cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Trigger Meraki alerts

Comes here often

Trigger Meraki alerts

Hi,

 

I am working on integrating Mearki alerts (using webhook) with ITSM. To test the functionality I like to test each alerts and see how it reflect in ITSM. Is there any scripts/tool I can use to trigger the alerts specially udldError, malwareDetected, malwareBlocked, portCableError and rougueDHCPServer. I am able to trigger them manually it's really time consuming and I can't do it remotely.

 

Thanks

Fakrul.

6 REPLIES 6
Kind of a big deal

Re: Trigger Meraki alerts

I suppose you already know that you can trigger AMP using the EICAR samples (eicar.org).

 

For rogue DHCP you could just run an open source DHCP server. Tftpd comes to mind.

 

But you can't do that remotely indeed. Unless you can access a client remotely. And I wouldn't do the DHCP test on a production network.

Comes here often

Re: Trigger Meraki alerts

Yes i was able to use EICAR to check malwereBlocked alert. Regarding DHCP I am alwaya getting newDHCPDetected not the rogueDHCP one. Not sure for which scenario rogueDHCP alerts trigger. 

Kind of a big deal

Re: Trigger Meraki alerts

I haven't tested with it, but is the DHCP server you added handing out addresses in the same range as the MX is?

Kind of a big deal

Re: Trigger Meraki alerts

>Is there any scripts/tool I can use to trigger the alerts

 

No.

Kind of a big deal

Re: Trigger Meraki alerts

@FakrulAlamDA  I would imagine a rogue DHCP alert would come when a subnet has a second DHCP server added onto it. 

Meraki CMNO, Ruckus WISE, Sonicwall CSSA, Allied Telesis CASE & CAI
Comes here often

Re: Trigger Meraki alerts

I have tried putting a new DHCP server (advertising the same prefixes) but still getting NewDHCPservcerdetected alert.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.