Exciting news! We are redesigning the Arctic Wolf Help Documentation site to provide a better user experience. Our new site will launch on May 1, 2024.

Cisco Meraki Logs

Updated Feb 23, 2024

Configure a Cisco Meraki firewall to send logs to Arctic Wolf

You can configure Cisco Meraki® to send the necessary logs to Arctic Wolf® for security monitoring.

Note: The syslog integration provides Arctic Wolf with endpoint data about common firewall and AP syslog events. To give Arctic Wolf access to data about security events and configuration changes, complete Configure Cisco Meraki for Arctic Wolf monitoring.

Requirements

Steps

  1. Configure log forwarding.
  2. Provide your Cisco Meraki firewall information to Arctic Wolf.

Step 1: Configure log forwarding

  1. Sign in to the Meraki Dashboard with administrator permissions.

  2. In the navigation menu, click Network-wide > General.

  3. In the Reporting section, click Add a syslog server.

  4. In the Syslog servers table, configure these settings:

    • Server IP — Enter the IP address of your Arctic Wolf sensor.
    • Port — Keep the default UDP port value of 514.
    • Roles — Select Security events, Flows, and URL, and then add any desired additional roles.

    Note: If you change your Cisco Meraki® firewall configuration settings after the initial set up, notify your Concierge Security® Team at security@arcticwolf.com.

  5. Click Save.

Step 2: Provide your Cisco Meraki firewall information to Arctic Wolf

  1. Sign in to the Arctic Wolf Unified Portal.

  2. Click the Tickets tab, and then do one of these actions:

    • New customers — In the Ticket Type list, select Onboarding. Then, click the existing [Deploy] Site Config: <ticket_subject> ticket.
    • Existing customers — Click Open a New Ticket.
  3. On the Open a New Ticket page, configure these settings:

    • What is this ticket related to? — Select General request.
    • Subject — Enter Syslog changes.
    • Related ticket (optional) — Keep empty.
    • Message — Enter this information for your Concierge Security® Team (CST):
      • Confirmation that you completed the steps in this configuration guide.
      • The IP address or hostname you used during the configuration.
      • Questions or comments that you have.
  4. Click Send Message.

    Your CST will review the details and make sure that Arctic Wolf is successfully processing the logs.

Next steps