Cisco Meraki Monitoring

Last updated on 24 October, 2023

Disclaimer: These modules monitor Cisco Meraki devices as discrete LogicMonitor Resources and are not in-place upgrades to Cisco Meraki (Legacy) modules. For more information, see Cisco Meraki (Legacy).

Production use of these modules in parallel with Cisco Meraki (Legacy) modules (or other 3rd party monitoring solutions) to monitor the same Meraki Devices in the same Meraki Networks is not recommended. Doing so can cause Meraki Dashboard API 429 errors and data gaps across both modules and third-party monitoring solutions. To mitigate risk, follow your organization’s change control processes.

This package of LogicMonitor modules monitors Cisco Meraki devices including Wireless Access Points, Smart Cameras, Security Appliances, and Switches. These modules collect data using both the Cisco Meraki Dashboard API and snmp.meraki.com. For more information, see the Meraki Dashboard API documentation from Cisco.

Requirements

  • Collector version 32.400 or later
  • An API Token and Meraki Organization ID using the Cisco Meraki portal or Cisco Meraki API. For more information, see the following Meraki documentation:
  • Port 16100 configured to allow access to snmp.meraki.com
    For more information, see the SNMP Overview and Configuration documentation from Cisco.

Add Resources into Monitoring

You can add Cisco Meraki resource using the following methods:

  • (Recommended) Advanced NetScan that uses the Meraki Dashboard API to discover and create Resources for each monitored Meraki Device. The NetScan organizes each Resource in Resource Groups for each Meraki Network. For more information, see What is NetScan.
  • Manually

Warning: To avoid overages, verify that you have sufficient LogicMonitor licenses before running the NetScan. In addition, test your NetScan filters to ensure you do not inadvertently add Meraki devices you do not want to monitor.

For more information about using Advanced NetScan, see Enhanced Script Netscan.

  1. In your LogicMonitor Portal > Modules > Exchange, install the Cisco Meraki modules. For a list of modules, see LogicModules in Package.
  2. Navigate to Resources > Add > Several Devices > Advanced NetScan.
    The Add Advanced NetScan page is displayed.
  3. Enter a name that you want to associate with this NetScan. For example, “Cisco Meraki Devices”. 
  4. Select the Collector to execute the NetScan.
    For more information, see Collector Assignment in Enhanced Script Netscan.
  5. Select Enhanced Script NetScan from the Method drop-down list.
  6. From the Enhanced Script section, select Device Credentials > Use custom credentials for this scan.
  7. Add the following properties that provide the NetScan with the required Cisco Meraki credentials and change how and where the NetScan creates and organizes resources:
PropertyValueRequired
meraki.api.orgMeraki Org IDYes
meraki.api.keyMeraki API Key
The NetScan masks the value of this property.
Yes
meraki.snmp.community.pass
(Applies to SNMP v1 or v2c)
Community string
Note: Configure these SNMP settings as Netscan Credential Properties or as Custom Properties of the Resource Group that contains your Meraki devices. Obtain the values from your Meraki Dashboard -> Organization -> Settings -> SNMP. These settings only affect communication with snmp.meraki.com. If you are also using local SNMP DataSources, like SNMP_Network_Interfaces or SNMP_Host_Uptime, these settings will not alter their settings or operation.
Yes
(If using SNMP vc2)
meraki.snmp.security
(Applies to SNMP v3)
Username
Note: Configure these SNMP settings as Netscan Credential Properties or as Custom Properties of the Resource Group that contains your Meraki devices. Obtain the values from your Meraki Dashboard -> Organization -> Settings -> SNMP. These settings only affect communication with snmp.meraki.com. If you are also using local SNMP DataSources, like SNMP_Network_Interfaces or SNMP_Host_Uptime, these settings will not alter their settings or operation.
Yes
(If using SNMP v3)
meraki.snmp.auth
(Applies to SNMP v3)
SHA or MD5
Note: Configure these SNMP settings as Netscan Credential Properties or as Custom Properties of the Resource Group that contains your Meraki devices. Obtain the values from your Meraki Dashboard -> Organization -> Settings -> SNMP. These settings only affect communication with snmp.meraki.com. If you are also using local SNMP DataSources, like SNMP_Network_Interfaces or SNMP_Host_Uptime, these settings will not alter their settings or operation.
Yes
(If using SNMP v3)
meraki.snmp.authToken.pass
(Applies to SNMP v3)
SHA or MD5 authentication token (password)

