Meraki

Community

XDR or SPLUNK integration with SOC

AYEN
Getting noticed
2 weeks ago
2 weeks ago

XDR or SPLUNK integration with SOC

Hi,

   I started studying XDR and Splunk solution in cisco meraki but i can't visualize how to integrate these solution with SOC server for their visibility. Can anyone tell me where the SOC server should connect. These is to visualize hows the flow of that solution.

0 Kudos
2 Replies 2
alemabrahao
Kind of a big deal
Kind of a big deal
2 weeks ago
2 weeks ago

Splunk is for visibility, dashboards, and alerts.
The XDR Platform is for incident response, threat intelligence, and correlation. Optionally, the Merak Dashboard/API is for direct device visibility or configuration.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
PhilipDAth
Kind of a big deal
Kind of a big deal
2 weeks ago
2 weeks ago

I'm not completely sure of your question.

 

You can use the Cisco Meraki Add-on for Splunk.

https://splunkbase.splunk.com/app/5580

You can also use Splunk Connect for Syslog.

https://splunkbase.splunk.com/app/4740

 

 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
© 2025 Cisco Systems, Inc.