Connect Cisco Meraki devices to Microsoft Sentinel
Hi,
We’re planning to connect Cisco Meraki devices to Microsoft Sentinel. The out of the box data connector ingest logs telemetry through a Syslog.
As per Meraki official documentation
(https://documentation.meraki.com/General_Administration/Monitoring_and_Reporting/Meraki_Device_Reporting_-_Syslog%2C_SNMP%2C_and_API), it seems streaming the logs though API/ Webhooks method is also feasible. Additionally it seems not all the logs can be streamed via syslog as seen below:
Wondering if anyone has tried the Meraki Webhooks or is it not supported in Sentinel? Would be really great to get some feedback in terms of setting it up if its feasible.
thanks
Hi,We’re planning to connect Cisco Meraki devices to Microsoft Sentinel. The out of the box data connector ingest logs telemetry through a Syslog.As per Meraki official documentation(https://documentation.meraki.com/General_Administration/Monitoring_and_Reporting/Meraki_Device_Reporting_-_Syslog%2C_SNMP%2C_and_API), it seems streaming the logs though API/ Webhooks method is also feasible. Additionally it seems not all the logs can be streamed via syslog as seen below:Wondering if anyone has tried the Meraki Webhooks or is it not supported in Sentinel? Would be really great to get some feedback in terms of setting it up if its feasible. thanks Read More