You’ve been hearing about the Cisco Meraki APIs and all they can do. Maybe you’ve even started learning and have already been using the APIs but you still aren’t sure about everything you can do with them. It is a fact that Systems Administrators and Network Engineers who manage Meraki can benefit enormously from the potential that the Cisco Meraki APIs possess.
Here we’re going to take a look at some interesting use cases and some concrete examples to see exactly how we can leverage them.
There’s plenty of use cases with the APIs but we’re going to focus on some of the most useful and common ones: the use cases that could be applicable to everyone, regardless of network and infrastructure type.
Note: Some great use cases are already covered on the Cisco DevNet code exchange, so I would definitely take a look there too. The exchange is a great place to start seeing excellent examples of scripting written by real professionals.
The Cisco Meraki APIs can be used for such a wide array of activities that it can often become overwhelming to understand where to even begin. From bulk configuration changes and reporting to analytics, the scope varies immensely.
We’re going to try to touch on a wide variety of use cases so you can gain a better holistic understanding of the Meraki APIs. Even if we don’t touch on exactly what you need, by following the use cases here you’ll learn how to write scripts for your own specific use cases.
We’ll be updating this article regularly with more use cases and scripts, so be sure to subscribe to the newsletter if you want to stay up to date with the latest information!
The Meraki API allows you to draw in plenty of information from the dashboard using GET API calls. Although the native Meraki dashboard does a great job of providing a variety of reports, these are often restricted to certain time frames and sets of information. Using the dashboard API instead allows engineers to get much more flexible and creative in how they create reports.
Whether you need this information to present to your team, your manager or your customers, being able to get exactly what you need can be a big help. If you can manage to learn a little bit of data visualization with Python too, then you’re all set to automate a task that might otherwise cost you a lot of time.
This use case really shines when the Meraki dashboard does not natively support the kind of reports you’re looking to create. In these scenarios, the APIs are your only option to read information from the dashboard to create those reports.
Some examples would be these scripts to Get clients for a certain device or List clients for an entire organization. The latter even creates the CSV file for you so simply running the script creates the report with all the information in an organized manner.
Unless you’re working with the Meraki templates, you know how much of a task it can be to make a single change across all of your sites. Want to simply add a firewall rule or an SSID to 300 networks? There goes your day.
By using the APIs, these cumbersome and mundane operations can be completely automated. Learning once to harness the APIs for these types of changes could eventually save you countless hours, especially if you find yourself having to make these changes often. The ability to push out changes at scale also enables users to ensure a much greater level of control and standardization across their Meraki sites. This is of course due to the advantages that automation brings over manual work, where human error can often cause bigger problems later on.
Check out the Meraki API endpoints to see all the changes you can make at the network level. This type of automation isn’t restricted to changes however, and can also be used to provision large numbers of new networks and devices during the setup phase.
Changing things across many networks is great, but what about those engineers who manage multiple organizations? What about service providers that manage tons of organizations?
The Meraki dashboard is quite powerless when it comes to making changes across multiple organizations, but the APIs on the other hand are perfect for these types of use cases.
Of course, the ideas mentioned above for networks can also be applied to organizations. Some great examples would include standardizing alert settings for all networks in all organizations you are managing.
Some settings however exist only at the organization level. Within the Meraki dashboard you can set the firmware schedules for an entire organization, but having to manage firmwares across many organizations can be a massive challenge for admins, especially as Meraki updates their firmwares quite frequently. This script I wrote allows you to automate firmware scheduling and versions for all organizations on which you have write access.
There are many such changes that you can make at the organization level. Adding or removing administrators at scale would be a great example of another very common use case.
Anything to do with moving Meraki devices or networks to different organizations is best done with the API.
Whether you’re combining multiple organizations into one or splitting an organization, scripting the process will minimize human error and ensure that all configurations are copied over as efficiently as possible. This is where you can get started using the APIs available at the device level, which can be used to read and change specific device configurations. Automating this entire operation is the only way to ensure that network downtime is minimized.
