Meraki

Community

MX Firewall Log Tool

Brash
Kind of a big deal
Kind of a big deal
‎Oct 19 2023 3:05 PM
‎Oct 19 2023 3:05 PM

MX Firewall Log Tool

Just noticed this appear today under the "Tools" section of the MX.

 

Brash_0-1697752938516.png

 

 

 

I assume this is what the 18.2 feature addition is.

I'm only running 17.10.6 so probably why I wasn't getting any hits when trying it out.

10 Replies 10
BlakeRichardson
Kind of a big deal
Kind of a big deal
‎Oct 19 2023 3:25 PM
‎Oct 19 2023 3:25 PM

Well spotted. Perhaps the next Community contest needs to be spot the unannounced feature @AmyReyes 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
RaphaelL
Kind of a big deal
Kind of a big deal
‎Oct 19 2023 3:37 PM
‎Oct 19 2023 3:37 PM

Kinda weird that I keep seeing L7 logs when I don't even have any L7 rules enabled 

 

RaphaelL_0-1697754968209.pngRaphaelL_1-1697755014562.png

 

 

Not perfect but a nice start !

In response to RaphaelL
RaphaelL
Kind of a big deal
Kind of a big deal
‎Oct 19 2023 3:49 PM
‎Oct 19 2023 3:49 PM

Well it is documented and expected : https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/Firewall_Logging?mt-draft=true#

 

A small addition would be from the Network-wide -> Clients you could directly select a client , press : view live logs and it would redirect to the live tool and fill the clients info for you.

 

Something like that : 

RaphaelL_0-1697755755537.png

 

In response to RaphaelL
Brash
Kind of a big deal
Kind of a big deal
‎Oct 19 2023 3:49 PM
‎Oct 19 2023 3:49 PM

Yep, I wouldn't call it completely polished but gosh it's nice to have.

I'm guessing the idea is that it will tell you for each flow which L3 and L7 rule you're 'hitting', even if you're not actually hitting one (eg just default in your case). At least it avoids any ambiguity.

Have you already upgraded the above appliance to 18.2?

0 Kudos
In response to Brash
RaphaelL
Kind of a big deal
Kind of a big deal
‎Oct 19 2023 3:58 PM
‎Oct 19 2023 3:58 PM

Yep running MX18.205 on my home network. 

 

Having a filter for L3/L7 would be cool too ! 

In response to RaphaelL
iores
Getting noticed
3 weeks ago
3 weeks ago

Does firewall logging tool shows only outbound traffic? No inbound?

0 Kudos
Ryan_Miles
Meraki Employee All-Star Meraki Employee All-Star
Meraki Employee All-Star
‎Oct 19 2023 5:15 PM
‎Oct 19 2023 5:15 PM

Yes it requires 18.2 and it shouldn't even show unless a MX is running 18.2. Known issue and being worked on.

Colin_K
Conversationalist
a week ago
a week ago

There is nothing in the Meraki document that mentions what the Rule # variables are. 

 

In the document it shows vap:4, what and where is this?

 

I have one that passes with "group:104". I've looked at Group Policies, not there. What and where is this defined?

0 Kudos
AlexP
Meraki Employee
Meraki Employee
Tuesday
Tuesday

vap:4 would be on a Z or wireless MX SSID, specifically the 4th one.

 

Groups have IDs that index from 100, so 104 would be your 5th defined policy - if you go to edit one, you'll see groups/###/edit in the URL, and that corresponds to what it will be logged as a source.

In response to AlexP
Colin_K
Conversationalist
Wednesday
Wednesday

Thanks. Yes, I've found it.

 

Suggested improvement would be to have Group ID in the Group policies list.

 

 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2026 Cisco Systems, Inc.