Applicable for ENA v17.0 P08 upwards
When alerts are raised via the webhook, Entuity will raise an appropriate event in the Event Management System (EMS).
- for known alert types, a specific event type will be raised in EMS.
- for unknown alert types, a generic event type 'Webhook Alert Received' will be raised.
Webhook-derived events will be like any other Entuity event, and can be forwarded in the same manner (e.g. to BMC TSOM, Slack, Splunk etc), and processed in EMS rules.
Specific events:
In Entuity, known Meraki Webhook alert types are converted to the following Entuity events:
Webhook alert | Entuity event |
---|---|
WebhookAlert_AppliancesCameUp | (From Entuity v20.0 P03 upwards) Meraki: Appliance Came Up |
WebhookAlert_AppliancesWentDown | (From Entuity v20.0 P03upwards)Meraki: Appliance Went Down |
WebhookAlert_APsCameUp | Access Point Came Up |
WebhookAlert_APsWentDown | Access Point Went Down |
WebhookAlert_AirMarshalRogueAPDetected | Air Marshal - Rogue AP Detected |
WebhookAlert_BluetoothClientsHaveBecomeVisible | Bluetooth Clients Have Become Visible |
WebhookAlert_BluetoothClientsHaveGoneOutOfRange | Bluetooth Clients Have Gone Out Of Range |
WebhookAlert_CableErrorDetected | Cable Error Detected |
WebhookAlert_CellularCameUp | Cellular Came Up |
WebhookAlert_CellularWentDown | Cellular Went Down |
WebhookAlert_ClientIPConflictDetected | Client IP Conflict Detected |
WebhookAlert_ClientConnectedToAnotherNetwork | Client Connected To Another Network |
WebhookAlert_ClientConnectivityChanged | Client Connectivity Changed |
WebhookAlert_ClientsAreCompliantWithTheirSecurityPolicy | Clients Are Compliant With Their Security Policy |
WebhookAlert_ClientsAreViolatingTheirSecurityPolicy | Clients Are Violating Their Security Policy |
WebhookAlert_ClientsCameUp | Clients Came Up |
WebhookAlert_ClientsFailingToConnect | Clients Failing To Connect |
WebhookAlert_ClientsHaveEnrolledInOneOfYourNetworks | Clients Have Enrolled In One Of Your Networks |
WebhookAlert_ClientsHaveReenteredTheirGeofencedArea | Clients Have Re-Entered Their Geofenced Area |
WebhookAlert_ClientsHaveViolatedTheirGeofencingPolicy | Clients Have Violated Their Geofencing Policy |
WebhookAlert_ClientsWentDown | Clients Went Down |
WebhookAlert_DHCPLeasesExhausted | DHCP Leases Exhausted |
WebhookAlert_DevicesOperatingAtCriticalTemperature | Devices Operating At Critical Temperature |
WebhookAlert_FailoverEventDetected | Failover Event Detected |
WebhookAlert_GatewayToRepeater | Gateway To Repeater |
WebhookAlert_MDMCertificateWillExpireSoon | MDM Certificate Will Expire Soon |
WebhookAlert_MalwareDownloadBlocked | Malware Download Blocked |
WebhookAlert_MalwareDownloadDetected | Malware Download Detected |
WebhookAlert_MatchingSoftwareInstallationsFound | Matching Software Installations Found |
WebhookAlert_MerakiManagementProfileRemoved | Meraki Management Profile Removed |
WebhookAlert_MotionDetected | Motion Detected |
WebhookAlert_NetworkUsageAlert | Network Usage Alert |
WebhookAlert_NewDHCPServerDetected | New DHCP Server Detected |
WebhookAlert_NewSplashUserRegistered | New Splash User Registered |
WebhookAlert_PowerSupplyCameUp | Power Supply Came Up |
WebhookAlert_PowerSupplyWentDown | Power Supply Went Down |
WebhookAlert_RADIUSAuthenticationServerUnreachable | RADIUS Authentication Server Unreachable |
WebhookAlert_ReturnedToUsingPrimaryPower | Returned To Using Primary Power |
WebhookAlert_RogueAPDetected | Rogue AP Detected |
WebhookAlert_RogueDHCPServerDetected | Rogue DHCP Server Detected |
WebhookAlert_RunningOnBackupPower | Running On Backup Power |
WebhookAlert_SettingsChanged | Settings Changed |
WebhookAlert_SwitchPortConnected | Switch Port Connected |
WebhookAlert_SwitchPortDisconnected | Switch Port Disconnected |
WebhookAlert_SwitchPortLinkSpeedChanged | Switch Port Link Speed Changed |
WebhookAlert_UDLDError | UDLD Error |
WebhookAlert_UPSOutputSourceChanged | UPS Output Source Changed |
WebhookAlert_UnreachableDevicesDetected | Unreachable Devices Detected |
WebhookAlert_UplinkStatusChanged | Uplink Status Changed |
WebhookAlert_VPNConnectivityChanged | VPN Connectivity Changed |
WebhookAlert_UpcomingFirewallInformationChanges | Action Required: Upcoming Firewall Information Changes |
Generic Webhook Event:
Webhook alert | Entuity event |
---|---|
WebhookAlert | Webhook Alert Received |
- this event will be raised on the Entuity server where the Meraki cloud controller is managed.
- the specific Meraki cloud controller will be the event's source. However, if the 'deviceMac' field of the webhook's payload matches the MAC address for a Meraki device managed on that Entuity server, then the event source will instead be set to that device.
- the data provided as the JSON payload of the webhook request will be parsed and made available for processing by Entuity's EMS rules. This means you can write EMS rules that further process the alert and, for example, generate enriched events and incidents.
Comments
0 comments
Please sign in to leave a comment.