I’ve been using LogDNA for a couple of months now, and it has been instrumental in getting our VPN solution working as we migrate from local users to ActiveDirectory-based authentication. One area that we’re struggling with though is Meraki doesn’t follow the Syslog RFC, so the parsers for LogDNA don’t work properly. Support was able to help get some custom fields ingested, and that helps, but it still isn’t anywhere near where it should be. I started trying to work on something using SyslogNG to pre-parse the logs before sending them on, but I haven’t been able to get it working.
I would imagine I can’t be the first one trying to use Cisco Meraki syslogs, so I’m hoping someone has been able to figure out how to ingest them so that LogDNA can handle them properly.