Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Are any of your organizations trusted network assets behaving as TOR relays, bridges, or devices?

To find out, enable Spectre to ingest NetFlow v9 (or netflow from a similar flow-collection infrastructure and also enable a threat intelligence feed containing TOR intelligence data such as iDefense.

Note: The standard Spectre requirements are not inclusive of this integration. Additional storage may be required to index a TOR feed.

Configure the TOR feed as follows:

  1. On Spectre's main menu, browse to Settings > Integrations > Open Source Feeds > TOR.
  2.  Enable the threat feed by sliding the toggle button to On.


  3. Input a Polling Interval to indicate the time that should elapse between fetching the latest feed data. Input 24 to poll daily,, for example, of 12 to poll twice a day,.
  4. Click Submit
    Feed is configured.



  • No labels