This article leads you through the process of integrating Cisco Meraki with Red Canary. Follow the procedure from beginning to end. 

Step 1: Red Canary–Create your Red Canary-provided URL

Create a Red Canary provided-URL to send Cisco Meraki alerts for ingestion. 

1. From the navigation menu, click Integrations, and then click Alert Sources.
2. In the search bar, type and then select Cisco Meraki.
3. To configure your new alert source, scroll down and then click Cisco Meraki.
4. Click Edit Configuration. 
5. Enter a Name for your external alert source.  
6. Select a Display Category.
7. Under the Ingest Format/Method dropdown, select Meraki via HTTP. This is the preferred ingest method and generates the best data for investigation and correlation. Please do not use the other available ingest methods.
8. Click Save Configuration.
9. Click Activate it to begin processing alerts. This will generate the URL you will use to send Cisco Meraki alerts to.
   Note: You may need to refresh the page for the URL to appear.
   
   
10.  Copy and save the Red Canary-provided URL. You’ll use this URL in a later step.
    
    

Step 2: Cisco Meraki–Enter your Red Canary-provided URL

Adjust your Cisco Meraki alert settings to send generated alerts to your Red Canary-provided URL.

1. From your Cisco Meraki homepage, click Network-wide, and then click Alerts.
   
   
2. From the Network-wide section, select A rogue AP is detected.
3. From the Security appliance section, select Malware is blocked.
4. From the Security appliance section, select Malware is downloaded.
   Note: Other alert types are allowed but not required.
5. Scroll down to the Webhooks section, and then click Add an HTTPS receiver.
   
   
6. Enter Red Canary in the name field.
7. Enter the URL from Step 1.10.
8. Delete the text in the shared secret field.
9. From the Payload template dropdown select Meraki.
10. Click Test webhook.
    
    
11. Click Save.