I had previously used some of the following to get the messages from MX / MS parsed (took some tweaking) but I was using logstash to pump log into another app... might be easier going to Elastic (I'm actually about to go thru the process again for a lab - will post on github if you are interested) https://ioshark.net/logstash-from-scratch-parsing-cisco-meraki-logs-70b8e91c0c68 https://github.com/cs3gallery/meraki_logstash https://github.com/siemonster/logstash/blob/master/40-cisco-meraki-filter.conf theres also a Meraki Beats docker app that hits the API - docker pull ciscodevnet/merakibeat /d
... View more
