Skip to main content

 

Cisco Meraki Documentation

How to Use CloudShark with Dashboard Packet Captures

  1. Last updated
  2. Save as PDF

by Scott Spiering

CloudShark is a tool you can use to analyze and view packet captures taken on the Meraki dashboard. After setting up CloudShark, you will have the option to output your packet captures to CloudShark. Depending on what plan you have purchased, captures can be uploaded to CloudShark's public servers or to your private CloudShark appliance. 

For more information about Cloudshark and its features, refer to CloudShark documentation.

Prerequisites 

Before configuring CloudShark with dashboard, ensure you have the following: 

  • A CloudShark account (public or enterprise plan) 
  • Access to the Cisco Meraki dashboard 
  • A CloudShark hostname and upload/API token (retrieved from your CloudShark account) 
  • If using a dedicated CloudShark appliance with a self-signed SSL certificate: access to that certificate file 

Step-by-step instructions

Configure CloudShark

  1. Log into your CloudShark account.
  2. Click the Preferences drop-down on the top right-hand corner of the screen, and select API Tokens:
    Cloudshark API token
  3. Copy the hostname and upload token. You will need to enter this information into the dashboard.
    Hostname and API Token from CloudShark

Configure dashboard

  1. In Dashboard, navigate to Network-wide > Configure > General.
  2. Under the Packet capture section, set CloudShark integration to Enable CloudShark integration.
  3. Enter the following information from CloudShark:
  • CloudShark URL: Enter the hostname as gathered from CloudShark. Unless you are using an enterprise CloudShark account, this will always be https://www.cloudshark.org.
  • CloudShark API key: Enter the API key as gathered from CloudShark.
  • Use self-signed SSL certificate: If you are using a dedicated CloudShark appliance and have opted to use a self-signed certificate for SSL, set this option to yes and click Upload a certificate to upload the self-signed certificate.

Enabling Cloudshark integration on the Dashboard

4. Click Save Changes.

Using CloudShark with dashboard

To take a packet capture in the dashboard and view the capture in CloudShark: 

  1. In Dashboard, navigate to Network-wide > Monitor > Packet Capture
  2. Set the device type, interface, and duration as needed. Refer to the Packet Capture Overview documentation for more info on each option. 
  3. Set the Output to Stream to CloudShark
  4. Click Start to start the capture. Once the capture is running, click View Capture on CloudShark to view captured traffic on CloudShark. 

Troubleshooting

If the capture fails or dashboard returns an error, check the following: 

  • Incorrect URL format: 
    • The CloudShark URL in the dashboard must be a full URL, including the leading https://.
    • URLs such as cloudshark.org or www.cloudshark.org will not work. 

  • Server returned HTTP response code: 400 for URL:

    • Verify that the CloudShark plan supports the capture size. 

    • Verify that the CloudShark upload limit was not exceeded.

    • Verify that the CloudShark capture size limit was not exceeded. 

    • This error can also indicate that the capture was corrupted during generation.

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Reference
    Stage
    Final
  2. Tags
    1. cloudshark
    2. CS_12432
    3. packet capture