Note: Configure these SNMP settings as Netscan Credential Properties or as Custom Properties of the Resource Group that contains your Meraki devices. Obtain the values from your Meraki Dashboard -> Organization -> Settings -> SNMP. These settings only affect communication with snmp.meraki.com. If you are also using local SNMP DataSources, like SNMP_Network_Interfaces or SNMP_Host_Uptime, these settings will not alter their settings or operation.

Yes
(If using SNMP v3)
meraki.snmp.priv
(Applies to SNMP v3)
AES128 or DES
Note: Configure these SNMP settings as Netscan Credential Properties or as Custom Properties of the Resource Group that contains your Meraki devices. Obtain the values from your Meraki Dashboard -> Organization -> Settings -> SNMP. These settings only affect communication with snmp.meraki.com. If you are also using local SNMP DataSources, like SNMP_Network_Interfaces or SNMP_Host_Uptime, these settings will not alter their settings or operation.
Yes
(If using SNMP v3)
meraki.snmp.privToken.pass
(Applies to SNMP v3)
Privacy token (password)
Note: Configure these SNMP settings as Netscan Credential Properties or as Custom Properties of the Resource Group that contains your Meraki devices. Obtain the values from your Meraki Dashboard -> Organization -> Settings -> SNMP. These settings only affect communication with snmp.meraki.com. If you are also using local SNMP DataSources, like SNMP_Network_Interfaces or SNMP_Host_Uptime, these settings will not alter their settings or operation.
Yes
(If using SNMP v3)
meraki.api.org.folderThe name of the LogicMonitor Resource Group that this NetScan creates or uses if already existing
The value can be a nested child folder. For example, folder/folder/folder.
No
meraki.api.org.nameYour Meraki Org Name
This becomes the name of the root Resource Group for Cisco Meraki, or becomes the name of top-level child Resource Group if you use the meraki.api.org.name property to specify an alternate root folder.
No
meraki.api.org.networksComma-separated network IDs to include (others are excluded)
No
meraki.api.org.collector.networks.csvBy default, new resources created by the NetScan are assigned to the collector that runs the NetScan. This property uses a CSV file to override the default behavior and assign Meraki devices to your desired collectors based on Meraki Network ID and LogicMonitor Collector names. The CSV file must be stored on the collector that executes the NetScan: Linux: /usr/local/logicmonitor/agent/bin Windows: C:\Program Files\LogicMonitor\Agent\bin For more information, see Mapping Cisco Meraki Devices to LM Envision CollectorsNo
meraki.service.urlAlternate region URLs include: https://dashboard.meraki.cn/v1No
  1. In the Filters section, use the following filter properties to omit specific Resources (For example, appliances, switches, wireless access points, cameras) from discovery.
    These filters behave the same way as Active Discovery filters. The following device level properties are automatically discovered and can be filtered on. Available filter operations include: Equal, NotEqual, GreaterThan, GreaterEqual, LessThan, LessEqual, Contain, NotContain, Exist, NotExist, RegexMatch, RegexNotMatch.

Recommendation: To verify desired functionality, start with a specific filter of some devices you want to monitor, then incrementally change the filter operations or values to onboard monitored resources in stages. For example, you can configure the filters to only discover or import one Meraki Network at a time until you are confident that your Properties and Filters are properly defined to achieve your desired outcome.

Warning: If you do not configure filters, NetScan attempts to add all discovered Meraki Devices as discrete LogicMonitor Resources.

