Back Arrow Back to All Integrations

Cisco Meraki Firewall

Cisco Meraki Firewall

Cisco Meraki Logging and Threat Detection

Blumira’s modern cloud SIEM platform integrates with Cisco Meraki Firewalls to detect cybersecurity threats and provide an actionable response to remediate when a threat is detected.

 

When configured, the Blumira integration with Cisco Meraki Firewall will stream security event logs to the Blumira service for threat detection and actionable response.

 

Learn more about enabling Blumira’s Dynamic Block Lists to block malicious source IP addresses and domains for automated threat response.

Configuration Instructions

Configuring Cisco Meraki to send logs to Blumira

To configure Cisco Meraki to send log data to Blumira Sensor:

  1. Open your Meraki dashboard.
  2. Select a device.
  3. Select Alerts & Administration.
  4. Scroll down to the Logging section and click Add a syslog server.
  5. Type the IP address of your Blumira Sensor
  6. Type port number 514.
  7. Choose which types of events to export:
    1. Event Log —The messages from the dashboard under Monitor > Event Log.
    2. Flows — Inbound and outbound traffic flow-generated syslog messages that include the source, destination, and port numbers.
    3. URL— HTTP GET requests generating syslog entries.

 

 

Additional Resource:

https://documentation.meraki.com/zGeneral_Administration/Monitoring_and_Reporting/Syslog_Server_Overview_and_Configuration#Configure_Dashboard

For troubleshooting, refer the vendor documentation:

https://documentation.meraki.com/Special:Search?path=&q=Troubleshooting