Cisco Meraki Solution
Solution: CiscoMeraki
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Publisher | Microsoft Corporation |
| Support Tier | Microsoft |
| Support Link | https://support.microsoft.com |
| Categories | domains |
| Version | 3.0.3 |
| Author | Microsoft - support@microsoft.com |
| First Published | 2021-09-08 |
| Last Updated | 2026-01-23 |
| Solution Folder | CiscoMeraki |
| Marketplace | Azure Marketplace · Rating: ★☆☆☆☆ 1.0/5 (3 ratings) · Popularity: 🟢 High (89%) |
| Pre-requisites | CustomLogsAma |
The Cisco Meraki solution allows you to easily connect your Cisco Meraki (MX/MR/MS) logs with Microsoft Sentinel. This gives you more insight into your organization's network and improves your security operation capabilities.
This solution is dependent on the Custom logs via AMA connector to collect the logs. The Custom logs solution will be installed as part of this solution installation.
NOTE: Microsoft recommends installation of Custom logs via AMA Connector. Legacy connector uses the Log Analytics agent which were deprecated on Aug 31, 2024. Using MMA and AMA on same machine can cause log duplication and extra ingestion cost more details.
Additional Information
📖 Vendor Documentation: Cisco Meraki Syslog Events - Syslog event types and log samples
Contents
Pre-requisites
This solution depends on 1 other solution(s):
| Solution |
|---|
| CustomLogsAma |
Data Connectors
This solution has 3 discovered data connector(s)⚠️ (not in Solution definition):
Connectors from dependency solutions:
- Custom logs via AMA 🔶 (dependency on CustomLogsAma)
🔍 Discovered: This item was discovered by scanning the solution folder but is not listed in the Solution JSON file.
🔶 CLv1: This connector ingests into a table that uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g.
_s,_d,_b,_t,_g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.
Tables Used
This solution uses 18 table(s):
Internal Tables
The following 1 table(s) are used internally by this solution's content items:
| Table | Used By Connectors | Used By Content |
|---|---|---|
ThreatIntelIndicators |
- | Workbooks |
🔶 CLv1: This table uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g.
_s,_d,_b,_t,_g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.
Content Items
This solution includes 7 content item(s):
| Content Type | Count |
|---|---|
| Playbooks | 5 |
| Workbooks | 1 |
| Parsers | 1 |
Workbooks
| Name | Tables Used |
|---|---|
| CiscoMerakiWorkbook | CiscoMerakiNativePoller_CLSyslogmeraki_CLInternal use: ThreatIntelIndicators |
Playbooks
| Name | Description | Tables Used |
|---|---|---|
| Block Device Client - Cisco Meraki | This playbook checks if malicious device client is blocked by Cisco Meraki network. | - |
| Block IP Address - Cisco Meraki | This playbook checks if malicious IP address is blocked or unblocked by Cisco Meraki MX network. | - |
| Block URL - Cisco Meraki | This playbook checks if malicious URL is blocked in Cisco Meraki network. | - |
| IP Address Enrichment - Cisco Meraki | This playbook checks if malicious IP address is blocked or unblocked by Cisco Meraki MX network. | - |
| URL Enrichment - Cisco Meraki | This playbook checks if malicious URL is blocked or unblocked by Cisco Meraki network. | - |
Parsers
| Name | Description | Tables Used |
|---|---|---|
| CiscoMeraki | - | CiscoMerakiNativePoller_CL (read)Syslog (read)meraki_CL (read) |
Additional Documentation
📄 Source: CiscoMeraki/README.md
Cisco Meraki Logic Apps Custom Connector and Playbook Templates
Table of Contents
- Overview
- Deploy Custom Connector + 5 Playbook templates
- Authentication
- Prerequisites
- Deployment
- Post Deployment Steps
- References
- Limitations
Overview
Cisco Meraki connector connects to Cisco Meraki Dashboard API service endpoint and programmatically manages and monitors Meraki networks at scale.
Deploy Custom connector + 5 Playbook templates
This package includes: * Custom connector for Cisco Meraki. * Five playbook templates leverage Cisco Meraki custom connector.
You can choose to deploy the whole package : Connector + all five playbook templates, or each one seperately from it's specific folder.
Cisco Meraki documentation
Authentication
API Key Authentication
Prerequisites for using and deploying Custom connector + 5 playbooks
- Cisco Meraki API Key should be known to establish a connection with Cisco Meraki Custom Connector. Refer here
- Cisco Meraki Dashboard API service endpoint should be known. (e.g. https://{CiscoMerakiDomain}/api/{VersionNumber}) Refer here
- Organization name should be known. Refer here
- Network name should be known.Refer here
- Network Group Policy name should be known. Refer here
Deployment instructions
- Deploy the Custom connector and playbooks by clicking on "Deploy to Azure" button. This will take you to deploying an ARM Template wizard.
- Fill in the required parameters for deploying custom connector and playbooks
| Parameter | Description |
|---|---|
| For Playbooks | |
| Block Device Client Playbook Name | Enter the Block Device Client playbook name without spaces |
[Content truncated...]
Release Notes
| Version | Date Modified (DD-MM-YYYY) | Change History |
|---|---|---|
| 3.0.5 | 22-01-2026 | Correct name shown on Data Types to match query used & Updated the Cisco Meraki Custom Connector Default Service End-point. |
| 3.0.4 | 23-07-2025 | Workbook updated with new ThreatIntelIndicators table. |
| 3.0.3 | 02012-2024 | Removed Deprecated Data Connectors |
| 3.0.2 | 12-08-2024 | Deprecating data connector |
| 3.0.1 | 26-07-2023 | Updated Workbook template to remove unused variables. |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