Event logs and content filter for 1 year inquiryt

johnnyngena
Getting noticed

Event logs and content filter for 1 year inquiryt

Friends, customer requesting event logs and web content filtering reports for minimum of one year.  Here's the verbiage they provide for content reports: 

 

"For web content filtering, it must allow to display reports from the same solution (online) and generate reports in real time and historical, with a minimum period of one (1) year."

 

What solutions can we have offer or propose?  Any caveats?

6 REPLIES 6
AjitKumar
Head in the Cloud

Hi @johnnyngena 

 

What are your thoughts on "syslog" service.

https://documentation.meraki.com/zGeneral_Administration/Monitoring_and_Reporting/Syslog_Server_Over...

 

Regards,
Ajit
AjitsNW@gmail.com
www.ajit.network

Thank you.  What about the web content historical reports for one year?  Can that be done?

DJDonovan
Meraki Alumni (Retired)

Hi Johnnyngena,

 

You can tell your MX appliance to export URL logging via Syslog by assigning the "URLs" role in the Dashboard Syslog configuration. 

 

This section of the documentation details what the Syslog entry will be formatted as:
https://documentation.meraki.com/General_Administration/Monitoring_and_Reporting/Syslog_Server_Overv...

It will look like this in the Dashboard configuration: 

SyslogURLs.PNG

 

 

Additionally, you can also set up Netflow reporting as well, per the following documentation: 

https://documentation.meraki.com/MX/Monitoring_and_Reporting/NetFlow_Overview

Both Syslog URL reporting and Netflow reporting will allow logging up to a year.

 

-Donovan

~~If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.~~

The Meraki ECMS exam is now live! Test your knowledge of Meraki and become an official Cisco Meraki Solutions Specialist. More info on the ECMS exam found here.

For information regarding all of Meraki's training offerings, be sure to check out the Meraki Learning Hub.

DJDonovan, thank you, so how can one retrieve the URL logs once they are stored?  Is there a software or a way we recommend?

DJDonovan
Meraki Alumni (Retired)

Hey Johnnyngena!

 

The Meraki Dashboard reports content filtering event logs (among others) in the Network Wide -> Event Log on the dashboard. Events are stored in this log for up to 3 months. If extended historical logging is necessary, you will need to implement a Syslog server and have your Meraki hardware export to it. This will allow you to store events beyond 3 months. 

 

Documentation on setting up reporting to a Syslog server can be found here: 
https://documentation.meraki.com/zGeneral_Administration/Monitoring_and_Reporting/Syslog_Server_Over...

Let me know if you have any other questions!

 

-Donovan

~~If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.~~

The Meraki ECMS exam is now live! Test your knowledge of Meraki and become an official Cisco Meraki Solutions Specialist. More info on the ECMS exam found here.

For information regarding all of Meraki's training offerings, be sure to check out the Meraki Learning Hub.
UCcert
Kind of a big deal

As above, syslog is your friend here.

Darren O'Connor | uccert.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels