Upload
others
View
14
Download
0
Embed Size (px)
Citation preview
Integrate Salesforce EventTracker V9.x or above
Publication Date: June 10, 2019
1
Integrate Salesforce
Abstract This guide provides instructions to configure Salesforce to send the log to the EventTracker. Once the log is
being configured to send to the EventTracker, alerts, and reports can be configured into the EventTracker.
Scope The configurations detailed in this guide are consistent with the EventTracker version 9.x and later,
Salesforce.
Audience Administrators who are responsible for monitoring Salesforce which is running using the EventTracker.
The information contained in this document represents the current view of Netsurion on the issues
discussed as of the date of publication. Because Netsurion must respond to changing market
conditions, it should not be interpreted to be a commitment on the part of Netsurion, and Netsurion
cannot guarantee the accuracy of any information presented after the date of publication.
This document is for informational purposes only. Netsurion MAKES NO WARRANTIES, EXPRESS OR
IMPLIED, AS TO THE INFORMATION IN THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user. Without limiting the
rights under copyright, this paper may be freely distributed without permission from Netsurion, if
its content is unaltered, nothing is added to the content and credit to Netsurion is provided.
Netsurion may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Netsurion, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
The example companies, organizations, products, people and events depicted herein are fictitious.
No association with any real company, organization, product, person or event is intended or should
be inferred.
© 2019 Netsurion. All rights reserved. The names of actual companies and products mentioned
herein may be the trademarks of their respective owners.
2
Integrate Salesforce
Table of Contents Abstract ............................................................................................................................................................. 1
Scope ................................................................................................................................................................. 1
Audience ............................................................................................................................................................ 1
Overview ................................................................................................................................................................ 3
Prerequisites .......................................................................................................................................................... 3
Configuring the Salesforce to forward logs to EventTracker ................................................................................ 3
Salesforce Knowledge Pack ................................................................................................................................... 9
Alerts ................................................................................................................................................................. 9
Flex Reports ....................................................................................................................................................... 9
Dashboards ...................................................................................................................................................... 15
Importing Salesforce knowledge pack into the EventTracker ............................................................................ 19
Alerts ............................................................................................................................................................... 19
Parsing Rules.................................................................................................................................................... 21
Flex Reports ..................................................................................................................................................... 22
Knowledge Objects .......................................................................................................................................... 24
Dashboards ...................................................................................................................................................... 26
Verifying Salesforce knowledge pack in EventTracker ........................................................................................ 28
Knowledge Object ........................................................................................................................................... 28
Flex Reports ..................................................................................................................................................... 28
Alerts ............................................................................................................................................................... 30
3
Integrate Salesforce
Overview The Salesforce Lightning Platform delivers tools and services to automate your business processes, integrate with external applications, provide responsive layouts and more. EventTracker integrates and examines logs generated by the Salesforce to help an administrator to monitor
the Salesforce events.
Prerequisites • EventTracker v9.x should be installed.
• Administrative access to Salesforce Lightning Platform.
• PowerShell version 5.0 is required.
Configuring the Salesforce to forward logs to EventTracker
Configuring the Salesforce to forward logs to a syslog server
creating Connected Apps In Lightning Experience,
1. Log into the Salesforce click the Settings > Setup in the upper right, next to your account name.
Figure 1
2. Navigate to Platform Tools > Apps, under App Manager, click New Connected App:
4
Integrate Salesforce
Figure 2
3. While using Salesforce Classic, from Setup, enter Apps in the Quick Find box, then select Build > Create > Apps. Under Connected Apps, click New.
4. Enter the required basic information (Connected App Name, API Name, and Contact Email).
• Connected App Name: EventTracker Logger.
• API Name: EventTracker Logger.
• Contact Email: (your email id)
5
Integrate Salesforce
Figure 3
5. Select enable OAuth Settings under API (Enable OAuth Settings).
6. Enter your callback URL: (https://YOUR_DOMAIN/login/callback)
Example: (https://localhost/login/callback)
7. Access and manage your data (api) - Allows access to the logged-in user’s account using APIs, such as REST API and Bulk API. This value also includes chatter api, which allows access to Chatter REST API resources.
8. When you are finished entering the information, click Save. You can now publish your app.
9. Once your app is registered, the page will display your Consumer Key and Consumer Secret:
6
Integrate Salesforce
• Consumer Key: A value used by the consumer to identify itself to Salesforce, referred to as client_id
• Consumer Secret: A secret used by the consumer to establish ownership of the consumer key, referred to as client_secret
Figure 4
To obtain a security token 1. In Lighting Experience, go to the Settings –> My Personal Information –> Reset My Security Token.
