You are here: Docs>Sheriff Web>UserGuides>SheriffCSMDocumentation>DeploymentGuide>PluginManagement>ConfigureLogForwardingOnCommonlyUsedDataSources>CiscoMeraki (05 Jul 2022, SheriffCyberSecurity)Edit Attach
Up
Previous Next

Sheriff CSM™

Cisco Meraki

When you configure Cisco Meraki to send log data to Sheriff CSM, you can use the Cisco Meraki plugin to translate raw log data into normalized events for analysis. The table below provides some basic information for the plugin:

Plugin Information
DeviceDetails
Vendor Cisco
Device Type Wireless Access Point
Connection Type Syslog
Data Source Name Cisco Meraki
Data Source ID 1695

Integrating Cisco Meraki

To configure Cisco Meraki to send log data to Sheriff CSM.
  1. Open your Meraki dashboard.

  2. Select a device.

  3. Select Alerts & Administration.

  4. Scroll down to the Logging section and click Add a syslog server.

  5. Type the IP address of your Sheriff CSM Sensor (Deputy).

  6. Type port number 514.

  7. Choose which types of events to export:

    • Event Log —The messages from the dashboard under Monitor > Event Log.
    • Flows — Inbound and outbound traffic flow-generated syslog messages that include the source, destination, and port numbers.
    • URL— HTTP GET requests generating syslog entries.
Note: You can direct each type of traffic to a different syslog server.

Plugin Enablement

For plugin enablement information, see Enable Plugins.

Additional Resources and Troubleshooting

https://documentation.meraki.com/zGeneral_Administration/Monitoring_and_Reporting/Syslog_Server_Overview_and_Configuration

For troubleshooting, refer to the vendor documentation:

https://documentation.meraki.com/Special:Search?path=&q=Troubleshooting
Edit  | Attach | Print version | History: r9 < r8 < r7 < r6 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r9 - 05 Jul 2022, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.