We are on 16.16, not sure about the license. I checked all our devices and tried a few different snort signatures on each, and I found an egress suspicious TLD query signature that let me inspect it. Other signatures on the same device did not have the option. Why does it vary per signature? Also the Source column in the MX Events table shows a tiny "Meraki Network OS" under the hostname for signatures that I can inspect too, if that is of any help.
... View more
