Cisco Meraki™ WAP Logs
Configure a Cisco Meraki™ WAP to send logs to Arctic Wolf Direct link to this section
Notes:
-
Before starting this procedure, discuss this log forwarding option with your Concierge Security® Team.
-
If you change your Cisco Meraki™ WAP configuration settings after the initial set up to send logs to Arctic Wolf, Arctic Wolf is not notified.
-
Notify your Concierge Security® Team if your WAP is configured with DHCP because this can generate additional logs. To determine if your WAP is configured with DHCP: In the Cisco Meraki™ dashboard go to Wireless > Access points, click your WAP, and then view the LAN IP setting.
You can configure a Cisco Meraki™ wireless access point (WAP) to send the necessary logs to Arctic Wolf for monitoring security information.
-
Sign in to the Cisco Meraki™ dashboard as an administrator.
-
In the navigation menu, click Network-wide > General.
-
In the Logging section, click Add a syslog server.
-
In the table, do the following:
- Server IP — Enter the IP address of your Arctic Wolf physical or virtual sensor.
- Port — Keep the default UDP port value of
514. - Roles — Select Security events and Appliance event log from the list.
Note: Role options vary depending on your network type (for example, Switch or Combined hardware) and licensing. Consult with your Concierge Security® Team if you need assistance selecting roles for your WAP.
-
Click Save.
-
Contact your Concierge Security® Team to inform them that you have configured syslog forwarding, and to validate that the logs are being ingested appropriately. Include the following information:
- Confirmation that you have completed the steps in this configuration guide.
- The IP address you used during the configuration.
- Any other questions or comments that you have.