The Add On for Cisco Meraki Operations lets you monitor network events related to Meraki operations within your environment.
The Add On for Cisco Meraki operations can collect the following data via the Cisco Meraki REST APIs: Device statuses, uplinks ,latencies and associated Alerts (Devices including access points, cameras, switches and security appliances)
Following REST API's are used to pull Meraki operations data:
The data collected from the Add On is in json format and can easily be used to visualize for dashboard and reporting purposes as well as create alerts.
Steps to configure the Add On:
1. Go to the Add On for Cisco Meraki Operations.
2. Navigate to Configuration tab.
3. Click on Organization and then click on Add.
4. Provide the organization name(Any unique values), organization id and organization key and click on add.
5. Go to the Inputs tab and configure the inputs according to your requirements.
Steps to take advantage of the new api call with networkName:
1. Configure the new Input (meraki_network_devices) and wait for the sourcetype to have some input.
2. Run the command -> index=<index name for the sourcetype> sourcetype="meraki:networkdevices"|dedup NetworkName,networkId|table NetworkName,networkId
3. Download the csv file and rename the file to a logical name.
4. Create the lookup and lookup definition.
5. Now configure the automatic lookup for the other 3 sourcetypes available.
6. Once, these steps are done, you will be able to see NetworkName getting populated for all the sourcetypes in this Add On.
Steps to update the NetworkName and networkId lookup:
1. To update the lookup, you will need to first have the above steps completed.
2. Now, you will go to Searches,Reports and Alerts.
3. Click on "New Report"
4. Provide a Title , a description and the search -> index=<index name for the sourcetype> sourcetype="meraki:networkdevices"|dedup NetworkName,networkId|table NetworkName,networkId|outputlookup <the_renamed_file_uploaded>.csv
5. Select App -> Search and Reporting(search) and Time Range Picker as No.
6. Save the New Report.
7. Go to edit for the newly created report and select edit schedule.
8. Create a cron for every 30 minutes or 1 hour(recommended) and provide timerange as last 24 hours.
9. Click on Save.
10. Now the Report will run as scheduled and update the lookup mapping of NetworkName and networkId.
We have added additional API calls to fetch the network list, display all the devices within the network list and appended the network name to the device info fetched.
The new data will be parsed as json and provide networkName field for other sourcetypes.
Steps are included in the details tab.
Additional UI change for the Add On.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.