Cisco Meraki Cloud Management

Version: Cisco Meraki Cloud Management.

Cisco Meraki cloud-based management provides centralized visibility and control over Meraki’s wired & wireless networking hardware, without the complexity of wireless controllers or overlay management systems. Integrated with Meraki’s entire product portfolio, cloud management provides feature rich, scalable, and intuitive centralized management for networks of any size.

Netsurion Open XDR manages logs from Cisco Meraki Cloud Management. The alerts, reports, dashboard, and saved searches in Netsurion Open XDR are enhanced by capturing important and critical activities of Cisco Meraki Cloud Management.

The following are the key Data Source Integration available in Netsurion Open XDR.

Alerts

TypeNameDescription
SecurityCisco Meraki CM – Authentication failureGenerated whenever a failure to connect to the AD server is detected in Meraki.
SecurityCisco Meraki CM – Wireless attack detectedGenerated whenever a suspicious wireless attack is detected in Meraki.
SecurityCisco Meraki CM – Rogue DHCP detectedGenerated whenever rogue DHCP is detected in Meraki.
SecurityCisco Meraki CM – Switch loop detectedGenerated whenever a loop on switch is detected in Meraki.
SecurityCisco Meraki CM – Switch mac flap detectedGenerated whenever a MAC flap on switch is detected in Meraki.
SecurityCisco Meraki CM – Content filtering blocked URLGenerated whenever a URL is blocked by content filtering in Meraki.
SecurityCisco Meraki CM – Intrusion detection rules updateGenerated whenever an update is made to intrusion detection rules in Meraki.
SecurityCisco Meraki CM – VPN registry status changedGenerated whenever a VPN Registry status is changed in Meraki.
SecurityCisco Meraki CM – Wireless packet flood detectedGenerated whenever a packet flood on wireless is detected in Meraki.
ComplianceCisco Meraki CM – Wireless multiple DHCP servers detectedGenerated whenever a multiple DHCP servers on wireless is detected in Meraki.

Reports

TypeNameDescription
SecurityCisco Meraki CM – Login activitiesProvides information about all the authentication activities in Meraki.
SecurityCisco Meraki CM – DHCP activitiesProvides information about all DHCP activities.
SecurityCisco Meraki CM – Intrusion detection activitiesProvides information about intrusion detection activities.
SecurityCisco Meraki CM – Content filtering blocked URLProvides information about blocked content filtering activities.
ComplianceCisco Meraki CM – WiFi authentication activitiesProvides information about all WPA authentications.
OperationalCisco Meraki CM – VPN connection activitiesProvides information about all VPN connection activities.
OperationalCisco Meraki CM – Port role change actionsProvides information about port role change.
OperationalCisco Meraki CM – Device activitiesProvides information about the Meraki’s Enterprise Mobility Management.

Dashboards

TypeNameDescription
SecurityCisco Meraki CM – Content blocking by filterDisplays the device blocked by content filter.
ComplianceCisco Meraki CM – Authentication activitiesDisplays the authentication activities.
ComplianceCisco Meraki CM – WiFi authorization actionsDisplays the WiFi authorization actions.
ComplianceCisco Meraki CM – 802.1x associated actionsDisplays the associated actions.
OperationsCisco Meraki CM – VPN ActivitiesDisplays the VPN activities.
OperationalCisco Meraki CM – Port role change activities by port numberDisplays the port change activities.
OperationalCisco Meraki CM – Events by device typeDisplays the events by device type.

Saved Searches

TypeNameDescription
SecurityCisco Meraki CM – DHCP activitiesProvides information about all DHCP activities.
SecurityCisco Meraki CM – Intrusion detection activitiesProvides information about intrusion detection activities.
SecurityCisco Meraki CM – Content blocked by filterProvides information about blocked content filtering activities.
SecurityCisco Meraki CM – Device activitiesProvides information about the Meraki’s Enterprise Mobility Management.
ComplianceCisco Meraki CM – Authentication activitiesProvides information about all the authentication failures detected in Meraki
ComplianceCisco Meraki CM – WiFi authentication activitiesProvides information about all the WPA deauthentications detected in Meraki.
OperationalCisco Meraki CM – VPN connection activitiesProvides information about all VPN connection activities.
OperationalCisco Meraki CM – Port role changesProvides information about port role changes.
OperationalCisco Meraki CM – WiFi association activitiesProvides information about all WPA association and disassociation activities.

Documentation

The configuration details are consistent with Netsurion Open XDR 9.3 and later, and Cisco Meraki Cloud Management.

Download the Integration Guide for configuration instructions and more information.