Cisco Meraki Cloud Management
Version: Cisco Meraki Cloud Management.
Cisco Meraki cloud-based management provides centralized visibility and control over Meraki’s wired & wireless networking hardware, without the complexity of wireless controllers or overlay management systems. Integrated with Meraki’s entire product portfolio, cloud management provides feature rich, scalable, and intuitive centralized management for networks of any size.
Netsurion Open XDR manages logs from Cisco Meraki Cloud Management. The alerts, reports, dashboard, and saved searches in Netsurion Open XDR are enhanced by capturing important and critical activities of Cisco Meraki Cloud Management.
The following are the key Data Source Integration available in Netsurion Open XDR.
Alerts
| Type | Name | Description |
|---|---|---|
| Security | Cisco Meraki CM – Authentication failure | Generated whenever a failure to connect to the AD server is detected in Meraki. |
| Security | Cisco Meraki CM – Wireless attack detected | Generated whenever a suspicious wireless attack is detected in Meraki. |
| Security | Cisco Meraki CM – Rogue DHCP detected | Generated whenever rogue DHCP is detected in Meraki. |
| Security | Cisco Meraki CM – Switch loop detected | Generated whenever a loop on switch is detected in Meraki. |
| Security | Cisco Meraki CM – Switch mac flap detected | Generated whenever a MAC flap on switch is detected in Meraki. |
| Security | Cisco Meraki CM – Content filtering blocked URL | Generated whenever a URL is blocked by content filtering in Meraki. |
| Security | Cisco Meraki CM – Intrusion detection rules update | Generated whenever an update is made to intrusion detection rules in Meraki. |
| Security | Cisco Meraki CM – VPN registry status changed | Generated whenever a VPN Registry status is changed in Meraki. |
| Security | Cisco Meraki CM – Wireless packet flood detected | Generated whenever a packet flood on wireless is detected in Meraki. |
| Compliance | Cisco Meraki CM – Wireless multiple DHCP servers detected | Generated whenever a multiple DHCP servers on wireless is detected in Meraki. |
Reports
| Type | Name | Description |
| Security | Cisco Meraki CM – Login activities | Provides information about all the authentication activities in Meraki. |
| Security | Cisco Meraki CM – DHCP activities | Provides information about all DHCP activities. |
| Security | Cisco Meraki CM – Intrusion detection activities | Provides information about intrusion detection activities. |
| Security | Cisco Meraki CM – Content filtering blocked URL | Provides information about blocked content filtering activities. |
| Compliance | Cisco Meraki CM – WiFi authentication activities | Provides information about all WPA authentications. |
| Operational | Cisco Meraki CM – VPN connection activities | Provides information about all VPN connection activities. |
| Operational | Cisco Meraki CM – Port role change actions | Provides information about port role change. |
| Operational | Cisco Meraki CM – Device activities | Provides information about the Meraki’s Enterprise Mobility Management. |
Dashboards
| Type | Name | Description |
|---|---|---|
| Security | Cisco Meraki CM – Content blocking by filter | Displays the device blocked by content filter. |
| Compliance | Cisco Meraki CM – Authentication activities | Displays the authentication activities. |
| Compliance | Cisco Meraki CM – WiFi authorization actions | Displays the WiFi authorization actions. |
| Compliance | Cisco Meraki CM – 802.1x associated actions | Displays the associated actions. |
| Operations | Cisco Meraki CM – VPN Activities | Displays the VPN activities. |
| Operational | Cisco Meraki CM – Port role change activities by port number | Displays the port change activities. |
| Operational | Cisco Meraki CM – Events by device type | Displays the events by device type. |
Saved Searches
| Type | Name | Description |
| Security | Cisco Meraki CM – DHCP activities | Provides information about all DHCP activities. |
| Security | Cisco Meraki CM – Intrusion detection activities | Provides information about intrusion detection activities. |
| Security | Cisco Meraki CM – Content blocked by filter | Provides information about blocked content filtering activities. |
| Security | Cisco Meraki CM – Device activities | Provides information about the Meraki’s Enterprise Mobility Management. |
| Compliance | Cisco Meraki CM – Authentication activities | Provides information about all the authentication failures detected in Meraki |
| Compliance | Cisco Meraki CM – WiFi authentication activities | Provides information about all the WPA deauthentications detected in Meraki. |
| Operational | Cisco Meraki CM – VPN connection activities | Provides information about all VPN connection activities. |
| Operational | Cisco Meraki CM – Port role changes | Provides information about port role changes. |
| Operational | Cisco Meraki CM – WiFi association activities | Provides information about all WPA association and disassociation activities. |
Documentation
The configuration details are consistent with Netsurion Open XDR 9.3 and later, and Cisco Meraki Cloud Management.
Download the Integration Guide for configuration instructions and more information.