Monitor Cisco Meraki firewall traffic using EventLog Analyzer
Firewalls occupy such an important position in networks that it's almost impossible to find a secure network that doesn't have them. Firewall rules act as filters through which transactions have to pass through, both within the network and between networks. If security admins properly monitor these firewall logs, network intrusions can be easily identified at an early stage.
EventLog Analyzer is a log management software that helps admins achieve this. For networks with Cisco Meraki firewalls installed, EventLog Analyzer's out-of-the-box capability to normalize and parse Meraki logs will hold network administrators in good stead. In addition to Meraki devices, this log management tool supports a number of other devices that generate syslogs.
Cisco Meraki firewall traffic reports
EventLog Analyzer doesn't just collect logs. By breaking logs down into smaller pieces and preparing reports from them, EventLog Analyzer presents actionable data.
Here's some important information users can get from EventLog Analyzer's reports on Meraki firewalls:
- Traffic that successfully went through the firewalls.
- Connections denied by the firewalls, classified based on their source, destination, protocol, and port.
- Possible attacks that were recognized from the firewall logs.
- Classification of events based on their severity, such as emergency, alert, critical, error, warning, notice, and so on.
- Trends of logons, website traffic, connections, VPN accesses, and more.
Add more context by correlating your Cisco Meraki firewall logs with log data from the rest of the network to detect potential threats. EventLog Analyzer has over 40 prebuilt correlation rules through which all log data, including log data from Cisco, is channeled to spot anomalies and traces of possible attacks.
In addition to these rules, this software also has a custom rule builder that enables you to construct the rules you need.