This quick start guide will help Accenture MDR customers configure Cisco® Meraki MX to send logs to the Log collection Platform (LCP).
...
Table 1-1: Port requirements for LCP communication.
Source | Destination | Port | Description |
Cisco Meraki MX | LCP | 514 (UDP) | Default port |
Note: Accenture MDR does not support syslog relayers or forwarders. Log forwarding should be done directly from Cisco Meraki MX Security Appliance to the LCP.
Configuring Cisco Meraki MX
To configure Cisco Meraki MX, follow the steps below.
Login to the Meraki dashboard.
On the left pane, go to Configure > Alerts & administration.
...
3. Go to the Logging section and specify the following values:
...
Table 1-2: The Cisco Meraki event collector (Syslog -3758) properties to be configured by MDR are shown in the table.
Property | Default Value | Description |
Protocol | UDP | The default protocol for syslog. Note: Cisco Meraki does not support TCP. |
IP Address | Cisco Meraki MX Interface IP address | Logging device IP address mentioned in the Pre-Installation Questionnaire (PIQ). Note: If the device sends logs using multiple interfaces, contact the Accenture Security MDR onboarding team. |
Port Number | 514 | The default port for UDP. Note: The LCP can be configured to listen on a non-standard port, please advise the MDR onboarding team if this is a requirement. |