PropertyOperationvalueExampleRequired
meraki.productTypeEqualImport this type of Meraki devicesapplianceNo
EqualImport this type of Meraki devicesswitchNo
EqualImport this type of Meraki deviceswirelessNo
EqualExclude this type of Meraki devicescameraNo
meraki.tagsEqualImport devices with this Meraki Dashboard tagproductionNo
EqualImport devices with this Meraki Dashboard tagmonitorNo
NotEqualExclude devices with this Meraki Dashboard tagstagingNo
meraki.serialEqualImport a device that has this Meraki serial numberQ1AB-2CD3-EFGHNo
EqualImport a device that has this Meraki serial numberQ2AB-3CD4-EFGHNo
NotEqualExclude a device that has this Meraki serial numberQ3AB-4CD5-EFGHNo
meraki.firmwareEqualImport Meraki devices having this firmware versionswitch-16-4No
NotEqualExclude Meraki devices having this firmware versionwireless-29-5-1No
NotEqualExclude Meraki devices having this firmware versionFirmware locked. Contact support.No
meraki.api.network.nameEqualImport devices in this Meraki NetworkStore 105No
NotEqualExclude devices in this Meraki NetworkStore 106No
  1. Select Embed a Groovy script and embed the following script:

Warning: Do not edit the script. Edited Enhanced Script NetScans are not supported. If the LogicMonitor-provided script is edited, LogicMonitor Support can require you to overwrite your edits with the supported script if problems arise. The Enhanced Script NetScan limits LM Envision Resource creation to <= 600 per hour. To create more than 600 Resources, schedule the NetScan to recur each hour until all resources are added.

/*******************************************************************************
 * © 2007-2023 - LogicMonitor, Inc. All rights reserved.
 ******************************************************************************/
 
import com.logicmonitor.common.sse.utils.GroovyScriptHelper as GSH
import com.logicmonitor.mod.Snippets
import com.santaba.agent.AgentVersion
import java.text.DecimalFormat
import groovy.json.JsonOutput
import groovy.json.JsonSlurper
 
// To run in debug mode, set to true
Boolean debug = false
// To enable logging, set to true
Boolean log = false
 
// Set props object based on whether or not we are running inside a netscan or debug console
def props
try {
    hostProps.get("system.hostname")
    props = hostProps
    debug = true  // set debug to true so that we can ensure we do not print sensitive properties
}
catch (MissingPropertyException) {
    props = netscanProps
}
 
String org = props.get("meraki.api.org")
String key = props.get("meraki.api.key")
if (!org) {
    throw new Exception("Must provide meraki.api.org to run this script.  Verify necessary credentials have been provided in Netscan properties.")
}
if (!key) {
    throw new Exception("Must provide meraki.api.key credentials to run this script.  Verify necessary credentials have been provided in Netscan properties.")
}
 
def logCacheContext = "${org}::cisco-meraki-cloud"
 
Integer collectorVersion = AgentVersion.AGENT_VERSION.toInteger()
  
// Bail out early if we don't have the correct minimum collector version to ensure netscan runs properly
if (collectorVersion < 32400) {
    def formattedVer = new DecimalFormat("00.000").format(collectorVersion / 1000)
    throw new Exception("Upgrade collector running netscan to 32.400 or higher to run full featured enhanced netscan. Currently running version ${formattedVer}.")
}
 
def modLoader = GSH.getInstance()._getScript("Snippets", Snippets.getLoader()).withBinding(getBinding())
def emit        = modLoader.load("lm.emit", "1.1")
def lmDebugSnip = modLoader.load("lm.debug", "1")
def lmDebug     = lmDebugSnip.debugSnippetFactory(out, debug, log, logCacheContext)
def httpSnip    = modLoader.load("proto.http", "0")
def http        = httpSnip.httpSnippetFactory(props)
def cacheSnip   = modLoader.load("lm.cache", "0")
def cache       = cacheSnip.cacheSnippetFactory(lmDebug, logCacheContext)
def ciscoMerakiCloudSnip = modLoader.load("cisco.meraki.cloud", "0")
def ciscoMerakiCloud     = ciscoMerakiCloudSnip.ciscoMerakiCloudSnippetFactory(props, lmDebug, cache, http)
 
String orgDisplayname      = props.get("meraki.api.org.name") ?: "MerakiOrganization"
String orgFolder           = props.get("meraki.api.org.folder") ? props.get("meraki.api.org.folder") + "/" : ""
String serviceUrl          = props.get("meraki.service.url") ?: "https://api.meraki.com/api/v1"
def networksWhitelist    = props.get("meraki.api.org.networks")?.tokenize(",")?.collect{ it.trim() }
def collectorNetworksCSV = props.get("meraki.api.org.collector.networks.csv")
def collectorNetworkInfo
if (collectorNetworksCSV) collectorNetworkInfo = processCollectorNetworkInfoCSV(collectorNetworksCSV)
 
