Overview

IT Service Management tools are fundamental in running a business. While dashboard offers an all-encompassing overview of your Meraki organization, adding your networks to your existing service management tools is as simple as leveraging our Dashboard APIs. Whether creating incident tickets due to critical outages or following best practices from Information Technology Infrastructure Library (ITIL), industries need insight into their network. There are multiple IT Service Management platforms available for integration such as ServiceNow and integration Platforms as a Service like Built.io Flow can help enable organizations to create workflows for:

  • Alerting for network outages, changes or even assist in troubleshooting end-user incidents
  • Network provisioning and deployment
  • Change Management tracking
    This guide will focus on showing individuals how to create these workflows. Your organization can customize based on your organization’s needs.

Network Alerting

Configuring Network Alerts

Network alerts can be configured in Dashboard under Network-wide > Configure > Alerts.

Network alerts can be configured by specifying the Default recipients for all selected alerts, and by configuring additional recipients on a per-alert basis. There are two options to denote who will receive emailed alerts:

  • All network admins
    This will send email alerts to all network administrators, including Monitor and Read-only network admins. This does not include any of the Organization admins.
  • Other email addresses
    This allows for a custom list of recipients, where email alerts will go to all email addresses listed. To specify other email addresses, type an email address into the Default recipients field and hit enter.

 

The following screenshot shows an example network alerts configuration on a combined network:

General Alerts

The following alerts can be configured on multiple Cisco Meraki products:

  • A VPN connection comes up or goes down
    Available on both the MR and MX platform, sends an email if a configured VPN tunnel goes up or down.
  • Configuration settings are changed
    Available on all platforms, sends an email if any configuration change is made in Dashboard.
  • Network usage exceeds
    Available on all platforms, sends an email if network usage exceeds a predetermined amount.

MX Alerts

Alerts can be configured for the following MX Security Appliance events:

  • The security appliance goes offline for more than (x) minutes
    Sends an email if the MX is unreachable from Dashboard for the configured number of minutes. Please note that the MX may still be functioning, this only indicates that it is unable to contact Dashboard.
  • The primary uplink status changes
    Sends an email if the status of the primary uplink changes, which could be a failover event or downed link.
  • The DHCP lease pool is exhausted
    Indicates that the MX has run out of available IPs in one or more of its configured DHCP scopes, and is unable to provide an IP address to a requesting client.
  • An IP conflict is detected
    Sends an email if the MX has observed traffic from multiple MAC addresses, using the same IP address.
    Note: Due to the nature of certain device types, this event may occur as a result of normal network behavior. For a common example, please refer to our documentation regarding IP Conflicts Triggered by iOS Devices.
  • Cellular connection state changes
    Sends an email if the cellular modem moves into or out of the “Active” state, indicating that the MX has failed over to (or back from) its cellular connection.
  • A rogue DHCP server is detected
    Sends an email if the MX observes multiple MAC addresses responding to DHCP Discover or DHCP Request messages. This can occur if a DHCP relay server is configured on a VLAN where the MX is configured to respond to DHCP.
    For more information, please refer to our documentation regarding DHCP configuration in Dashboard.
  • A warm spare failover occurs
    Sends an email if the primary MX of a High Availability pair fails over to the spare, or vice-versa.
    For more information, please refer to our documentation regarding Troubleshooting MX Warm Spare.
  • (Monitored) Clients connect or disconnect from the LAN
    Sends an email if select clients connect or disconnect from the LAN, as observed by the MX. When enabled, the list of clients to monitor can be configured under the Client monitoring section of the same page:

Wireless MX/Z1 AlertsThe following additional alert is available for wireless MX devices or the Z1 Teleworker Gateway:

  • Rogue APs are detected
    Sends an alert if a rogue AP is detected on the network.

MS Alerts

Alerts can be configured for the following MS Switch events:

  • A switch goes offline for more than (x) minutes
    Sends an email if a switch is unreachable from Dashboard for the configured number of minutes. Please note that the switch may still be functioning, this only indicates that it is unable to contact Dashboard.
  • Any/specific switch port(s) goes down for more than (x) minutes
    Sends an email if the switch port(s) specified goes down for more than the configured number of minutes.
  • Any/specific switch port(s) detects a cable error
    Sends an email if the switch port(s) specified detects an issue with the connected cable.
  • Any/specific switch port(s) changes link speed
    Sends an email if the switch port(s) specified renegotiates or fails over to another link speed.
  • A new DHCP server is detected
    Sends an email if a DHCP Offer, ACK, or NACK message from a new MAC address (not seen in the last month) is observed by the switch.

MR Alerts

Alerts can be configured for the following MR Access Point events:

  • A gateway goes offline for more than (x) minutes
    Sends an email if any gateway AP is unreachable from Dashboard for the configured number of minutes. Please note that the AP may still be functioning this only indicates that it is unable to contact Dashboard.
  • A repeater goes offline for more than (x) minutes
    Sends an email if any repeater AP is unreachable from the Dashboard for the configured number of minutes.
  • A gateway becomes a repeater
    Sends an email if a gateway AP loses its link to the network, and comes online as a repeater.
    For more information on this behavior, please refer to our documentation regarding Gateway vs. Repeater APs.
  • An access point detects rogue APs
    Sends an alert if a rogue AP is detected on the network.

SM Alerts

System Manager offers a number of advanced alert options, unique from the rest of the Meraki product line.

For more information about SM alerts, please refer to our product documentation.

 All network alerts will be sourced from the same email address. To ensure that alerts are not being lost to a spam filter, please be sure to add [email protected] as a trusted email source.

Built.io Flow Integration

Log into your Built.io Flow Enterprise account and choose “Blank Workflow”.  Create a trigger from an email service of choice, in this instance, Gmail was chosen.  Add the account as well as keywords or labels for the alerts.  For the Gmail account, [email protected] emails are labels as “Network” emails as a clear indicator as to generate a ticket in ServiceNow.

Choose a ServiceNow workflow, in this example, the option chosen is  “Create an Incident”.

In the workflow, organizations have the option to customize various fields for generating the ticket in ServiceNow.  Once the workflow is complete, save and turn on the workflow.

In the event an alert is triggered, the workflow will create a ticket in ServiceNow as seen below.