Et par noter på at få PaloAlto Networks MineMeld til til at starte på Debian 10.

Basalt er det at følge steps'ne for Debian9 her: https://github.com/PaloAltoNetworks/minemeld-ansible

$ sudo apt-get update
$ sudo apt-get upgrade # optional
$ sudo apt-get install -y gcc git python2.7-dev libffi-dev libssl-dev
$ wget https://bootstrap.pypa.io/get-pip.py
$ sudo -H python get-pip.py
$ sudo -H pip install ansible
$ git clone https://github.com/PaloAltoNetworks/minemeld-ansible.git
$ cd minemeld-ansible
$ ansible-playbook -K -i 127.0.0.1, local.yml
$ sudo usermod -a -G minemeld <your user> # add your user to minemeld group, useful for development

Men da, det er lavet til Debian-9 kommer man ikke langt, derfør skal nedstående rettes før ovenstående virker :-)

1) tilføj sudo til debian minimal, incl en bruger, dette er nødvendig såfremt starter fra en basic Debian netinst installation

2) Certificaterne på Git virker ikke med nginx, så der skal lige et par nye ind.

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/minemeld.key -out /etc/nginx/minemeld.crt
cat minemeld.crt minemeld.key > minemeld.pem
cp minemeld.pem /usr/src/minemeld/minemeld-ansible/roles/minemeld/files/minemeld.pem
cp minemeld.crt /usr/src/minemeld/minemeld-ansible/roles/minemeld/files/minemeld.cer

3) Lav sådan at ansible understøtter Debian-10

cp /usr/src/minemeld/minemeld-ansible/roles/infrastructure/vars/Debian-9.yml /usr/src/minemeld/minemeld-ansible/roles/infrastructure/vars/Debian-10.yml
Change line til Debian 10 : infrastructure_include: Debian-10

cp /usr/src/minemeld/minemeld-ansible/roles/infrastructure/tasks/Debian-9.yml /usr/src/minemeld/minemeld-ansible/roles/infrastructure/tasks/Debian-10.yml

cp /usr/src/minemeld/minemeld-ansible/roles/minemeld/vars/Debian-9.yml /usr/src/minemeld/minemeld-ansible/roles/minemeld/vars/Debian-10.yml

 

Mere info:

https://github.com/PaloAltoNetworks/minemeld/wiki
https://live.paloaltonetworks.com/t5/minemeld-articles/quick-tour-of-minemeld-default-config/ta-p/72042

https://serveripaddrsse/#/login
Default credentials are admin / minemeld