String merakiSnmpCommunity = props.get("meraki.snmp.community.pass")
String merakiSnmpSecurity  = props.get("meraki.snmp.security")
String merakiSnmpAuth      = props.get("meraki.snmp.auth")
String merakiSnmpAuthToken = props.get("meraki.snmp.authToken.pass")
String merakiSnmpPriv      = props.get("meraki.snmp.priv")
String merakiSnmpPrivToken = props.get("meraki.snmp.privToken.pass")
 
Map sensitiveProps = [
    "meraki.api.key"   : key,
    "meraki.snmp.community.pass" : merakiSnmpCommunity,
    "meraki.snmp.auth"           : merakiSnmpAuth,
    "meraki.snmp.authToken.pass" : merakiSnmpAuthToken,
    "meraki.snmp.privToken.pass" : merakiSnmpPrivToken
]
 
// Determine whether there are devices cached on disk that still need to be added from previous netscan runs
if (processResourcesJson(emit, "devices", sensitiveProps, lmDebug)) return 0
 
List<Map> resources = []
 
// Gather data from cache if running in debug otherwise make API requests
def orgDevicesStatuses
def orgDevices
if (debug) {
    orgDevicesStatuses = cache.cacheGet("${org}::organizationDeviceStatuses")
    if (orgDevicesStatuses) orgDevicesStatuses = ciscoMerakiCloud.slurper.parseText(orgDevicesStatuses).values()
} else {
    orgDevicesStatuses = ciscoMerakiCloud.httpGetWithPaging("/organizations/${org}/devices/statuses")
    if (orgDevicesStatuses) orgDevicesStatuses = ciscoMerakiCloud.slurper.parseText(orgDevicesStatuses)
}
 
// Organization device status data is required; we cannot proceed without it
if (!orgDevicesStatuses) {
    throw new Exception("Error occurred during organizations/${org}/devices/statuses HTTP GET: ${orgDevicesStatuses}.")
}
 
if (debug) {
    orgDevices = cache.cacheGet("${org}::organizationDevices")
    if (orgDevices) orgDevices = ciscoMerakiCloud.slurper.parseText(orgDevices).values()
} else {
    orgDevices = ciscoMerakiCloud.httpGetWithPaging("/organizations/${org}/devices")
    if (orgDevices) orgDevices = ciscoMerakiCloud.slurper.parseText(orgDevices)
}
 
def orgNetworkNames = [:]
def orgNetworks
if (debug) {
    orgNetworks = cache.cacheGet("${org}::organizationNetworks")
    if (orgNetworks) orgNetworks = ciscoMerakiCloud.slurper.parseText(orgNetworks).values()
} else {
    orgNetworks = ciscoMerakiCloud.httpGetWithPaging("/organizations/${org}/networks")
    if (orgNetworks) orgNetworks = ciscoMerakiCloud.slurper.parseText(orgNetworks)
}
 
// Network data is required; we cannot proceed without it
if (!orgNetworks) {
    throw new Exception("Error occurred during organizations/${org}/networks HTTP GET: ${orgNetworks}.")
}
 
orgNetworks.each { orgNetwork ->
    def networkId = orgNetwork.get("id")
    def networkName = orgNetwork.get("name")
    orgNetworkNames.put(networkId, networkName)
}
 
orgDevicesStatuses.each { orgDevice ->
    def networkId   = orgDevice.get("networkId")
    def networkName = orgNetworkNames.get(networkId)
    // Verify this network should be included based on customer whitelist configuration
    if (networksWhitelist != null && !networksWhitelist.contains(networkId)) return
 
