Meraki

Community

Getting unexpected syslogs when pulled through API

Tejasree
New here
3 weeks ago
3 weeks ago

Getting unexpected syslogs when pulled through API

Hello,

 

We have a 24x7 monitoring system which collects data every 5 minutes from the Cisco Meraki API. Since we start using the API we noticed that logs we are getting into console doesn't have any useful information . we can't even parse any of the data.

Could you please help - what could be the reasons for this? Are there any limitations while using API?

0 Kudos
3 Replies 3
Mloraditch
Head in the Cloud
3 weeks ago
3 weeks ago

Can you provide a sanitized example of what you are seeing and what api calls you are using?

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
Tejasree
New here
3 weeks ago
3 weeks ago

{"occurredAt":"2025-01-29T13:36:15.053843Z","networkId":"x","type":"disassociation","description":"802.11 disassociation","clientId":"x","clientDescription":"x","deviceSerial":"x","deviceName":"x","eventData":{"radio":"0","vap":"0","client_mac":"x","band":"2","channel":"6","reason":"3","da_vendor":"none","instigator":"1","duration":"136.504767031","auth_neg_dur":"0.013293281","last_auth_ago":"136.490676354","is_8021x":"1","full_conn":"x","ip_resp":"x","ip_src":"x","arp_resp":"x","arp_src":"x","dns_server":"x","dns_req_rtt":"x","dns_resp":"x","aid":"x"}}


Hello, these are type of logs/format we are seeing on the SIEM Console . We have very limited info about API Calls. Client themselves has done the configuration.


However, they have followed the instructions provided.
Link: https://docs.rapid7.com/insightidr/cisco-meraki/#problems-with-log-configuration.

Sorry,If I didn't provide a clear explanation.Let me know. I'm new here.

0 Kudos
In response to Tejasree
Mloraditch
Head in the Cloud
3 weeks ago
3 weeks ago

Those look like valid logs. If your system isn't parsing them properly you would have to take that up with them.  The only note I see on that page about formats says timestamps are required and the entry above does have that.

I will point out that documentation page is for Firewalls and doesn't mention any compatibility with wireless or switch logs. The example you've provided is wireless.  The system may not support things besides firewalls.

 

In general, Meraki doesn't offer formatting options for their syslogs so your tool has to be the one translating them into something user friendly.


If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.