tag:blogger.com,1999:blog-25658365407349796042024-03-05T22:51:09.975-08:00Salesforce Hackeratormanhttp://www.blogger.com/profile/12188546691736154200noreply@blogger.comBlogger109125tag:blogger.com,1999:blog-2565836540734979604.post-71830061248903796462019-07-15T10:06:00.005-07:002020-08-08T17:42:53.655-07:00How Trailblazer Identity (TBID) Works with Trailhead and myTrailheadAlmost weekly, I find myself trying to explain how Trailblazer Identity works with both Trailhead and myTrailhead.<br />
<br />
For those that don’t know, Trailhead uses a service called Trailblazer Identity for managing user sign-up and login. Trailblazer Identity is one of the greatest innovations that Salesforce has created. It solves a truly unique problem set: how to unify all the Salesforce community properties such as Trailhead, Trailblazer Community, Dreamforce, Events, AppExchange under a common profile and identity that represents their single user across all Salesforce properties. At the same time, it also supports myTrailhead users within a company who may double up as Salesforce community users. That’s some serious double-thinking going on - you can be a member of several communities, plus access Trailhead, plus access private myTrailhead content - all as the same user! I could be an Independent Software Vendor (ISV) managing my app on AppExchange, a guest at Dreamforce, a partner attending a Trailblazer Community event, a Salesforce learner on Trailhead, or a learner on my own company’s myTrailhead tenant - all within the same day. That is a truly unique problem set that was solved with a single identity service!<br />
<br />
Using Trailblazer Identity means a single person can use many different login identities (Google, Facebook, Salesforce, LinkedIn, Email) for many different use cases in many different user contexts (I’m an ISV, a partner, a learner, an admin, an employee, an event attendee) all going through the same identity service to sign up, login, access different types of content, and view their profile of accomplishments and engagement with Trailhead, myTrailhead, and the Salesforce community. As you can hopefully imagine, there are many different ways Trailblazer Identity interacts with users - whether it’s logging them in either via the web site or single sign-on, linking or merging their identities and users together, signing them up, or managing their settings including their hands-on orgs used for challenges. And it does all of this for both Trailhead and myTrailhead. As a result, there’s some complexity in the identity service which creates an opportunity to educate others how it works.<br />
<br />
When I start explaining Trailblazer Identity in the context of both Trailhead and myTrailhead, I wind up with a white board that looks a little like this:<br />
<br />
<br />
<span id="docs-internal-guid-6a3b6003-7fff-22a3-4307-924db583b4ab"></span><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjf7k0NuR3YrY2vpHLsZIzZMNMKJzsjZlAw3FeUKU1WPRlHqncv0i_B_b2tLrTfIckIF-f3-kmQ63OoS1hjovZFZbrwYuC-knCGSQJ5cJ0LJyqlF5qC0xSUOkEUwMCYwm8BTfbLilvbrYA/s1600/profile1.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="648" data-original-width="874" height="472" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjf7k0NuR3YrY2vpHLsZIzZMNMKJzsjZlAw3FeUKU1WPRlHqncv0i_B_b2tLrTfIckIF-f3-kmQ63OoS1hjovZFZbrwYuC-knCGSQJ5cJ0LJyqlF5qC0xSUOkEUwMCYwm8BTfbLilvbrYA/s640/profile1.png" width="640" /></a></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span face="" style="background-color: transparent; color: black; font-family: arial; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">White board of Trailblazer Identity with Trailhead and myTrailhead</span></div>
<br />
Keep in mind, every myTrailhead user is a Trailhead user. This means that myTrailhead users have full access as first class citizens to public Trailhead content while, at the same time, having access to their organization’s private myTrailhead content.<br />
<br />
In its most basic form, Trailblazer Identity works like this: a new user signs up for Trailhead using a login identity that Trailblazer Identity accepts including:<br />
<br />
<ul>
<li>*Salesforce production org </li>