    def ip = orgDevice.get("lanIp") ?: orgDevice.get("publicIp")
    def name = orgDevice.get("name")
    def productType = orgDevice.get("productType")
    def serial = orgDevice.get("serial")
    // Verify we have minimum requirements for device creation
    if (ip && networkId && productType && serial) {
        if (ip == "127.0.0.1") ip = name
        if (!name) name = ip
        def deviceProps = [
            "meraki.api.key"          : key,
            "meraki.api.org"          : emit.sanitizePropertyValue(org),
            "meraki.api.network"      : emit.sanitizePropertyValue(networkId),
            "meraki.api.network.name" : emit.sanitizePropertyValue(networkName),
            "meraki.serial"           : emit.sanitizePropertyValue(serial)
        ]
 
        if (networksWhitelist != null) deviceProps.put("meraki.api.org.networks", emit.sanitizePropertyValue(networksWhitelist))
 
        if (merakiSnmpCommunity) deviceProps.put("meraki.snmp.community.pass", merakiSnmpCommunity)
        if (merakiSnmpSecurity) deviceProps.put("meraki.snmp.security", merakiSnmpSecurity)
        if (merakiSnmpAuth) deviceProps.put("meraki.snmp.auth", merakiSnmpAuth)
        if (merakiSnmpAuthToken) deviceProps.put("meraki.snmp.authToken.pass", merakiSnmpAuthToken)
        if (merakiSnmpPriv) deviceProps.put("meraki.snmp.priv", merakiSnmpPriv)
        if (merakiSnmpPrivToken) deviceProps.put("meraki.snmp.privToken.pass", merakiSnmpPrivToken)
 
        def tags = orgDevices?.find { it.serial == serial}?.tags
        if (tags && tags != "[]") deviceProps.put("meraki.tags", tags.join(","))
     
        def firmware = orgDevices.find { it.serial == serial}?.firmware
        if (firmware) deviceProps.put("meraki.firmware", firmware)
 
        if (productType == "camera") {
            deviceProps.put("system.categories", "CiscoMerakiCamera")
        } else if (productType == "switch") {
            deviceProps.put("system.categories", "CiscoMerakiSwitch")
        } else if (productType == "wireless") {
            deviceProps.put("system.categories", "CiscoMerakiWireless")
        } else if (productType == "appliance") {
            deviceProps.put("system.categories", "CiscoMerakiAppliance")
        }
 
        deviceProps.put("meraki.productType", productType)
 
        // Set group and collector ID based on user CSV inputs if provided
        if (collectorNetworkInfo) {
            def collectorId = collectorNetworkInfo[networkId]["collectorId"]
            def folder      = collectorNetworkInfo[networkId]["folder"]
            Map resource = [
                "hostname"    : ip,
                "displayname" : name,
                "hostProps"   : deviceProps,
                "groupName"   : ["${orgFolder}${folder}/${networkName}"],
                "collectorId" : collectorId
            ]
            resources.add(resource)
        } else {
            Map resource = [
                "hostname"    : ip,
                "displayname" : name,
                "hostProps"   : deviceProps,
                "groupName"   : ["${orgFolder}${orgDisplayname}/${networkName}"]
            ]
            resources.add(resource)
        }
    }
}
 
emitWriteJsonResources(emit, "devices", resources, lmDebug)
 
return 0
 
 
/**
 * Sanitizes filepath and instantiates File object
 * @param filename String
 * @param fileExtension String
 * @return File object using sanitized relative filepath
*/
File newFile(String filename, String fileExtension) {
    // Ensure relative filepath is complete with extension type
    def filepath
    if (!filename.startsWith("./")) {
        filepath = "./${filename}"
    }
    if (!filepath.endsWith(".${fileExtension}")) {
        filepath = "${filepath}.${fileExtension}"
    }
 
    return new File(filepath)
}
 
 
/**
 * Processes a CSV with headers collector id, network organization device name, folder, and network
 * @param filename String
 * @return collectorInfo Map with network id as key and Map of additional attributes as value
*/
Map processCollectorNetworkInfoCSV(String filename) {
    // Read file into memory and split into list of lists
    def csv = newFile(filename, "csv")
    def rows = csv.readLines()*.split(",")
    def collectorInfo = [:]
 
