Hi Blake,
I appreciate your reply. Unfortunately, if you're talking about the link that takes me to Snort, its not very helpful --
https://snort.org/rule_docs/1-39362
Additional, it doesn't tell me the actual endpoint. I'm only seeing my own Access Point. Per Meraki themselves -- Hi,
If the device is connected to a NAT mode SSID which it looks like it is, there is no way to know what specific device generated that alert.
But that doesn't sound totally right. I'm not sure why I wouldn't be able to see the "offending" device beyond the AP.