Cisco Meraki Monitoring
Overview
LogicMonitor’s out-of-the-box monitoring for Cisco Meraki monitors:
- Meraki devices on a per-network level using a hybrid API/SNMP data collection approach
- API usage and device counts on a per-organization level
Setup Requirements
Perform Necessary Meraki Configurations
API Configurations
Perform the following steps to ready the Cisco Meraki Dashboard API:
- IMPORTANT: Using a checkbox located under organization settings, enable the Meraki API on all organizations within your Meraki instance.
- After enabling the API, navigate to your profile settings and generate an API key. Be sure to save the token upon creation, otherwise it is no longer visible. As discussed in the following section, this token will be assigned to a property within LogicMonitor.
See Cisco’s Meraki Dashboard API documentation for instructions on enabling the API and generating a key.
SNMP Configurations
SNMP v2c or v3 must be enabled on the Meraki Cloud Controller. See Cisco’s SNMP Overview and Configuration documentation for instructions.
Create a Meraki Device Group
From the Resources page, create a Meraki device group and assign it the following properties:
| Property | Description |
| meraki.api.key | Meraki API key (key must be generated and API must be enabled as discussed in previous section) |
| snmp.port | 16100 |
| snmp.version | Because LogicMonitor is not querying the devices themselves, but rather the Cloud Controller, it is not able to automatically assign the SNMP version to this property as it typically does for other monitoring operations that leverage SNMP. Be sure to manually assign the corresponding SNMP version (either “v2c” or “v3”) to this property. |
| Other Various SNMP credentials (the properties required to establish SNMP credentials vary) |
The properties required to establish the remaining SNMP credentials vary depending on the SNMP version being used. See Defining Authentication Credentials for details. |
For more information on creating device groups, see Adding Device Groups.
Add Resources Into Monitoring
Add your Cisco Meraki hosts into monitoring. As discussed next, you can either use NetScan to automatically add all relevant devices into monitoring (and auto-assign several required device properties), or you can manually add the devices into monitoring.
Adding Resources via NetScan
You can automatically add all Meraki networks, organizations, and a main api.meraki.com device via an advanced NetScan. For general instructions on creating and running an advanced NetScan, see Creating NetScans.
Ensure the following configurations are in place for the NetScan:
- Embed the following Groovy script (to reach text box where this script needs to be embedded, select “Upload a script or csv to discover devices” from the Method field’s dropdown menu and select the Embed a Groovy script option from the scripting options that dynamically display).
Note: Be sure to substitute the
INSERT API TOKEN HEREplaceholder text located at the top of this script with your actual API token./******************************************************************************* * © 2007-2020 - LogicMonitor, Inc. All rights reserved. ******************************************************************************/ import com.santaba.agent.groovyapi.http.HTTP import groovy.json.JsonOutput import groovy.json.JsonSlurper def token = "INSERT API KEY" def hostname = "api.meraki.com" // To run in debug mode, set to true def debug = false JsonSlurper slurper = new JsonSlurper() def baseURL = "https://api.meraki.com/api/v0" def httpClient = HTTP.open(hostname, 443) try { orgs = httpGet(slurper, httpClient, token, baseURL, "/organizations", debug) orgs.each { org -> orgId = org.id orgName = org.name // Extract shard for each org to create new base URL for subsequent queries def pattern = ~/https:\/\/(.*)\.meraki\.com.*/ def matcher = pattern.matcher(org.url) def orgShard = matcher[0][1] def newURL = "https://${orgShard}.meraki.com/api/v1" def networks = httpGet(slurper, httpClient, token, newURL, "/organizations/${orgId}/networks", debug) if (networks) { networks.each { network -> networkId = network.id networkName = network.name networkTags = network.tags hostName = "${orgName.replaceAll('\\W', '')}.