    // Verify whether headers are present and expected values
    // Sanitize for casing and extra whitespaces while gathering headers
    def maybeHeaders = rows[0]*.toLowerCase()*.trim()
    if (maybeHeaders.contains("collector id") && maybeHeaders.contains("folder") && maybeHeaders.contains("network")) {
        Map headerIndices = [:]
        maybeHeaders.eachWithIndex{ val, i ->
            headerIndices[val] = i
        }
        // Index values for headers to ensure we key the correct index regardless of order
        def ni = headerIndices["network"]
        def ci = headerIndices["collector id"]
        def fi = headerIndices["folder"]
 
        // Remove headers from dataset
        def data = rows[1..-1]
        // Build a map indexed by network for easy lookups later
        data.each{ entry ->
            collectorInfo[entry[ni]] = [
                    "collectorId" : entry[ci],
                    "folder"      : entry[fi]
                ]
        }
    }
    // Bail out early if we don't have the expected headers in the provided CSV
    else {
        throw new Exception(" Required headers not provided in CSV.  Please provide \"Collector ID\", \"Network Organization Device Name\", \"Folder Name, \"and Network (case insensitive).  Headers provided: \"${rows[0]}\"")
    }
 
    return collectorInfo
}
 
 
/**
 * Replaces cached props stored with bogus values with their correct values
 * @param cachedProps Map of hostProps values stored in file cache
 * @param sensitiveProps Map of sensitive properties configured in the netscan to use for updating cachedProps values
 * @return completeHostProps Map updated hostProps with no bogus values
*/
Map processCachedHostProps(Map cachedProps, Map sensitiveProps) {
    Map completeHostProps = cachedProps.collectEntries{ k,v ->
                                if (sensitiveProps.containsKey(k)) {
                                    return [k as String, sensitiveProps[k]]
                                }
                                else {
                                    return [k as String, v as String]
                                }
                            }
    // Verify that we do not have any remaining properties with fake values; stop the show if we do
    def missingKeys = completeHostProps.findAll{ k,v -> v == "***" }
    if (missingKeys) {
        throw new Exception(" Unable to update all cached sensitive properties with appropriate values.  Check Netscan properties and ensure the following keys have been added with values other than ***:\n\t${missingKeys.keySet().join(",")}")
    }
    return completeHostProps
}
 
 
/**
 * Processes a JSON file representing resources cached to disk on the collector
 * @param emit Snippet object for lm.emit (requires version 1.0)
 * @param filename String
 * @param sensitiveProps Map of sensitive properties configured in the netscan to use for updating cachedProps values
 * @param lmDebug Snippet object class instantiation of lm.debug (requires version 1.0)
 * @return Boolean indicator of whether processing was successful
*/
Boolean processResourcesJson(emit, String filename, Map sensitiveProps, lmDebug) {
    File cacheFile = newFile(filename, "json")
    def cachedDevices
    try {
        cachedDevices = new JsonSlurper().parse(cacheFile)
    }
    catch (JsonException) {
        lmDebug.LMDebugPrint("No file found under ${cacheFile.name}; proceeding with API calls to retrieve devices.\n")
        return false
    }
 
    if (!cachedDevices) {
        lmDebug.LMDebugPrint("No cached devices found in ${cacheFile.name}; proceeding with API calls to retrieve devices.\n")
        return false
    }
    lmDebug.LMDebugPrint("${cachedDevices.size()} devices retrieved from cache file ${cacheFile.name}")
 
    // Updated cached devices to include proper values for sensitive properties stored in cache
    cachedDevices.each{ device ->
        if (device["hostProps"]) device["hostProps"] = processCachedHostProps(device["hostProps"], sensitiveProps)
    }
 
    emitWriteJsonResources(emit, filename, cachedDevices, lmDebug)
    return true
}
 
 
/**
 * Output resources to stdout and cache any remainders to JSON file on collector disk
 * @param emit Snippet object for lm.emit (requires version 1.0)
 * @param filename String
 * @param resources List<Map> resources to be added from netscan
 * @param lmDebug Snippet object class instantiation of lm.debug (requires version 1.0)
*/
def emitWriteJsonResources(emit, String filename, List<Map> resources, lmDebug) {
    def chunkSize = 600
    def chunk = Math.min(resources.size(), chunkSize)
    lmDebug.LMDebugPrint("Adding ${chunk} devices.")
    // Output resources in chunk size deemed safe by platform team
    emit.resource(resources[0..chunk-1], lmDebug.debug)
 
