QTOR Darknet Monitoring
QTOR Darknet/TOR Nodes Monitoring for IBM Security QRadar SIEM is an application that allows users to easily monitor inbound and outbound connection to the Darknet via TOR relay and exit nodes.
QTOR requires Internet access to reach https://onionoo.torproject.org website which is used to gather information about the active relay and exit TOR nodes.
QTOR package contains the following security content:
• QRadar application to poll TOR nodes;
• 2 custom rules for inbound and outbound TOR connections monitoring (works for events and flows).
QRadar Native Alternatives
There is no such native functionality in QRadar. Users have to manually extract and search for the required data.
QTOR is a free application by ScienceSoft. Open Source / Apache 2. IBM App Exchange
QTOR Darknet Monitoring is officially available at IBM Security App Exchange. Please, follow the link to download it now.