<ul>
<li>including developer edition and a trial org</li>
</ul>
<li>Google</li>
<li>LinkedIn </li>
<li>Facebook </li>
<li>Email</li>
<ul>
<li>email address/one-time password</li>
</ul>
</ul>
<blockquote class="tr_bq">
*Important Note: sandbox org logins do not work with Trailblazer Identity for login or sign up. This affects Trail Tracker sync later on in this blog post. If you have developers in a sandbox that aren’t already in a production Salesforce org, Trail Tracker won’t be able to load any of their badges. Those developers can still use a different login identity like Google or Facebook; however, their badges won’t sync with Trail Tracker.</blockquote>
<br />
<span id="docs-internal-guid-cf3b1273-7fff-6818-5b01-a2a86c5cf005"></span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhm7AIQt2v3Pg0hdLbQaf3UMYLtbkkjsFsFrs-aSFC_n_gzR8jgdXqeMzSiAdEnPs15_N-ncwY2P9-GcmahBV-hsYArlfzJ_i16MSuRUwuWdSmEveEvTRD41l77WDtqJSUCfNCPXcALayM/s1600/profile3.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="657" data-original-width="404" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhm7AIQt2v3Pg0hdLbQaf3UMYLtbkkjsFsFrs-aSFC_n_gzR8jgdXqeMzSiAdEnPs15_N-ncwY2P9-GcmahBV-hsYArlfzJ_i16MSuRUwuWdSmEveEvTRD41l77WDtqJSUCfNCPXcALayM/s320/profile3.png" width="196" /></a></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span face="" style="background-color: transparent; color: black; font-family: arial; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Web login and sign up options</span></div>
<br />
Now that Trailblazer Identity has some information about the login identity that you’re using to sign up, it asks for some simple information to finish the user registration. All users, including myTrailhead users, must self-register first as a Trailhead user. This guarantees a set of rights for all users based on the <a href="https://trailblazer.me/resource/documents/documents/pdf/TermsOfUse_en_US.pdf" target="_blank">Terms of Service</a> for Trailhead. For instance, an organization can inactivate a production user, removing their access to their private badges. But the organization can't take away access to a user's public badges as long as that user connected a separate, non-production org identity to their Trailhead user. Because everyone must self-register as Trailhead users, there is no way to auto-provision users on Trailblazer Identity such as through an LDAP or Active Directory service.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDIp5aVdew1oijwHBT2kLLNXi7HSgGhnrDWyYOD7LN5-lpbP2uEOBLl44-sRsuxZqxsWAdFegJkGON0nHVv0B-kTjiQc0IVNA-W6MsyxfDp1CuO315uGVv_j2mo_viEVqnQ8bQHTnPijU/s1600/profile4.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="635" data-original-width="650" height="390" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDIp5aVdew1oijwHBT2kLLNXi7HSgGhnrDWyYOD7LN5-lpbP2uEOBLl44-sRsuxZqxsWAdFegJkGON0nHVv0B-kTjiQc0IVNA-W6MsyxfDp1CuO315uGVv_j2mo_viEVqnQ8bQHTnPijU/s400/profile4.png" width="400" /></a></div>
<div style="text-align: center;">
<b>Progressive Profile User Registration</b></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<br /></div>
So the whole login and signup flow looks a little like this on the white board:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgo0lrTqmadxob_5CDnhB5QEZaHdMPi1zZ57mQdozmLSoz_kGwMexlN7iJ6mT1BFvJXx4yUy8hNZytbvKwAr2iXz-MCFGTglWaj9d_gzHgvk-Y1HAvsZboLGStmc_-jv2RpClqt_q01x-U/s1600/image1.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="519" data-original-width="628" height="330" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgo0lrTqmadxob_5CDnhB5QEZaHdMPi1zZ57mQdozmLSoz_kGwMexlN7iJ6mT1BFvJXx4yUy8hNZytbvKwAr2iXz-MCFGTglWaj9d_gzHgvk-Y1HAvsZboLGStmc_-jv2RpClqt_q01x-U/s400/image1.png" width="400" /></a></div>
<div style="text-align: center;">
<b>Login and Signup flows put together</b></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<br /></div>
Keep in mind, the idea is to have a common user across all Salesforce properties based on the user’s email address. If Trailblazer Identity finds that the user already exists with the same email address that you just used to sign-up a new user, then it’ll link the new user with the existing one. This helps keep a user from signing up multiple times and losing track which user or login maps to which badges that they’ve earned.<br />
