Hey just a heads up, I went back and cleaned this up and removed syslog-ng altogether as I didn't want to have to maintain a different application just to collect the Meraki logs. I might re-install it if I need to push other logs to this server but for the time being, I'm only sending Cisco FP and Meraki logs. In order to do this, I downloaded and installed the Sumo Logic Installed Collector on my Linux server. With the collector installed, you simply need to configure the sources (your Meraki devices) in the Sumo Logic dashboard with the corresponding IP and port numbers. Use these docs to get things going: 1. https://help.sumologic.com/07Sumo-Logic-Apps/22Security_and_Threat_Detection/Cisco_Meraki/Collect_logs_for_the_Cisco_Meraki_App 2. https://help.sumologic.com/03Send-Data/Sources/01Sources-for-Installed-Collectors/Syslog-Source From this article, this was the important piece for me -- For multiple syslog collections, set up a separate Source for each and set a separate port number for each. Hope that helps. I'm now able to ingest the Meraki logs without configuring a whole bunch of overhead for syslog-ng.
... View more