Sending Telemetry to ThreatEye
About Sending Telemetry to ThreatEye
The LiveAction LiveWire is designed to work as a ThreatEye Probe, extracting rich metadata, including more than 150 packet dynamic features, to support threat and anomaly detection, response, hunting, forensics, and compliance validation reporting in ThreatEye. Additionally, because packet dynamic-based metadata focuses on packet traits and behaviors—not contents—this data collection technique works equally well with encrypted and unencrypted traffic.
To use LiveWire with ThreatEye, you must first license and configure ThreatEye. Once configured, you must then configure LiveWire to send telemetry to ThreatEye. This chapter describes the tasks you need to perform in order to properly send telemetry from LiveWire to ThreatEye.