Cisco Meraki Log Parsing

r4inxdr0p · April 6, 2019, 5:17am

Hello,

I am having a bit of trouble parsing the following log from my cisco meraki mx64 in Graylog v3.0.1+de74b68:

<134>1 1554527374.766296981 Gateway urls src=10.10.11.188:46301 dst=172.217.0.3:80 mac=9C:E0:63:06:89:CC agent=‘Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.32 Safari/537.36’ request: GET http://connectivitycheck.gstatic.com/generate_204

i can get the device, logtype, src, dst, mac, agent to show as separate fields but am having trouble getting the start of the log and the “request:” data to parse out. anyone have any ideas?

zoulja · April 6, 2019, 7:14am

Please show your current pattern

system · April 20, 2019, 7:14am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Cisco Meraki cant sent Syslog to Graylog Open Graylog Central (peer support) cisco	5	988	August 30, 2023
Cisco on graylog Graylog Central (peer support)	4	1021	October 30, 2023
Cisco Meraki Syslog format Graylog Central (peer support)	3	1503	April 18, 2019
Not receiving logs from Meraki appliances Graylog Central (peer support)	6	770	December 20, 2018
Not receiving syslog from Cisco Meraki Graylog Central (peer support)	15	4585	September 26, 2018

Cisco Meraki Log Parsing

Related Topics