Sending Telemetry to ThreatEye
About sending telemetry to ThreatEye
LiveWire Virtual is designed to work as a ThreatEye Probe, extracting rich metadata, including more than 150 packet dynamic features, to support threat and anomaly detection, response, hunting, forensics, and compliance validation reporting in the ThreatEye SaaS application (licensed separately). Additionally, because packet dynamic-based metadata focuses on packet traits and behaviors—not contents—this data collection technique works equally well with encrypted and unencrypted traffic.
To use LiveWire Virtual with ThreatEye, you must first license and configure ThreatEye. Once configured, you must then configure LiveWire Virtual to send telemetry to ThreatEye. This chapter describes the tasks you need to perform in order to properly send telemetry from LiveWire Virtual to ThreatEye.