Figure 5
2. Click Reset Security Token, the new security token is sent to the email address in your Salesforce personal settings.
7
Integrate Salesforce
Figure 6
NOTE: A new security token is emailed when a password is reset, or the token can be reset separately. Once the token is reset, the old token cannot be used in the API applications and in the desktop clients.
To configure Salesforce EventTracker Integrator 1. Get Salesforce integration from the EventTracker support.
2. Extract the KP-Salesforce.zip in the folder.
3. Run SalesForceIntegrator.exe located in the integrator folder with administrator privilege.
Figure 7
8
Integrate Salesforce
4. Fill the details in the Salesforce Integrator Form, which is shown below:
Figure 8
5. Kindly fill the following details in integration form
• API Client ID is the Consumer Key we got from app creation.
• API key is the Consumer Secret we got from app creation.
• User name: The user who are privileged to view the event.
• Password: Password for the user.
• Security code: we obtain from the previous methods.
• InstanceURL: example (https://example.my.salesforce.com) replace example.my.salesforce.com with your Salesforce instance URL.
• System Name: Is the name of the system where salesforce logs will be collected under EventTracker.
6. Click the OK button. 7. Once Salesforce is configured, you will get the message as shown in the below image.
Figure 9
9
Integrate Salesforce
Salesforce Knowledge Pack Once logs are received into EventTracker Categories, Alerts, Reports, and Dashboards can be configured into
EventTracker. The following knowledge packs are available in EventTracker to support Salesforce monitoring.
Find the specified knowledge pack in the following sequences-
• Alerts
• Flex Reports
• Dashboard
Alerts 1. Salesforce: User login failed - This alert is generated when the “user login failed” events are detected.
2. Salesforce: Content transfer - This alert is generated when any content transfer events occur, such as
downloads, uploads, and previews.
3. Salesforce: Document attachment downloads – This alert is generated when any document and attachment
downloads.
4. Salesforce: Insecure external assets - This alert is generated when assets include images or videos accessed
by users over an insecure HTTP protocol.
Flex Reports
• Salesforce - User login details: This report provides details about your organization’s user login-logout
history.
Figure 10
10
Integrate Salesforce
Sample Log:
• Salesforce - Apex event details: This report contains details about callouts (external requests) during
Apex code execution, Apex classes that are used and details about triggers that fire in an organization.
Figure 11
class PSCustomObject
{
EVENT_TYPE = Login
TIMESTAMP = 20190529145606.253
REQUEST_ID = 4PBjAEJaxDKurJYUCkReE-
ORGANIZATION_ID = 00DE0000000dG5a
USER_ID = 0050L000009eSCY
RUN_TIME = 112
CPU_TIME = 25
URI = /_ui/identity/oauth/ui/AuthorizationPage
SESSION_KEY = zQ7xR90Q0AlmJxcL
LOGIN_KEY = JF2qaTLbo/qv4dPv
REQUEST_STATUS = F
DB_TOTAL_TIME = 90045855
BROWSER_TYPE = SalesforceMobileSDK/5.30.0 iOS/12.1 (iPad) FieldServiceApp/5.4.0(1299) Native uid_49D3A74C-8560-473E-833F-298A256A168E
ftr_PN.UA.US
API_TYPE =
API_VERSION = 9998.0
USER_NAME =
TLS_PROTOCOL = TLSv1.2
CIPHER_SUITE = ECDHE-RSA-AES256-GCM-SHA384
TIMESTAMP_DERIVED = 2019-05-29T14:56:06.253Z
USER_ID_DERIVED = 0050L000009eSCYQA2
CLIENT_IP = 184.207.250.19
URI_ID_DERIVED =
LOGIN_STATUS = LOGIN_NO_ERROR
SOURCE_IP = 184.207.250.19
}
11
Integrate Salesforce
Sample Log:
• Salesforce - API events detail: This report provides details about your organization’s web services API
activity and REST-specific requests.
