Cisco Meraki WAP Logs

Updated Aug 31, 2023

Configure a Cisco Meraki WAP to send logs to Arctic Wolf

Note: Before starting this procedure, discuss this log forwarding option with your Concierge Security® Team.

You can configure a Cisco Meraki® wireless access point (WAP) to send the necessary logs to Arctic Wolf for monitoring security information.

Requirements

Steps

  1. Sign in to the Cisco Meraki dashboard as an administrator.

  2. In the navigation menu, click Network-wide > General.

  3. In the Logging section, click Add a syslog server.

  4. In the table, do the following:

    • Server IP — Enter the IP address of your Arctic Wolf physical or virtual sensor.
    • Port — Keep the default UDP port value of 514.
    • Roles — Select Security events and Appliance event log from the list.

      Note: Role options vary depending on your network type (for example, Switch or Combined hardware) and licensing. Consult with your Concierge Security® Team if you need assistance selecting roles for your WAP.

  5. Click Save.

  6. Determine if your WAP is configured with DHCP as this can generate additional logs:

    1. In the Cisco Meraki dashboard go to Wireless > Access points.
    2. Click your WAP, and then review the LAN IP setting.
  7. Contact your Concierge Security® Team to inform them that you have configured syslog forwarding, and to validate that the logs are being ingested appropriately. Include the following information:

    • Confirmation that you have completed the steps in this configuration guide.
    • The IP address you used during the configuration.
    • Any other questions or comments that you have.
    • If your WAP is configured with DHCP.

Next steps

See also