In most cases, users want to migrate their entire network (including devices) into a different organization. Because Meraki devices lose their configuration when removed from a network and an organization, there really isn’t an intelligent way to do this within the native Meraki dashboard. Unfortunately, there’s also no way to copy configurations for a network from one organization to another.
This process is simplified by the APIs and you can also find some examples in the Cisco DevNet Exchange link. The scripts for copying networks, copying device configurations and moving devices can be combined to do this process as quickly as possible. I personally wrote some additional functions to help verify these migration processes by comparing network and device configurations that can be found here.
If you’ve ever dreaded going through each configuration page, network by network, then the APIs could be a game changer for you. There is no simple way within Meraki to ensure that your networks match the security regulations your company has defined. Although networks can be compared, what if you want to make sure that every single network in your fleet has a certain firewall rule or content filtering policy in place? Rather than mindlessly scrolling through the entire scope of the dashboard, you can save yourself a ton of time and energy by making a relatively simple script that loops through every network and checks if it contains a specific configuration. For example, you could use this API call to read the configurations you have for a certain port, and simply compare that to a text string to ensure that the correct configurations are present in each network.
You can also do this for your entire security posture if you’re advanced enough. This is definitely worth the investment as you simply have to run the same script each time you need to audit your networks! Although it seems like a daunting task at first, in the long run it could not only save you hours but give you the ability to create reports based on those audits and deliver results far more quickly.
Monitoring is certainly one of the areas where the Meraki dashboard has some missing features. Although the tools they have for monitoring work very well, there are often unique cases based on the infrastructure that would warrant a separate monitoring system. Perhaps you want to see the Site to Site VPN status for all of your sites, or you want to monitor the status of all your WANS, as we know Meraki doesn’t send an alert when a second WAN drops.
Being able to monitor failovers, statuses and traffic from a higher level is easily doable with the Meraki API. Creating your own monitoring scripts allow you to pull information much faster but also allow you to visualize information that otherwise may not be easily accessible on the dashboard. Many companies already offer additional monitoring capabilities for Meraki that are built on the APIs. These can be found on the Meraki marketplace.
The more difficult piece of this puzzle will be building the appropriate visuals and alerting system. Creating a dashboard means configuring not only the Meraki APIs but having to deal with databases, servers and UI as well.
If you’re smart about it, you can use the APIs to overcome the greatest hurdle every brand new Meraki organization faces: Deployment.
Unless it’s a one or two network organization, the provisioning phase can be a major challenge for network engineers, especially when they are new to Meraki. Even for integrators who’ve been deploying Meraki organizations regularly, the deployment process can be a very cumbersome one that involves many repetitive tasks. By taking advantage of the API you can skip through most of the boring stuff. There’s a few ways you can do this.
Either you can use “create network” calls to initialize networks and/or you can use a stored JSON of configurations to push out settings that you know will be the same regardless of the network or organization.
You can also get creative and read whatever data you’d like to provision from a CSV file as that allows you the most flexibility. This is exactly what we did in the last episode of our 9-day Meraki API course.
Whatever path you choose, there’s no doubt the Meraki APIs will make your deployment easier if you use them correctly.
The Captive Portal API is another great tool provided by Meraki which enables users to build customized splash pages and offer more flexible login solutions for their wifi.
The native Meraki dashboard does offer some functionality for being able to configure splash pages but doesn’t cover all use cases and doesn’t really allow users to get very creative with how their pages are displayed.
Advanced authentication methods, more detailed quality of service and the ability to collect more data are just a few of the additional features that a Captive Portal solution like Boundless Guest can provide.
There’s such a broad spectrum of use cases that can be addressed with the Meraki APIs that it’s impossible to cover everything. We’re going to be focusing specifically on use cases that help engineers manage their networks and organizations in a more streamlined manner, as that is our mission here at Boundless Digital.
It’s absolutely crucial for those working with the APIs to gain insight into what’s possible. In most cases, generic scripts won’t solve your problem exactly the way you need it to be solved. Having an all around understanding allows you to connect different use cases together and build much more powerful scripts.
Life is too short to still be doing things manually when they can be automated!
Get a deep understanding of how to automate low-value and redundant network operations using the Meraki APIs.