Figure 12
class PSCustomObject
{
EVENT_TYPE = ApexCallout
TIMESTAMP = 20190529141717.139
REQUEST_ID = 4PBh24Af4dQd9_mt-SM4q-
ORGANIZATION_ID = 00DE0000000dG5a
USER_ID = 005E00000045acz
RUN_TIME =
CPU_TIME =
URI = CALLOUT-LOG
SESSION_KEY =
LOGIN_KEY =
TYPE = REST
METHOD = POST
SUCCESS = 0
TIME = 10013
REQUEST_SIZE = -1
RESPONSE_SIZE = -1
URL = https://lti.smartsheet.com/sfdc_logger
TIMESTAMP_DERIVED = 2019-05-29T14:17:17.139Z
USER_ID_DERIVED = 005E00000045aczIAA
CLIENT_IP =
URI_ID_DERIVED =
}
12
Integrate Salesforce
Sample Log:
• Salesforce - Document attachment downloads: This report contains details of document and
attachment downloads.
Figure 13
class PSCustomObject
{
EVENT_TYPE = RestApi
TIMESTAMP = 20190529145622.619
REQUEST_ID = 4PBjBAHEW53H40F1v8MFX-
ORGANIZATION_ID = 00DE0000000dG5a
USER_ID = 0050L000009eSCY
RUN_TIME = 246
CPU_TIME = 7
URI = /services/data/v44.0/sobjects/ServiceResource/describe/compactLayouts/primary
SESSION_KEY = E2CnMuYXGbuD9HLc
LOGIN_KEY = JF2qaTLbo/qv4dPv
REQUEST_STATUS = S
DB_TOTAL_TIME = 178584701
METHOD = GET
MEDIA_TYPE = application/json;charset=UTF-8
STATUS_CODE = 200
USER_AGENT = 21000001
ROWS_PROCESSED =
NUMBER_FIELDS =
DB_BLOCKS = 226
DB_CPU_TIME = 10
REQUEST_SIZE = 0
RESPONSE_SIZE = 6141
ENTITY_NAME = ServiceResource
TIMESTAMP_DERIVED = 2019-05-29T14:56:22.619Z
USER_ID_DERIVED = 0050L000009eSCYQA2
CLIENT_IP = 192.168.22.11
URI_ID_DERIVED =
}
13
Integrate Salesforce
Sample Log:
• Salesforce - URI Event: This report provides information related to user interaction with the web
browser UI.
Figure 14
class PSCustomObject
{
EVENT_TYPE = DocumentAttachmentDownloads
TIMESTAMP = 20190529135651.977
REQUEST_ID = 4PBfwLpBZRs86GF1v8MFX-
ORGANIZATION_ID = 00DE0000000dG5a
ENTITY_ID = 0150L00000AvIGY
FILE_TYPE = image/png
USER_ID = 000000000000000
TIMESTAMP_DERIVED = 2019-05-29T13:56:51.977Z
USER_ID_DERIVED = 000000000000000AAA
}
14
Integrate Salesforce
Sample Log:
• Salesforce - Visualforce event details: This report contains details of Visualforce requests. Requests can
originate from the browser (UI).
Figure 15
class PSCustomObject
{
EVENT_TYPE = URI
TIMESTAMP = 20190529141727.450
REQUEST_ID = TID:284733000078879998
ORGANIZATION_ID = 00DE0000000dG5a
USER_ID = 0050L000009eSCX
RUN_TIME = 283
CPU_TIME = 246
URI = /aura
SESSION_KEY = TsVHFgLyf7DUFsYm
LOGIN_KEY = PehvcjrYzYhyxvpG
REQUEST_STATUS =
DB_TOTAL_TIME = 18900106
DB_BLOCKS = 236
DB_CPU_TIME = 10
REFERRER_URI = nybc-lightning-force-com/lightning/r/Case/5000L00001HpAXjQAN/view
TIMESTAMP_DERIVED = 2019-05-29T14:17:27.450Z
USER_ID_DERIVED = 0050L000009eSCXQA2
CLIENT_IP = 10.55.88.22
URI_ID_DERIVED =
}
15
Integrate Salesforce
Sample Log:
Dashboards
• Salesforce All Events Detail:
Figure 16
class PSCustomObject
{
EVENT_TYPE = VisualforceRequest
TIMESTAMP = 20190529140450.609
REQUEST_ID = 4PBgN5sn8tgfY4mt-SU1N-
ORGANIZATION_ID = 00DE0000000dG5a
USER_ID = 0050L000009eSCX
RUN_TIME = 1928
CPU_TIME = 219
URI = /apex/fsl__vf0996_workorderchatter
SESSION_KEY = xBA1y2y3WxLgx7rF
LOGIN_KEY = PehvcjrYzYhyxvpG
REQUEST_STATUS = S
DB_TOTAL_TIME = 301179366
PAGE_NAME = /apex/fsl__vf0996_workorderchatter
REQUEST_TYPE = page
IS_FIRST_REQUEST = 1
QUERY = ?id=0WO0L000000aK40WAE
HTTP_METHOD = GET
USER_AGENT = 13074000
REQUEST_SIZE = -1
RESPONSE_SIZE = 230654
VIEW_STATE_SIZE = 0
CONTROLLER_TYPE = 1
MANAGED_PACKAGE_NAMESPACE = fsl
IS_AJAX_REQUEST = 0
DB_BLOCKS = 3308
DB_CPU_TIME = 120
TIMESTAMP_DERIVED = 2019-05-29T14:04:50.609Z
USER_ID_DERIVED = 0050L000009eSCXQA2
CLIENT_IP = 192.168.22.11
URI_ID_DERIVED =
}
16
Integrate Salesforce
• Salesforce User Login Activity By User:
Figure 17
• Salesforce User Login Details By Geo-Location:
Figure 18
17
Integrate Salesforce
• Salesforce User Login Details By Status:
Figure 19
• Salesforce User Login Details By URL:
Figure 20
18
Integrate Salesforce
• Salesforce Content Transfer Activities:
Figure 21
• Salesforce Document Attachment downloads:
Figure 22
19
Integrate Salesforce
• Salesforce URI Details by Destination IP:
Figure 23
Importing Salesforce knowledge pack into the
EventTracker Find the specified knowledge pack in the following sequences-
• Alerts
• Parsing Rule
• Flex Reports
• Knowledge Objects
• Dashlets
Alerts 1. Launch EventTracker Control Panel.
2. Double click Export-Import Utility.
20
Integrate Salesforce
Figure 24
3. Click the Import tab.
4. Select the Alert option.
5. Click on Browse button and select the file path.
6. Click on Import.
21
Integrate Salesforce
Figure 25
7. Alerts are now imported successfully.
Figure 26
Parsing Rules On EventTracker Control Panel,
1. Click the Import tab.
2. Select the Token value option.
3. Click on Browse button and select File path.
22
Integrate Salesforce
4. Click on Import.
Figure 27
5. Tokens Values are now imported successfully.
Figure 28
Flex Reports On EventTracker Control Panel,
1. Click Reports option and select new(.etcrx) from the option.
23
Integrate Salesforce
Figure 29
2. Locate the file named Reports_ Salesforce.etcrx and select all the checkbox.
24
Integrate Salesforce
Figure 30
3. Click the Import button to import the reports. EventTracker displays a success message.
Figure 31
Knowledge Objects 1. Login to EventTracker console.
2. Click on Knowledge objects under the Admin option in the EventTracker page.
25
Integrate Salesforce
Figure 32
3. Locate the file named KO_ Salesforce.etko
Figure 33
4. Now select all the checkbox and then click on the ‘Upload’ option.
Figure 34
26
Integrate Salesforce
5. Knowledge objects are now imported successfully.
Figure 35
Dashboards 1. Open EventTracker in the browser and log in.
Figure 36
2. Navigate to My Dashboard.
3. Click on Import configuration icon on the top right corner.
4. In the popup window browse the file named Dashboard_Salesforce.etwd.
Figure 37
5. Now select all the checkbox and then click on the Import option.
27
Integrate Salesforce
Figure 38
6. Click ‘customize’ to locate and choose created Dashlets.
7. Click Add to add Dashlets to the dashboard.
Figure 39
28
Integrate Salesforce
Verifying Salesforce knowledge pack in EventTracker
Knowledge Object 1. In the EventTracker web interface, click the Admin drop-down, and then click Knowledge Objects.
2. In the Knowledge Object tree, expand the Salesforce group folder to view the imported Knowledge
objects.
Figure 40
Flex Reports 1. In the EventTracker web interface, click the Reports icon, and then select the Report Configuration.
29
Integrate Salesforce
Figure 41
2. In Reports Configuration pane, select a Defined option.
3. Click on the Salesforce group folder to view the imported Salesforce.
Figure 42
30
Integrate Salesforce
Alerts 1. In the EventTracker web interface, click the Admin icon, and then select Alerts.
Figure 43
2. In the Alert search bar, we can search the alert name and view the imported Salesforce.
Figure 44