<br />
If your intention is to create multiple Trailhead users intentionally, for instance if you’re getting ready to do a demonstration to your team but don’t want it to affect your real badges or profile, then you can use a different email address or modify your email. For example, Gmail allows you to add a ‘+’ in your address as a filter which will act like a new email address even if emails will still go to your original address. There’s a great <a href="https://gmail.googleblog.com/2008/03/2-hidden-ways-to-get-more-from-your.html" target="_blank">blog</a> from Google about using filters in email addresses.<br />
<br />
It’s also important to understand that you can use more than one login identity tied to your Trailhead user, so any of the following login identities can be used to login to your single Trailhead User.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWogV6WH38Hm6i7eLbJYb577tPCTjLvUVj752EEzaOzxsk9Vqdc-OgLdkDAU8f42zxfFs6uGbc8X44W3ouD5M-ItBxIVCL4aaYbmx0KnpBH9TEWlhkF7eJgBay_j0QlfLnHgCCIZ9o2vs/s1600/image4.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="238" data-original-width="564" height="166" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWogV6WH38Hm6i7eLbJYb577tPCTjLvUVj752EEzaOzxsk9Vqdc-OgLdkDAU8f42zxfFs6uGbc8X44W3ouD5M-ItBxIVCL4aaYbmx0KnpBH9TEWlhkF7eJgBay_j0QlfLnHgCCIZ9o2vs/s400/image4.png" width="400" /></a></div>
<div style="text-align: center;">
<b>Multiple Logins, Only one of You</b></div>
<div style="text-align: center;">
<br /></div>
That means you can login to Trailhead one day with your Google login identity, the next with your LinkedIn login identity, another day with your Email using a one-time password, and another day using your Salesforce production org user. Logins just tell Trailblazer Identity how to map to the single user they’re associated with. You can also manage all of these login identities under the Settings page within Trailhead, choosing which ones to keep and which ones to disconnect or merge and link.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhp5KR49QCqPT_HD8RBwc3sM77ELN_ylyCNcHOQ26kPM1WnsWoyRXq2HKbf_9qiELlL2x5XXKVnX76cnc7ng4dVG6uchZ2VZXzMgWCrhN2nGuCn860W8lOyExygKvnuDl6xdGZgtpE3FN0/s1600/image5.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="601" data-original-width="1433" height="167" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhp5KR49QCqPT_HD8RBwc3sM77ELN_ylyCNcHOQ26kPM1WnsWoyRXq2HKbf_9qiELlL2x5XXKVnX76cnc7ng4dVG6uchZ2VZXzMgWCrhN2nGuCn860W8lOyExygKvnuDl6xdGZgtpE3FN0/s400/image5.png" width="400" /></a></div>
<div style="text-align: center;">
<b>Manage Login Identities under Settings</b></div>
<div style="text-align: center;">
<br /></div>
Notice that ‘Connect’ button in the last picture? That helps Trailhead to link or merge login identities and even other existing Trailhead users with our user. This is because it’s possible that there are multiple Trailhead users with different email addresses even though in reality, there’s only one of you. If that is the case, you can link or merge them:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW3TvmYjG4i-X6dH1ZF5Mck7sIfW34VqfQIMK3cNjpSPcikklWUU4jlAx62Lm2EBH63iijKcFN95qov9VxVjm0wWhPHL-ZegdUbfcb8A-xZXmpyuFLFJ6hB2A73zGh4Kt7sFef1vRT_3Y/s1600/image11.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="246" data-original-width="497" height="197" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW3TvmYjG4i-X6dH1ZF5Mck7sIfW34VqfQIMK3cNjpSPcikklWUU4jlAx62Lm2EBH63iijKcFN95qov9VxVjm0wWhPHL-ZegdUbfcb8A-xZXmpyuFLFJ6hB2A73zGh4Kt7sFef1vRT_3Y/s400/image11.png" width="400" /></a></div>
<div style="text-align: center;">
<b>Linking or Merging users</b></div>
<div style="text-align: center;">
<br /></div>
The difference between link or merging users is that if the second Trailhead user has any badges, we’ll merge them into the first user before we combine all of their login identities together. Otherwise, Trailhead will just link their login identities to their one-and-only-one Trailhead user.<br />
<br />
