Cisco Meraki™ Logs
Configure a Cisco Meraki™ firewall to send logs to Arctic Wolf Direct link to this section
Notes:
- If you change your Cisco Meraki™ firewall configuration settings after the initial set up to send logs to Arctic Wolf, Arctic Wolf is not notified.
- For Arctic Wolf to monitor sensor-less sites, we recommend that you generate a Cisco Meraki™ API key for Arctic Wolf. See Configure Cisco Meraki to use the Cisco Meraki API for monitoring.
You can configure Cisco Meraki™ to send the necessary logs to Arctic Wolf for monitoring security information.
-
Sign in to the Cisco Meraki™ dashboard as an administrator.
-
In the navigation pane, click Network-wide > General.
-
In the Reporting section, click Add a syslog server.
-
In the table, do the following:
- Server IP — Enter the IP address of your Arctic Wolf sensor.
- Port — Keep the default UDP port value of 514.
- Roles — Select Security events from the list. (Optional) Add additional roles.
-
Click Save.
-
Contact your Concierge Security® Team to inform them that you have configured syslog forwarding, and to validate that the logs are being ingested appropriately. Include the following information:
- Confirmation that you have completed the steps in this configuration guide.
- The IP address you used during the configuration.
- Any other questions or comments that you have.