syslog messages delivered by webhook

Solved
Shaun1387
Getting noticed

syslog messages delivered by webhook

Hi All,

 

I had read somewhere in the Meraki documentation (which i cant seem to find again...) that syslog events should also be sent as Webhooks.

 

Can anyone confirm that this is possible (or not!) as i cant get it to work, and i cant see any obvious switches or places where it would be configured.

 

This is for an MX running 16.16.4 code.

 

Cheers All !

Shaun

 

1 Accepted Solution
GreenMan
Meraki Employee
Meraki Employee

To my knowledge we've never had that capability.    Most customers would simply use syslog directly, with an appropriate syslog server in their central off network location - perhaps with a secure tunnel between the two, to carry the syslog traffic.

View solution in original post

7 Replies 7
Brash
Kind of a big deal
Kind of a big deal

There's some basic documentation on webhooks. Not sure if it's all syslog events or some dashboard alerts though:

https://documentation.meraki.com/General_Administration/Other_Topics/Webhooks

GreenMan
Meraki Employee
Meraki Employee

Yes - webhooks are about alerts, rather than events.   You can pull the event log though, via the Dashboard API:   https://developer.cisco.com/meraki/api-v1/#!get-network-events

Shaun1387
Getting noticed

Cheers GreenMan !

 

So I have my webhook destination set up and working, the test webhook seems to work ok and im getting webhooks through ok for the alerts I have configured under configure->alerts. 

 

What i really need is for syslog messages to come in via webhooks as well, I have an MX on the network which is happily generating syslog messages locally but I need them in a central , off network location and they arent currently coming through on webhooks at the moment. VPN between the local LAN and the remote site isnt an option nor is exposing a syslog to the internet.

 

am I right in now thinking that this isnt possible via Webhooks?

 

The documentation seem contradictory (if only i could lay my hands on the doc that said it was possible...doh!)

 

Thanks again for your help 

Cheers

 

 

 

GreenMan
Meraki Employee
Meraki Employee

To my knowledge we've never had that capability.    Most customers would simply use syslog directly, with an appropriate syslog server in their central off network location - perhaps with a secure tunnel between the two, to carry the syslog traffic.

Shaun1387
Getting noticed

Thanks Again GreenMan,

 

That clears that up for me. The VPN option would be the 'goto' in any other environment but its not really going to work in this case.

 

Another option, if such a thing exists...., may be to find and deploy a local Syslog server to site which has an HTTP Push capability, see if the messages can be relayed that way.  Actually, that might be quite a neat solution.🤔

 

Thanks again for clearing that up for me, If i find something suitable i will post back up here.

 

Cheers

Shaun

 

ww
Kind of a big deal
Kind of a big deal

Shaun1387
Getting noticed

Hi WW,

 

yeah, i think it may have been that one. 🤔 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels