Cisco Meraki Alerts Integration Guide

PagerDuty + Cisco Meraki Integration Benefits

  • Unify management of your mobile devices, computers, and the entire network from a centralized dashboard.
  • PagerDuty integrates with the dashboard to alert you when something has gone wrong in your network.

How it Works

  • When an event is generated in Meraki, it sends the event via webhook to PagerDuty, which then creates an incident

Requirements

  • PagerDuty integrations require an Admin base role for account authorization. If you do not have this role, please reach out to an Admin or Account Owner within your organization to configure the integration.

Integration Walkthrough

In PagerDuty

1. From the Configuration menu, select Services.
2. If you are adding your integration to an existing service, click the name of the service you want to add the integration to. Then select the Integrations tab and click the New Integration button. Continue with step 3 (below).
If you are creating a new service for your integration, please read our documentation in section Configuring Services and Integrations and follow the steps outlined in the Create a New Service section, selecting Custom Event Transformer as the Integration Type in step 4. Continue with step 6 (below) once you have finished these steps.

2. On the Event Rules screen, click on the arrow next to Incoming Event Source to display the Integration key information. Copy your Integration Key. This is the same integration key you will use for any other tool you want to integrate with using event rules.

3. Enter an Integration Name in the format `monitoring-tool-service-name` (e.g., Meraki-Shopping-Cart) and select Custom Event Transformer from the Integration Type menu.

4. Click Add Integration button to save your new integration. You will be redirected to the Integrations tab for your service.

5. Click the integration Name to view its details. Copy the Integration URL and keep it in a safe place for later use.

  1. Click Edit Integration and replace the JavaScript code in the editor with the following code and click Save changes:

 

// Consume Meraki Alert via Webhook

var body = PD.inputRequest.body;

 

// Set Alert Severity

var severity = “warning”;

// critical

// error

// warning

// info

// unknown

 

if(body.alertType == “Settings changed”) {severity = “info”;}

if(body.alertType == “Motion detected”) {severity = “info”;}

if(body.alertType == “Network usage alert”) {severity = “warning”;}

if(body.alertType == “APs went down”) {severity = “critical”;}

if(body.alertType == “Uplink status changed” && !body.alertData.uplink) {severity = “critical”;}

 

// Format payload

var cef_event = {

event_type: PD.Trigger,

  description: body.alertType,

severity: severity,

source_origin: body.networkId,

dedup_key: body.alertId,

service_group: body.organizationId,

  event_action: PD.Trigger,

  details: body

}

 

PD.emitCEFEvents([cef_event]);

The above code captures the alert data via a JSON post. The data is then parsed and a severity type is assigned to a specific alertType. These can be adjusted or removed entirely if desired.


Another option is to include logic here to filter out messages based on the body.sharedSecret to match a user defined password. Simply replace the last line of code with this:

 

// Check secret and store event

const SECRET = “asdf1234”;

 

if(body.sharedSecret == SECRET){

  PD.emitCEFEvents([cef_event]);

}

 

In Meraki Alerts

1. Select the Organization and Network you would like to work with.

2. In the Network-wide menu and under Configure, click Alerts. Choose your desired alert settings here. You can use Cisco Meraki to Alert for events such as things like whether “A VPN connection comes up or goes down”, “Malware is downloaded”,. “A power supply goes down”, and more.

3. Under the Network-wide menu, scroll to the Webhooks section and click Add an HTTP server.

4. On the Webhooks screen, use the events API Integration URL (generated in step 5 of the In PagerDuty section above)  and paste it in the URL field. Name the Webhook “PagerDuty”. You do not need to input anything into the Shared secret section.

5. You should now be able to test by hitting the Send test webhook button. If connected properly, the button will turn green and say delivered. If it says failed, check your URL and try again.

6. Scroll back up to the top of the Alerts page and set the new PagerDuty Webhook as a default recipient.

7. Finally, at the bottom of the screen, click Save.

In PagerDuty (cont.)

Under Alerts, you should now see an alert that was generated when you clicked the test button in Meraki Alerts.

FAQs

Can you integrate Cisco Meraki Alerts with multiple PagerDuty services?

Yes, simply click Add an HTTP Server in the Webhooks section in Meraki Alerts and follow from Step 4 of the In Meraki section above

Is the integration a two-way ack/resolve integration?

No, you will still need to resolve incidents in PagerDuty.