cancel
Showing results for 
Search instead for 
Did you mean: 

Cisco Meraki MX Integration with SIEM

SOLVED
BS
Here to help

Cisco Meraki MX Integration with SIEM

Hi All,

 

I'm looking for some documentation or your inputs on SIEM integration with Meraki MX products.

Is there any specific requirements? is it possible ?  anyone using it?

 

Regards

BS

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Head in the Cloud

Re: Cisco Meraki MX Integration with SIEM

Well not many options to choose from, but I just figured the wireless event log for example is probably not relevant to what he is looking for.  =)

 

Untitled.jpg

Nolan Herring | nolanwifi.com
TwitterLinkedIn
7 REPLIES
Head in the Cloud

Re: Cisco Meraki MX Integration with SIEM

The only thing I know of is using syslog for security/IDS events to a 3rd party SIEM collector.
Nolan Herring | nolanwifi.com
TwitterLinkedIn
BS
Here to help

Re: Cisco Meraki MX Integration with SIEM

Thanks Nolan

Is it just pointing to the SIEM IP address?
Head in the Cloud

Re: Cisco Meraki MX Integration with SIEM

Far as I know yes, just the IP address via syslog option. Just filter the syslog to only send IDS
Nolan Herring | nolanwifi.com
TwitterLinkedIn
Kind of a big deal

Re: Cisco Meraki MX Integration with SIEM

IMO I wouldn't filter the Syslog form the MX. All that flow data can be ingested by a SIEM as well. If it was me I'd send everything available. 

Highlighted
Head in the Cloud

Re: Cisco Meraki MX Integration with SIEM

Well not many options to choose from, but I just figured the wireless event log for example is probably not relevant to what he is looking for.  =)

 

Untitled.jpg

Nolan Herring | nolanwifi.com
TwitterLinkedIn
Kind of a big deal

Re: Cisco Meraki MX Integration with SIEM

@NolanHerring Wireless logs aren't available from an MX. You must be looking at a combined network Smiley Happy

Head in the Cloud

Re: Cisco Meraki MX Integration with SIEM

Oh I am. Good point =)
Nolan Herring | nolanwifi.com
TwitterLinkedIn