    File cacheFile = newFile(filename, "json")
    // If the number of resources is less than or equal to our chunk size, our batching is complete and we can delete the file and exit
    if (resources.size() <= chunk) {
        cacheFile.delete()
        lmDebug.LMDebugPrint("All known devices have been reported.")
        return
    }
    // Remove sensitive properties prior to storing data in cache file; hardcode to true to ensure props are masked regardless of debug mode
    def remainingResources = emit.sanitizeResourceSensitiveProperties(resources, true)
    remainingResources = remainingResources[chunk..-1]
    def jsonRR = JsonOutput.toJson(remainingResources)
    // println JsonOutput.prettyPrint(jsonRR) // Uncomment for debugging purposes if needed
 
    lmDebug.LMDebug("Caching ${remainingResources.size()} devices to disk to add to portal in upcoming netscan executions.")
    cacheFile.write(jsonRR)
    return
}
  1. In the Schedule section, select Run this NetScan on a schedule. For dynamic environments, you can schedule the NetScan to run as frequently as hourly.

Note: Subsequent NetScan runs will add or move resources or resource groups based on changes in the Cisco Meraki Dashboard. However, the NetScan cannot delete resources.

  1. Select Save or Save & Run.

After running the NetScan, review the history for the number of resources added, or for error messages if the NetScan does not create any resources.

Manually Adding Cisco Meraki Resources

  1. Create a Cisco Meraki Organization Resource Group, or apply the following properties to an existing Resource Group:
    • Property: meraki.api.org
    • Value: Meraki Organization ID
    • Property: meraki.api.key
    • Value: API key
    • Property: meraki.snmp.community.pass (Applies to SNMP v1 or v2c)
    • Value: The community string
    • Property: meraki.snmp.security (Applies to SNMP v3)
    • Value: Username
    • Property: meraki.snmp.auth (Applies to SNMP v3)
    • Value: SHA or MD5
    • Property: meraki.snmp.authToken.pass (Applies to SNMP v3)
    • Value: SHA or MD5 authentication token (password)
    • Property: meraki.snmp.priv (Applies to SNMP v3)
    • Value: AES128 or DES
    • Property: meraki.snmp.privToken.pass (Applies to SNMP v3)
    • Value: Privacy token (password)

Note: Configure the SNMP settings as Netscan Credential Properties or as Custom Properties of the Resource Group that contains your Meraki devices. Obtain the values from your Meraki Dashboard -> Organization -> Settings -> SNMP.

These settings only affect communication with snmp.meraki.com. If you are also using local SNMP DataSources, like SNMP_Network_Interfaces or SNMP_Host_Uptime, these settings will not alter their settings or operation.

  1. Add the devices to the Meraki Organization Resource Group under a Network Resource Group with the following property added:
    • Property: meraki.api.network
    • Value: Meraki Network ID
    • Property: meraki.serial
    • Value: Meraki device serial
  2. For more information, see the How do I find my Org and Network ID? documentation from Cisco Meraki.

Import LogicModules

From the LogicMonitor Exchange, import all Cisco Meraki LogicModules from the package. For more information, see LogicModules in Package. If these LogicModules are already installed, ensure you have the latest versions.

After the LogicModules are imported, the addCategory_Cisco_Meraki_Device PropertySource must run to set the required properties to begin monitoring. Data collection automaticallys begin for all devices after an elected device has started collecting data successfully in the Cisco_Meraki_API DataSource. For more information on importing modules, see LM Exchange.

