Configuring Monitoring for Cisco Meraki

Configuration Guide

Overview Direct link to this section

This document describes how to configure your Cisco Meraki Network and generate a Cisco Meraki API key for Arctic Wolf® to monitor sensor-less sites and proactively alert using the Cisco Meraki API.

Note: This is only for offices where a Meraki device is not able to send Syslog messages to a sensor or log collector. Arctic Wolf recommends using Syslog to provide maximum visibility.

After you complete this process, you must provide a Cisco Meraki API key to Arctic Wolf on the Arctic Wolf Portal.

Configuring your traffic endpoints Direct link to this section

To configure your traffic endpoints for Arctic Wolf monitoring, you must ensure that traffic analysis is enabled for all of your networks. To do this:

  1. In the NETWORK dropdown, select the network you want to configure.
  2. Select Network-wide > General.
  3. Navigate to the Traffic Analysis section and select traffic analysis enabled from the dropdown list.

Once all networks are configured, proceed to Generating an API key.

Generating an API key Direct link to this section

To generate a Cisco Meraki API key:

Tip: For more information, see Cisco Meraki Dashboard API in the Cisco Meraki website.

  1. Sign in to the Cisco Meraki Dashboard.

  2. Select Organization > Setttings > Dashboard API Access.

  3. Select the Enable access to the Cisco Meraki Dashboard API checkbox.

  4. Select My Profile and then select Generate new API key.

    Note: The generated API key is associated with the user that generated the key and inherits the same permissions as that user.

  5. Copy the generated API key and proceed to Providing credentials to Arctic Wolf.

Providing credentials to Arctic Wolf Direct link to this section

To provide your cloud credentials to Arctic Wolf:

  1. Sign in to the Arctic Wolf Portal.

  2. Select Connected Accounts in the banner menu to open the Connected Accounts page.

    Connected Accounts menu

  3. Select +Add Account to open the Add Account form.

  4. Select Cloud Detection and Response as the Account Type.

  5. Select Cisco Meraki from the list of cloud services and then fill in the form:

    1. Enter a descriptive name for the credentials in the Account Name text box.
    2. Paste the API key value obtained in Generating an API key into the API Key text box.
  6. Select Submit to CST.

  7. When prompted with the confirmation message, review your submission, and then select Done. You are returned to the Connected Accounts page.

  8. Verify that the newly-submitted credential entry appears in the cloud services list with the status Connection Pending. After your Concierge Security® Team provisions security monitoring for your account, the status of your credentials changes to Connected.