Syslog config - daft question

GavinMcMenemy
Building a reputation

Syslog config - daft question

Hi,

 

I've been all over the documentation looking for an asnwer to this (simple?) question.

I'm interested in seeing what logging our MR and MS devices generate.

I go to Network > General > Syslog > Reporting > Syslog server and I see that one of the options is to set the role.

One of the roles is "Windows Event Log".

What does this do?

Does this direct the devices to send to the IP address in Windows Event Log format? (a la WEF?)

Apologies if this is daft question but as far as I can tell the docs just tell us we can define the IP and role. It doesn't actually tell me what the device will send.

 

4 Replies 4
BrandonS
Kind of a big deal

I don't see that option.  Can you share a screenshot?

- Ex community all-star (⌐⊙_⊙)
jdsilva
Kind of a big deal

I don't see that option either, but based on the choices I do see, I'm assuming that it's about what logs it's exporting, not the format they're being exported in. If you have a "Windows Event Logs" option then that would export the Event Log from the dashboard to syslog (Found under Network wide > Event Log). Is the Windows Event Log something related to System Manager? 

 

image.png

Capbridge
Conversationalist

These could be the events that are generated by the windows, Meraki provides you with the medium to log the windows events to your syslog server. I assume they could be similar to the events that you see in the event viewer. The clients would be the ones that are connected to your MS appliances.

The MX Security Appliance supports sending four categories of messages/roles: Event Log, IDS Alerts, URLs, and Flows.  MR access points can send the same roles with the exception of IDS alerts. MS switches currently only support Event Log messages. 

I cant see that option either, your not confusing it with Wireless event log are you?

Get notified when there are additional replies to this discussion.