Mapping Cisco Meraki Devices to LM Envision Collectors

Collector IDFolderNetwork
1AmericasMerakiNetworkID01
1AmericasMerakiNetworkID02
1AmericasMerakiNetworkID03
1AmericasMerakiNetworkID04
1AmericasMerakiNetworkID05
1AmericasMerakiNetworkID06
4EMEAMerakiNetworkID07
4EMEAMerakiNetworkID08
4EMEAMerakiNetworkID09
4EMEAMerakiNetworkID10
4EMEAMerakiNetworkID11
4EMEAMerakiNetworkID12
7APACMerakiNetworkID13
7APACMerakiNetworkID14
7APACMerakiNetworkID15
7APACMerakiNetworkID16

The following are the comma-separated values for Collector ID, Folder, and Network:

collector id,folder,network
1,Americas,MerakiNetworkID01
1,Americas,MerakiNetworkID02
1,Americas,MerakiNetworkID03
1,Americas,MerakiNetworkID04
1,Americas,MerakiNetworkID05
1,Americas,MerakiNetworkID06
4,EMEA,MerakiNetworkID07
4,EMEA,MerakiNetworkID08
4,EMEA,MerakiNetworkID09
4,EMEA,MerakiNetworkID10
4,EMEA,MerakiNetworkID11
4,EMEA,MerakiNetworkID12
7,APAC,MerakiNetworkID13
7,APAC,MerakiNetworkID14
7,APAC,MerakiNetworkID15
7,APAC,MerakiNetworkID16

Troubleshooting

  • This package relies on collector script cache to continuously retrieve and store data from the Cisco Meraki API to minimize rate limiting constraints. For more information, see Collector Script Caching.
    Continuous data collection is maintained on an elected Meraki device through the Cisco_Meraki_API DataSource, which writes API responses to the collector script cache. addCategory_Cisco_Meraki_Device PropertySource must run first to set the proper category on this device. Cisco_Meraki_API DataSource must be running successfully for all other modules in this package to be successful.
  • During onboarding, you can run Active Discovery manually on additional PropertySources in this package after Cisco_Meraki_API begins collecting data to expedite monitoring and topology mapping.
  • If data gaps are seen, verify Cisco_Meraki_API is functioning successfully and check script cache health in the LogicMonitor_Collector_ScriptCache DataSource.

Note: The API used to pull data has rate limits. Check Cisco_Meraki_API on any Meraki device to check if the API is unreachable or monitoring has hit the API rate limit.

LogicModules in Package

LogicMonitor’s package for Cisco Meraki consists of the following LogicModules. For full coverage, import all of the following LogicModules into your LogicMonitor platform:

Display NameTypeDescription
Cisco_Meraki_TopologyTopologySourceMaps Cisco Meraki Cloud topologies.
Meraki APIDataSourceMonitors Meraki API usage.
Meraki Access Point HealthDataSourceHealth of Meraki-managed Access Points.
Meraki Access Point PerformanceDataSourcePerformance of Meraki-managed Access Points.
Meraki Access Point RadiosDataSourceRadio channel utilization of Meraki-managed Access Points.
Meraki Camera HealthDataSourceHealth of Meraki-managed Cameras.
Meraki InterfacesDataSourceInterface throughput and packet transmission of Meraki-managed Access Points and Security Appliances.
Meraki Security Appliance HealthDataSourceHealth of Meraki-managed Security Appliances.
Meraki Security Appliance PerformanceDataSourcePerformance of Meraki-managed Security Appliances.
Meraki Security Appliance TunnelsDataSourceTunnel metrics for Meraki-managed Security Appliances.
Meraki Security Appliance UnderlayDataSourceWAN connection metrics for Meraki-managed Security Appliances.
Meraki Switch HealthDataSourceHealth of Meraki-managed Switches.
Meraki Switch InterfacesDataSourceInterface data throughput of Meraki-managed Switches.
Meraki Switch PerformanceDataSourcePerformance of Meraki-managed Switches.
addCategory_Cisco_Meraki_DevicePropertySourceAdds the CiscoMeraki system category to devices managed by Cisco Meraki, as well as other auto-properties. Requires Cisco_Meraki_Org DataSource (observer) in order to collect data.
addERI_Cisco_Meraki_DevicePropertySourceDiscover and add Meraki specific ERI’s for Meraki resources.

When setting static datapoint thresholds on the various metrics tracked by this package’s DataSources, LogicMonitor follows the technology owner’s best practice KPI recommendations.

Recommendation: As necessary, adjust the predefined thresholds to meet the unique needs of your environment. For more information on tuning datapoint thresholds, see Tuning Static Thresholds for Datapoints.

In This Article