Does anyone know how to get the IDS/AMP events inside the security center show up on with Syslog integrations? For whatever reason we are not seeing these events in our SYSLOG integration, or under event viewer. You would think this information would be part of the Syslog integration and also show up in the event logs but we are not seeing it in either section.
Yes we did, based on documentation Meraki should be sending over IDS/AMP events. We have some, but the security team is saying they are getting everything except that. I am going to explore with them if the issue is on their side and report back.