Syslog message - Wireless Event

Getting noticed

Syslog message - Wireless Event

Hi there, 


We have a requirement to get the wireless event logs especially the 802.1X EAP Success & 802.11 Authentication via Syslog for an AD Based firewall rule configuration in a network. This is a large enterprise network where they mostly rely on wireless connectivity for daily operations.  


Please provide your feedback on the reliability of Sysog services in Meraki if someone has experienced it. 


Thanks in Advance

Kind of a big deal
Kind of a big deal

How would you measure „reliability“ in this case? I‘d say it is.


Apart from that: wouldn‘t it make more sense to leverage the RADIUS log on your authentication server?

Hi @CptnCrnch 


We are applying the IP Address once the authentication is done. So how could the Radius log have the IP Address + User ID detail? 


What I mean with Reliability is the options that are available for troubleshooting & management. 


RADIUS Logs are often important to debugging an authentication issue, so I would recommend collecting those as well. With RADIUS Accounting you can get IP address as well.

You might also want to look into Webhooks for the Alerts notifications. These are important, and not always in the syslog, and most customers use email to send alerts, but using Webhooks let's you log them!

Why are webhooks and syslog different?! It seems odd at first I know. Webhooks are alerts from the Meraki Cloud "controller" while syslog is the hardware device sending it's logs, so they are two different sources. Syslog is not "secure" and therefore only offered over your internal network, not to a public IP address. Can you get them all from one source? Yes, technically you can get syslog from the Cloud as well, but it's not a stream it's an API REST call you would have to poll every X minutes.

The Meraki Syslog is easy and reliable. Check out the documentation:
Colin Lowenberg
wireless engineer and startup founder, formerly known as "the API guy", now I run a Furapi, the therapy dog service, and Lowenberg Labs, an IT consulting company.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.