Meraki

Community

Security Centre has never shown any logs

Solved
StarBlink
Here to help
‎Nov 17 2023 5:33 AM
‎Nov 17 2023 5:33 AM

Security Centre has never shown any logs

I have AMP and IDS enabled (MX85) however I have never seen a single log in the security centre for three years! Support desk have not given any solution they just say try disabling and re-enabling these features but it never works.

 

Any ideas why I am not seeing any logs for this?

Labels:
0 Kudos
1 Accepted Solution
alemabrahao
Kind of a big deal
Kind of a big deal
‎Nov 17 2023 6:11 AM
‎Nov 17 2023 6:11 AM

@StarBlink ,

 

Try enabling all filters.

 

alemabrahao_0-1700230264177.png

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

5 Replies 5
ConnorL
Meraki Employee
Meraki Employee
‎Nov 17 2023 5:56 AM
‎Nov 17 2023 5:56 AM

Hey @StarBlink ,

 

Do you see any events if you run some DNS lookups on a downstream client to any .top domain? E.g. test[dot]top. 

If not, please update your case so Support is aware and then can triage on their end.

 

Cheers,

 

Connor

In response to ConnorL
RaphaelL
Kind of a big deal
Kind of a big deal
‎Nov 17 2023 6:16 AM
‎Nov 17 2023 6:16 AM

That test will only trigger an alert if the ruleset is set to Security if I'm not mistaken. 

 

Also what ruleset are you running at the moment ? ( Connectivity , Balanced , Security ( the highest ))

In response to RaphaelL
StarBlink
Here to help
‎Nov 17 2023 7:12 AM
‎Nov 17 2023 7:12 AM

Balanced yes. OK makes sense now... 

0 Kudos
alemabrahao
Kind of a big deal
Kind of a big deal
‎Nov 17 2023 6:11 AM
‎Nov 17 2023 6:11 AM

@StarBlink ,

 

Try enabling all filters.

 

alemabrahao_0-1700230264177.png

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
StarBlink
Here to help
‎Nov 17 2023 7:02 AM
‎Nov 17 2023 7:02 AM

Thats done it. Thanks

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.