Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Event logs not to be missed

trendkill
Here to help
‎Feb 27 2023 11:36 PM
‎Feb 27 2023 11:36 PM

Event logs not to be missed

Hi Fam, 

 

I trying to build a script which would notify me for any specific events occurred in a network. Any suggestions what event logs i should be looking for. I have a full stack meraki env with MX, MS & MR. i would like to avoid the the events which we already get notified with the meraki internal alerts. 

 

Thanks.

 

 

0 Kudos
Subscribe
5 Replies 5
sungod
Head in the Cloud
‎Feb 28 2023 12:51 AM
‎Feb 28 2023 12:51 AM

Is this real time? For that I'd say look at webhooks, syslog, snmp, netflow etc. plus Dashboard's native alerts, to see what you can get with each, the common factor is you need to operate server(s) to accept the incoming events.

https://documentation.meraki.com/General_Administration/Monitoring_and_Reporting/Meraki_Device_Repor...

 

Which one(s) to use depend on what you are trying to do.

 

If not real time, there are specific API calls for events and security events.

 

https://developer.cisco.com/meraki/api-v1/#!get-network-events is not ideal as there's no option to specify start-end times, you get the lot, but they seem to be returned most recent first so you can stop calling once you have gone back far enough. There's great variability in return data depending on event type, these aren't documented, you need to gather samples and figure out how to handle the ones you are interested it.

 

https://developer.cisco.com/meraki/api-v1/#!get-network-events-event-types gives you the possible event types for a network.

 

For security events...

https://developer.cisco.com/meraki/api-v1/#!get-organization-appliance-security-events

https://developer.cisco.com/meraki/api-v1/#!get-network-appliance-security-events

 

Subscribe
In response to sungod
JasonM
Meraki Employee
Meraki Employee
‎Feb 28 2023 8:30 AM
‎Feb 28 2023 8:30 AM

@sungod wrote:

webhooks, syslog, snmp, netflow

Love the callout for all the integration points. +1 on this answer.

0 Kudos
Subscribe
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 28 2023 5:29 AM
‎Feb 28 2023 5:29 AM

Why don't you use Zabbix to monitor your network? It's a powerful tool.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Subscribe
In response to alemabrahao
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 28 2023 12:07 PM
‎Feb 28 2023 12:07 PM

I haven't personally used it, but I understand Pager Duty has good Meraki webhook support as well (in case you want a commercial solution).

https://www.pagerduty.com/ 

Subscribe
In response to PhilipDAth
yujiterada
Meraki Employee
Meraki Employee
‎Feb 28 2023 4:49 PM
‎Feb 28 2023 4:49 PM

I agree with PagerDuty. Very simple to catch trends and filter out unnecessary alerts.

Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.