List of Supported Nodes - PaloAltoNetworks/minemeld GitHub Wiki
This is a list of prototypes currently included in the default MineMeld library. This list is not meant to be complete. For the most up to date and complete information check the source.
Miners
OSINT
- AlienVault Reputation
- Bambenekconsulting
- DShield
- Emerging Threats Open rulesets
- badips.com
- Binary Defense Systems Artillery
- blocklist.de
- BruteForceBlocker
- hailataxii.com
- Malware Domain List
- OpenBL
- OpenPhish
- Ransomware Tracker
- sslbl.abuse.ch
- Virbl
- ZeuS Tracker
- Feodo Tracker
Commercial
- Anomali
- Palo Alto Networks AutoFocus
- PhishMe
- Proofpoint ET Intelligence
- Recorded Future
- Soltra
- Spamhaus Project
- The Media Trust
- ThreatQ
- Virustotal Private API
- Libraesva
Organizations
- AUS-CERT
Cloud services
- AWS Public IPs
- Microsoft Azure Public IPs
- Google NetBlocks
- Google GCE NetBlocks
- Microsoft Office365 IPs and URLs
Threat Intelligence Platforms
- CIF
Various
- Tor Exit Nodes
- PAN-OS Syslog messages
- Cisco ISE
- Youtube Channel (as external extension)
Processors
- IPv4 Aggregator
- IPv6 Aggregator
- Generic Aggregator
- Syslog Matcher for PAN-OS syslog messages
Output
- JSON
- JSON-SEQ
- STIX/TAXII
- PAN-OS EDL
- PAN-OS DAG API
- Elastic Logstash
- Arcsight CEF (as external extension)