Cloud controlled WiFi, routing, and security.
Cisco Meraki
This pack includes Cortex XSIAM content.
Configuration on Server Side
This section describes the configuration steps required on the Cisco Meraki dashboard to forward requested event logs to Cortex XSIAM Broker VM via syslog.
- Log in to the Cisco Meraki dashboard.
- Navigate to the network which you want to configure syslog forwarding for.
- Go to Network-wide → Configure → General.
- Click the Add a syslog server link to define a new server entry for the Cortex XSIAM Broker VM syslog server, and fill in the following parameters:
Parameter |
Value
|
Server IP |
The IP address of the target Cortex XSIAM Broker VM syslog server.
|
Port |
The port number that the target Cortex XSIAM Broker VM syslog server is configured to listen on for receiving event logs from Cisco Meraki.
|
Roles |
Select the requested event types that should be forwarded to Cortex XSIAM. |
- Click Save to apply the changes.
|
|
|
|
For additional details, see Cisco Meraki syslog server overview and configuration. |
|
Collect Events from Vendor
In order to use the collector, use the Broker VM option.
Broker VM
You will need to use the information described here.
You can configure the specific vendor and product for this instance.
- Navigate to Settings → Configuration → Data Broker → Broker VMs.
- Right-click, and select Syslog Collector → Configure.
- When configuring the Syslog Collector, set the following parameters:
| Parameter | Value
| :--- | :---
| Protocol
| Select UDP.
| Port
| Should be aligned with the port defined in the Cisco Meraki Dashboard as described in the Configuration on Server Side section above.
| Format
| Select Auto-Detect.
| Vendor
| Enter Cisco.
| Product
| Enter Meraki.
Cisco Meraki
This pack includes Cortex XSIAM content.
Configuration on Server Side
This section describes the configuration steps required on the Cisco Meraki dashboard to forward requested event logs to Cortex XSIAM Broker VM via syslog.
- Log in to the Cisco Meraki dashboard.
- Navigate to the network which you want to configure syslog forwarding for.
- Go to Network-wide → Configure → General.
- Click the Add a syslog server link to define a new server entry for the Cortex XSIAM Broker VM syslog server, and fill in the following parameters:
Parameter |
Value
|
Server IP |
The IP address of the target Cortex XSIAM Broker VM syslog server.
|
Port |
The port number that the target Cortex XSIAM Broker VM syslog server is configured to listen on for receiving event logs from Cisco Meraki.
|
Roles |
Select the requested event types that should be forwarded to Cortex XSIAM. |
- Click Save to apply the changes.
|
|
|
|
For additional details, see Cisco Meraki syslog server overview and configuration. |
|
Collect Events from Vendor
In order to use the collector, use the Broker VM option.
Broker VM
You will need to use the information described here.
You can configure the specific vendor and product for this instance.
- Navigate to Settings → Configuration → Data Broker → Broker VMs.
- Right-click, and select Syslog Collector → Configure.
- When configuring the Syslog Collector, set the following parameters:
| Parameter | Value
| :--- | :---
| Protocol
| Select UDP.
| Port
| Should be aligned with the port defined in the Cisco Meraki Dashboard as described in the Configuration on Server Side section above.
| Format
| Select Auto-Detect.
| Vendor
| Enter Cisco.
| Product
| Enter Meraki.