemeld instance",
-      "type": "string",
-      "multi": false,
-      "required": true,
-      "defaultValue": "https://x.x.x.x"
+    "name": "Minemeld",
+    "version": "1.0",
+    "author": "Wes Lambert, Security Onion Solutions",
+    "url": "https://github.com/TheHive-Project/Cortex-Analyzers",
+    "license": "AGPL-V3",
+    "description": "Submit indicator to Minemeld",
+    "dataTypeList": [
+        "thehive:case_artifact"
+    ],
+    "command": "Minemeld/minemeld.py",
+    "baseConfig": "Minemeld",
+    "configurationItems": [
+        {
+            "name": "minemeld_url",
+            "description": "URL for Minemeld instance",
+            "type": "string",
+            "multi": false,
+            "required": true,
+            "defaultValue": "https://x.x.x.x"
+        },
+        {
+            "name": "minemeld_user",
+            "description": "User for Minemeld",
+            "type": "string",
+            "multi": false,
+            "required": true,
+            "defaultValue": "apiuser"
+        },
+        {
+            "name": "minemeld_password",
+            "description": "Password for Minemeld",
+            "type": "string",
+            "multi": false,
+            "required": true,
+            "defaultValue": "password"
+        },
+        {
+            "name": "minemeld_indicator_list",
+            "description": "Name of indicator list to which indicators will be added",
+            "type": "string",
+            "multi": false,
+            "required": true,
+            "defaultValue": "my_block_list"
+        },
+        {
+            "name": "minemeld_share_level",
+            "description": "Share level for indicator",
+            "type": "string",
+            "multi": false,
+            "required": true,
+            "defaultValue": "red"
+        },
+        {
+            "name": "minemeld_confidence",
+            "description": "Confidence level for indicator",
+            "type": "string",
+            "multi": false,
+            "required": true,
+            "defaultValue": "100"
+        },
+        {
+            "name": "minemeld_ttl",
+            "description": "TTL for indicator",
+            "type": "string",
+            "multi": false,
+            "required": true,
+            "defaultValue": "86400"
+        }
+    ],
+    "registration_required": false,
+    "subscription_required": false,
+    "free_subscription": false,
+    "service_homepage": "https://github.com/PaloAltoNetworks/minemeld",
+    "service_logo": {
+        "path": "assets/MM-logo.png",
+        "caption": "logo"
    },
-    {
-      "name": "minemeld_user",
-      "description": "User for Minemeld",
-      "type": "string",
-      "multi": false,
-      "required": true,
-      "defaultValue": "apiuser"
-    },
-    {
-      "name": "minemeld_password",
-      "description": "Password for Minemeld",
-      "type": "string",
-      "multi": false,
-      "required": true,
-      "defaultValue": "password"
-    },
-    {
-      "name": "minemeld_indicator_list",
-      "description": "Name of indicator list to which indicators will be added",
-      "type": "string",
-      "multi": false,
-      "required": true,
-      "defaultValue": "my_block_list"
-    },
-    {
-      "name": "minemeld_share_level",
-      "description": "Share level for indicator",
-      "type": "string",
-      "multi": false,
-      "required": true,
-      "defaultValue": "red"
-    },
-    {
-      "name": "minemeld_confidence",
-      "description": "Confidence level for indicator",
-      "type": "string",
-      "multi": false,
-      "required": true,
-      "defaultValue": "100"
-    },
-    {
-      "name": "minemeld_ttl",
-      "description": "TTL for indicator",
-      "type": "string",
-      "multi": false,
-      "required": true,
-      "defaultValue": "86400"
-    }
-  ]
-}
+    "screenshots": [
+        {
+            "path": "",
+            "caption": ""
+        }
+    ]
+}