Scanning API vs Location Analytics and mac hashing

rinatio
Conversationalist

Scanning API vs Location Analytics and mac hashing

Could you please clarify few questions:

 

1. What is a difference between Scanning API and Analytics dropdowns on "Location and Scananing" settings page. If I disable "Analytics" and enable "Scannig API" what would happen, and vice versa?

2. On this page: https://create.meraki.io/build/scanning-api-docs/ under "Location and Privacy" you mention that you use mac hashing and still send the raw mac address to Scanning API Post URL. Is it possible to add a flag to send a hashed version of mac address there too, because some of our customers in Europe have concerns regarding GDPR and would rather control mac hashing from Cisco Dashboard (it is related to this question i asked before but limited to Scanning API scope: https://community.meraki.com/t5/Dashboard-Administration/Hiding-clients-mac-address-in-API-response/...)

3. Do you provide that hashing method for mac addresses as a library or code example that we could use as a reference?

4. Do you send any data to Demo accounts Scanning API Post URL?

4 Replies 4
PhilipDAth
Kind of a big deal
Kind of a big deal

1. Enabling the "Scanning API" allows Meraki to send location data to a server you have setup, so you can collect/analyze the data yourself.

https://documentation.meraki.com/MR/Monitoring_and_Reporting/Scanning_API

 

The anayltics is what you see in the dashboard under Organization/Location Analytics.

 

2. I don't think you can only get a hash of the MAC address.  I'm not sure that really addresses GPDR either - since you are still using a unique identifier for each individual.  You can read how to address GPDR compliance here:

https://meraki.cisco.com/gdpr

There is some kind of opt-out system for end users as well.

 

4. If you sign up as a developer at create.meraki.io you can get a sandbox account.  Note that if you are an IT professional and attend selected webinars you can often get an AP for free.

https://meraki.cisco.com/webinars

rinatio
Conversationalist

Thank you!

 

1. Meaning if someone disable Analytics he simply won't see the "Location Analytics" on dashboard and Scanning API will still work (if Scanning API is enabled)?

2. It is better than plain MAC addresses even though it is still pseudo-unique because you won't be able to associate it to someone else given same MAC address appears on different Cisco Meraki account (if hashing takes into account the AP or customer ID)

3. Do you have some reference hashing implementation in Github for example?

4. I have a Demo account in Meraki, but it does not send any data to Scanning API Post URL. Does it create a different type of account on  create.meraki.io, because I wasn't able to find any other sandbox account.

 

Thank you for the webinar and free AP note, we'll see if we can attend it!

 

 

JVL
Conversationalist

Hi,

 

Did you have any answer for 3. ?

 

The Meraki example is the following

client MAC is 11:22:33:44:55:66

org secret is t3lrdd

least significant 4 bytes of SHA1(112233445566t3Irdd) = 0x0e456406

 

But when I try that myself, I don't find the same :

SHA1(112233445566t3Irdd)=f552bfdca00b431eb0362ee5f638f0572c97475f

least significant 4 bytes : 2c97475f

 

Any idea on how to find 0e456406 ?

rinatio
Conversationalist

Hi @JVL. No, I haven't got further details

Get notified when there are additional replies to this discussion.