Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

Cisco Meraki Integration Guide

integrations network cisco

Cisco Meraki must be configured to send logs via syslog to the Taegis™ XDR Collector. Logs are filtered and correlated in real-time for various security event observations.

You will need to configure the options based on the type of appliance you have. This document applies to:

Follow the instructions below to configure logging and enable monitoring by Secureworks.

Connectivity Requirements

Source Destination Port/Protocol
Cisco Meraki Appliance (MX) Taegis™ XDR Collector (mgmt IP) UDP/514


You must be licensed for each feature you are attempting to report on. You also must have admin access to the Meraki dashboard.

Data Provided from Integration

  Antivirus Auth DHCP DNS Email Encrypt File HTTP Management Netflow NIDS Process Thirdparty
Cisco Meraki Firewall   D         Y D   D V    

Y = Normalized | D = Out-of-the-Box Detections | V = Vendor-Specific Detections


Taegis™ XDR detectors are not guaranteed to be triggered, even if a data source's logs are normalized to a schema associated with a given detector. However, you can create Custom Alert Rules to generate alerts based on normalized data from a data source.

Configuration Instructions

Define syslog servers by following the instructions in the Configure Dashboard section of the Cisco Meraki Syslog Server Overview and Configuration documentation.

Consider the following requirements when completing the configuration steps:


On this page: