When you configure Cisco Meraki to send log data to USM Anywhere, you can use the Cisco Meraki plugin to translate raw log data into normalized events for analysis. The table below provides some basic information for the plugin:
|Device Type||Wireless Access Point|
Integrating Cisco Meraki
To configure Cisco Meraki to send log data to USM Anywhere.
- Open your Meraki dashboard.
- Select a device.
- Select Alerts & Administration.
- Scroll down to the Logging section and click Add a syslog server.
- Type the IP address of your USM Anywhere Sensor.
- Type port number 514.
- Choose which types of events to export:
- Event Log —The messages from the dashboard under Monitor > Event Log.
- Flows — Inbound and outbound traffic flow-generated syslog messages that include the source, destination, and port numbers.
- URL— HTTP GET requests generating syslog entries.
Note: You can direct each type of traffic to a different syslog server.
For plugin enablement information, see Adding AlienApps to an Asset.
Available Plugin Fields
The following plugin fields are important attributes extracted from the syslog message. The USM Anywhere reports use these fields, and you can also reference them when creating custom reports. In addition to reporting, the USM Anywhere correlation rules make use of these fields.
Additional Resources and Troubleshooting
For troubleshooting, refer to the vendor documentation: