Meraki

Kyojuro · ‎Mar 14 2022

Hello,

Can anyone help me understand how to use this function in Meraki AMP?

Meraki states " For files, javascripts, and other objects that are not URLs, the MX appliance assigns a unique ID. You can see the blocked items in the Event log page. By entering the ID of the object you want to allow in the Allow list files section you can instruct the appliance to allow the detected signature, even if the URL is different."

I'm looking in the Event Log Page of the dashboard for any kind of Object ID and I'm not seeing anything like that. Is there somewhere else I should be looking? Seems like there aren't any tutorials for this on the web either.

Thank you.

PhilipDAth · ‎Mar 14 2022

Actually, it is in the main event log. Try filtering on blocked files to see only those events.

View solution in original post

ww · ‎Mar 14 2022

if you dont have any hits you cant see them and not allow them

PhilipDAth · ‎Mar 14 2022

If it is not there, try looking under:

Security & SD-WAN/Security Centre/MX Events

PhilipDAth · ‎Mar 14 2022

Actually, it is in the main event log. Try filtering on blocked files to see only those events.

Meraki

Community

Threat Protection Allow list files

Threat Protection Allow list files

Content Filtering and Threat Protection through Meraki Client VPN (L2TP/IPs...

Threat Protection > Protected Networks - How populated?

Threats

DNS Protection

IPS / AMP Autocad file corruption