And now that you have your single Trailhead user, you can login through the web site by clicking the login button or through single sign-on. To learn more about the single sign-on route, check out this awesome <a href="http://www.salesforcehacker.com/2019/07/using-single-sign-on-with-trailhead.html" target="_blank">blog post</a>.<br />
<br />
Most importantly, now that you have a single user with multiple login identities, you have a single place to share your user’s profile and accomplishments. It doesn’t matter what login identity you use to login, you can access your single Trailhead profile.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhf3lNNO06afBk6U8PfTyPYQvYmnKI2xohv85dlHYqomzTjGyZn8yU7NmWb_36z_G4owHtAeBd8AV0Euyb3ewxg6pyguwbIZJ4iSp4-D6g7-n95LzljwxeKll5ZOqUv9PC5G_nVRwk97OM/s1600/image10.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="803" data-original-width="989" height="323" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhf3lNNO06afBk6U8PfTyPYQvYmnKI2xohv85dlHYqomzTjGyZn8yU7NmWb_36z_G4owHtAeBd8AV0Euyb3ewxg6pyguwbIZJ4iSp4-D6g7-n95LzljwxeKll5ZOqUv9PC5G_nVRwk97OM/s400/image10.png" width="400" /></a></div>
<div style="text-align: center;">
<b>Public Trailhead Badges and Rank</b></div>
<div style="text-align: center;">
<br /></div>
However, if you login with your myTrailhead production org identity, you'll see something slightly different than if you logged in with any of your other login identities. You’ll see both your public Trailhead badges as well as your myTrailhead badges together. And your rank will be based on the combination of both public and private content instead of when you logged in using a non-myTrailhead org login identity where you only saw your rank in the context of public Trailhead badges and points.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxonWq6QRbSgn-BxXLjE0Y0JEyVpGb2hOYfy46xvh6yvpAnaqBY4V46TWvrLtiqJWdvDn39sXG0Ua8XfCxNdlXlAXyjGxzZGtWZf46mXeMyg1n92h1BhQetSNybgU0RkX3fdNcVIgX_2g/s1600/image7.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="755" data-original-width="962" height="313" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxonWq6QRbSgn-BxXLjE0Y0JEyVpGb2hOYfy46xvh6yvpAnaqBY4V46TWvrLtiqJWdvDn39sXG0Ua8XfCxNdlXlAXyjGxzZGtWZf46mXeMyg1n92h1BhQetSNybgU0RkX3fdNcVIgX_2g/s400/image7.png" width="400" /></a></div>
<div style="text-align: center;">
<b>myTrailhead + Public Trailhead Badges and Rank</b></div>
<div style="text-align: center;">
<br /></div>
This may cause your head to spin a little bit. I don’t blame you. One minute you’re a Mountaineer rank and the next you’re a Ranger! The advantage is whether you’re an administrator or developer earning public Trailhead badges, or an employee, end-user, partner or anyone else earning private myTrailhead badges. Your login identity helps establish the context of what you can see including your badges.<br />
<br />
People find Trailhead through a variety of means such as searching Google, following someone on Twitter, and word of mouth. Most of these result in a new Trailhead user signing up via the public Trailhead web site.<br />
<br />
A myTrailhead user will typically become a Trailhead user by clicking through a single sign-on deep link in an email inviting them to earn a badge on myTrailhead. They might also click a single sign-on link from another website like a community or within a chatter post in the Salesforce app. Keep in mind, a Trailhead user must use a Salesforce production org login to access their myTrailhead content - that’s how Trailhead connects the dots between the org they’re logging in from and the myTrailhead tenant they should have access to. After all, it’s possible for a single Trailhead user to have access to multiple myTrailhead tenants of content. If that user already exists and has logged into their production org in another browser tab, Trailhead will log them in automatically. If not, Trailhead will take them through the progressive profile sign up process and then deep link them to the content from the email.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNONJMgnkAbbU-eQ7sBlFWFlC9kajE2aaM0Fsp2BSwZFDgeIAh2yoiT9NjETslQckYACtk666PSLXwQyYxG_LneofcJcB38XpM1OObiEqb7CEqjn6q6dOD59thx5BJO0f3xurQXhbIx5U/s1600/image9.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="344" data-original-width="858" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNONJMgnkAbbU-eQ7sBlFWFlC9kajE2aaM0Fsp2BSwZFDgeIAh2yoiT9NjETslQckYACtk666PSLXwQyYxG_LneofcJcB38XpM1OObiEqb7CEqjn6q6dOD59thx5BJO0f3xurQXhbIx5U/s400/image9.png" width="400" /></a></div>