${networkName.replaceAll('\\W', '')}.invalid" displayName = "Meraki Network: ${networkName}" println "${hostName}##${displayName}##meraki.org.name=${orgName}##meraki.org.id=${orgId}##meraki.api.key=${token}##meraki.network.id=${networkId}##meraki.network.name=${networkName}##meraki.network.tags=${networkTags}" } } println "${orgName.replaceAll('\\W','')}.invalid##Meraki Org: ${orgName}##meraki.org.name=${orgName}##meraki.org.id=${orgId}##meraki.api.key=${token}" } println "api.meraki.com##api.meraki.com##meraki.api.key=${token}" } finally { httpClient.close() } return 0 /** * Helper function to print out debug messages for troubleshooting purposes. */ def LMDebugPrint(message, debug) { if (debug) { println(message.toString()) } } /** * Helper function to perform HTTP GET. */ def httpGet(slurper, httpClient, token, baseURL, endpoint, previousResponse = null, debug) { def headers = [ "X-Cisco-Meraki-API-Key": token.toString(), "Accept": "application/json" ] def url = baseURL + endpoint httpClient.get(url, headers) def statusCode = httpClient.getStatusCode() def rawResponse = httpClient.getResponseBody() if ([200, 429].contains(statusCode)) { LMDebugPrint("URL: ${url}", debug) LMDebugPrint("Status Code: ${statusCode}", debug) // LMDebugPrint("Response Body: ${rawResponse}", debug) // Uncomment this line to see full response body in debug mode def response = slurper.parseText(rawResponse) if (previousResponse) { response += previousResponse } if (statusCode == 200) { // This section appears to only be needed when an organization has over 1000 devices. // Need to test in an environment where this exists to confirm proper handling. // def links = httpClient.getHeader('link') // LMDebugPrint("Links: ${links}", debug) // if (links) { // links.split(',').each { link -> // def items = link.split(';') // def rel = items[1].split('=')[1] // if (rel == 'next') { // println "Entering next..." // nextEndpoint = link.split('/api/v0')[1].split('>')[0] // return httpGet(slurper, httpClient, token, baseURL, nextEndpoint, response, debug) // } // } // } return response } else if (statusCode == 429) { def retryIn = httpClient.getHeader('Retry-After').toInteger() sleep(retryIn * 1000) return httpGet(slurper, httpClient, token, endpoint, previousResponse, debug) } } LMDebugPrint("Error occurred for URL ${url}", debug) LMDebugPrint("Status Code: ${statusCode}", debug) LMDebugPrint("Response Body: ${rawResponse}", debug) return null }Groovy - In the Default Group field (which displays after the script text box), specify the Cisco Meraki device group you previously created. Note: Ensure your SNMP credentials and Meraki key are set as properties on this group (as discussed in the Create a Meraki Device Group section of this support article) before running the NetScan.
Manually
As an alternative to running an advanced NetScan, you can manually add your Meraki devices into monitoring. There are three types of Meraki devices that can be added:
- Network device
- Organization device
- Meraki API device
When adding these devices, assign them to the device group previously created, as discussed in the Create a Meraki Device Group section of this support article. For instructions on manually adding resources into monitoring, see Adding Devices.
Network Device
The network device reports per-device and per-interface data for a specific network.
- The network device’s hostname (as entered into the IP Address/DNS name field) must end with “.invalid”.
- Network-specific properties must be assigned to the device, as discussed in the Assign Properties to Resources section of this support article.
Organization Device
The organization device reports per-network device counts and API Usage statistics for a specific organization.
- The organization device’s hostname (as entered into the IP Address/DNS name field) must end with “.invalid”.
- Organization-specific properties must be assigned to the device, as discussed in the Assign Properties to Resources section of this support article.
Meraki API Device
The Meraki API device reports per-network device counts and API Usage statistics for all organizations on the account.
- The Meraki API device’s hostname (as entered into the IP Address/DNS name field) must be “api.meraki.com”.
Assign Properties to Resources
In addition to the SNMP and meraki.api.key properties (which we recommend assigning at the group level, as discussed in the Create a Meraki Device Group section of this support article), the following properties must also be set on the Meraki devices within LogicMonitor.
