f104543715 | ||
---|---|---|
.. | ||
Connector/MerakiConnector | ||
Data Connectors | ||
Package | ||
Parsers | ||
Playbooks | ||
Workbooks | ||
data | ||
CiscoMerakiFlow.png | ||
ConsolidatedTemplate.json | ||
SolutionMetadata.json | ||
linkedtemplate.json | ||
readme.md |
readme.md
Cisco Meraki Logic Apps Custom Connector and Playbook Templates
Table of Contents
- Overview
- Deploy Custom Connector + 5 Playbook templates
- Authentication
- Prerequisites
- Deployment
- Post Deployment Steps
- References
- Limitations
Overview
Cisco Meraki connector connects to Cisco Meraki Dashboard API service endpoint and programmatically manages and monitors Meraki networks at scale.
Deploy Custom connector + 5 Playbook templates
This package includes:
- Custom connector for Cisco Meraki.
- Five playbook templates leverage Cisco Meraki custom connector.
You can choose to deploy the whole package : Connector + all five playbook templates, or each one seperately from it's specific folder.
Cisco Meraki documentation
Authentication
API Key Authentication
Prerequisites for using and deploying Custom connector + 5 playbooks
- Cisco Meraki API Key should be known to establish a connection with Cisco Meraki Custom Connector. Refer here
- Cisco Meraki Dashboard API service endpoint should be known. (e.g. https://{CiscoMerakiDomain}/api/{VersionNumber}) Refer here
- Organization name should be known. Refer here
- Network name should be known.Refer here
- Network Group Policy name should be known. Refer here
Deployment instructions
- Deploy the Custom connector and playbooks by clicking on "Deploy to Azure" button. This will take you to deploying an ARM Template wizard.
- Fill in the required parameters for deploying custom connector and playbooks
Parameter | Description |
---|---|
For Playbooks | |
Block Device Client Playbook Name | Enter the Block Device Client playbook name without spaces |
Block IP Address Playbook Name | Enter the Block IP Address playbook name without spaces |
Block URL Playbook Name | Enter the Block URL playbook name without spaces |
Enrichment IP Address Playbook Name | Enter the IP Address Enrichment playbook name without spaces |
Enrichment URL Playbook Name | Enter the URL Enrichment playbook name without spaces |
Organization Name | Enter the name of Organization |
Network Name | Enter the name of Network |
Group Policy | Enter the name of Group Policy |
For Custom Connector | |
Cisco Meraki Connector Name | Enter the name of Cisco Meraki custom connector without spaces |
Service EndPoint | Enter the Cisco Meraki Service End Point |
Post-Deployment Instructions
a. Authorize API connections
- Once deployment is complete, go under deployment details and authorize Cisco Meraki connection.
- Click the Cisco Meraki connection
- Click Edit API connection
- Enter API Key
- Click Save
b. Configurations in Sentinel
- In Azure sentinel analytical rules should be configured to trigger an incident with risky IP address, URL or Hosts.
- Configure the automation rules to trigger the playbooks.
References
- Cisco Meraki Dashboard API
- Content Filtering - Cisco Meraki
- Layer 3 and 7 Firewall Processing Order - Cisco Meraki
Connector
Playbooks
- Block Device Client - Cisco Meraki
- Block IP Address - Cisco Meraki
- Block URL - Cisco Meraki
- Enrichment IP Address - Cisco Meraki
- Enrichment URL - Cisco Meraki
Known Issues and Limitations
- Need to authorize the api connections after deploying the playbooks.
- For Block Device Client Playbook, While configuring the rule in Azure Sentinel - Device Client MAC needs to be mapped with hostname in Host entity.