Note: If you added resources into monitoring via NetScan, these properties will already be assigned. If you added resources into monitoring manually, you’ll need to manually set these properties. For instructions on manually setting properties, see Resource and Instance Properties.
| Property | Description |
| meraki.org.id | Set this property on organization devices only. For a list of organizations and their respective IDs, visit https://developer.cisco.com/meraki/api/#!get-organizations.* |
| meraki.network.id | Set this property on network devices only. For a list of networks and their respective IDs, visit https://developer.cisco.com/meraki/api/#!get-organization-networks. Be sure to enter the organization ID for the organization you wish to see networks on.* |
*Ensure that you set the X-Cisco-Meraki-API-Key header to your API key when running any API requests from https://developer.cisco.com/meraki/api.
Importing LogicModules
From the LogicMonitor public repository, import all Cisco Meraki LogicModules, which are listed in the LogicModules in Package section of this support article. If these LogicModules are already present, ensure you have the most recent versions.
Once the LogicModules are imported (assuming all previous setup requirements have been met), the suite of Meraki DataSources will automatically begin collecting data.
Migration from Legacy DataSources
In June of 2020, LogicMonitor released a new suite of Cisco Meraki DataSources. The new DataSources offer several advantages, including expanded monitoring coverage and improved efficiency for future scalability and support.
The release of these new DataSources serves to deprecate the following legacy Meraki DataSources:
- Meraki_CloudController_DeviceInventory
- Meraki_MR_Interfaces
- Meraki_MR_Stats
- Meraki_MS_Stats
- Meraki_MX_Interfaces
- Meraki_MX_Stats
- Meraki_Z_Interfaces
- Meraki_Z_Stats
If you are currently monitoring Meraki devices using any of these legacy DataSources, you will not experience data loss upon importing the new DataSources. This is because DataSource names have been changed to eliminate module overwriting.
However, you will collect duplicate data and receive duplicate alerts for as long as both sets of DataSources are active. For this reason, we recommend that you disable the above-listed DataSources after importing the new set of DataSources and confirming that they are working as intended in your environment.
When a DataSource is disabled, it stops querying the host and generating alerts, but maintains all historical data. At some point in time, you may want to delete the legacy DataSources altogether, but consider this move carefully as all historical data will be lost upon deletion. For more information on disabling DataSources, see Disabling Monitoring for a DataSource or Instance.
LogicModules in Package
LogicMonitor’s package for Cisco Meraki consists of the following LogicModules. For full coverage, please ensure that all of these LogicModules are imported into your LogicMonitor platform.
| Display Name | Type | Description |
| addCategory_Meraki_API | PropertySource | Identifies if the host is configured for Meraki API access, adds various system auto properties and adds the value of “MerakiAPIOrg” to the system.categories property. |
| Switches | DataSource | Monitors Meraki Switch client connections and operating status. |
| Switch Interfaces | DataSource | Monitors Meraki Switch interface data throughput and packet transmission on a per-network level. |
| Security Appliances | DataSource | Monitors Meraki Security Appliance client connections and operating status. |
| Security Appliance Interfaces | DataSource | Monitors Meraki Security Appliance interface data throughput and packet transmission on a per-network level. |
| Meraki License Status | DataSource | Reports licensing status of a given organization. |
| Meraki Uplink Loss And Latency | DataSource | Returns the uplink loss and latency for every MX in the organization. |
| Meraki Uplink Appliance Status | DataSource | Lists the uplink status of every Meraki MX and Z series appliances in the organization. |
| Meraki Device Count | DataSource | Count of Meraki devices on a per-network level as well as a total count. |
| Meraki API Usage | DataSource | Counts Meraki API usage on a per-org basis. |
| Gateways | DataSource | Monitors Meraki Teleworker Gateway client connections and operating status. |
| Gateway Interfaces | DataSource | Monitors Meraki Teleworker Gateway interface data throughput and packet transmission on a per-network level. |
| Access Points | DataSource | Monitors Meraki Access Point client connections and operating status. |
| Access Point Interfaces | DataSource | Monitors Meraki Access Point interface data throughput and packet transmission on a per-network level. |
When setting static datapoint thresholds on the various metrics tracked by this package’s DataSources, LogicMonitor follows the technology owner’s best practice KPI recommendations. If necessary, we encourage you to adjust these predefined thresholds to meet the unique needs of your environment. For more information on tuning datapoint thresholds, see Tuning Static Thresholds for Datapoints.