<div style="text-align: center;">
<b>myTrailhead login and single sign-on flow</b></div>
<div style="text-align: center;">
<br /></div>
And when they’re done with the content, if they logout from myTrailhead, they’ll be logged out from Trailhead as well and be directed to the Trailhead home page.<br />
<br />
Finally, Trailblazer Identity helps Trailhead to connect the dots with Trail Tracker reporting. <a href="https://sfdc.co/trailtracker" target="_blank">Trail Tracker</a> is a free AppExchange app for tracking user badge and Trailmix activity. When reporting on badge activity via Trail Tracker, Trailhead uses your user’s information to decide how to sync their activity with their reporting organization.<br />
<br />
Every day, a scheduled Apex job in Trail Tracker runs, it calls into Trailhead with the organization Id and retrieves all of the badge and Trailmix activity for any user who has linked or used the same production org identity to login for their Trailhead user. That way, Trailhead can share the user’s public and private myTrailhead badges the same way Trailhead figures out whether you can see public or public and private badges on your profile. And if the user doesn’t use myTrailhead, that’s okay. Trail Tracker will sync all of their public badges with your organization - as long as they’ve linked at least one of their Trailhead user login identities with the same org. More about using Trail Tracker and linking login identities in this fantastic <a href="http://www.salesforcehacker.com/2018/04/getting-badgy-at-trailhead-badge-thon.html" target="_blank">blog post</a>.<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgI0nOgaAbIK-kCZmAJQC7TPTkudRpwPjWgPkh-sXpFtztab0ZvzHbmIo7XaG_Kk7Po8zQlFAs9nKtCDUEze8-0Ua9N4r1fCy9tLcXJKp9Az5_oWCiFhH5jMeBBiBYqvA6B7uUUBpnOfQA/s1600/image6.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="383" data-original-width="564" height="271" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgI0nOgaAbIK-kCZmAJQC7TPTkudRpwPjWgPkh-sXpFtztab0ZvzHbmIo7XaG_Kk7Po8zQlFAs9nKtCDUEze8-0Ua9N4r1fCy9tLcXJKp9Az5_oWCiFhH5jMeBBiBYqvA6B7uUUBpnOfQA/s400/image6.png" width="400" /></a></div>
<div style="text-align: center;">
<b>Trail Tracker and User Identities</b></div>
<div style="text-align: center;">
<br /></div>
One use case that is a bit more challenging with Trail Tracker is using sandbox to test it. Trail Tracker actually does work in a sandbox, but the integration user has to be a production org user when you set it up since sandbox users can’t login to Trailhead to begin with. In other words, you can’t have developers who exist only in a sandbox org sync their badges with Trail Tracker running in sandbox since it's not possible for them to login to Trailhead in the first place to earn badges. This isn’t a limitation in Trail Tracker - it’s just the way Trailblazer Identity works - since you can’t login or sign up with a sandbox user, you can’t earn badges and if you can’t earn badges, you can’t sync them to Trail Tracker. Access is based on the link between a Trailhead user’s production org identity and the production org where Trail Tracker is installed.<br />
<br />
Trailblazer Identity is one of the greatest innovations that Salesforce has created. It allows you to access multiple communities in different contexts as your day switches you from partner, to customer, to developer, to employee end-user. It solves many difficult problems and helps us unify the community as well as providing a secure, scalable, and trusted service for all Salesforce community properties including Trailhead and myTrailhead.<div>
<div>
<br />
<span id="goog_520882025"></span></div>
</div>atormanhttp://www.blogger.com/profile/12188546691736154200noreply@blogger.com0tag:blogger.com,1999:blog-2565836540734979604.post-24660373661676973862019-07-05T13:40:00.000-07:002019-07-05T13:40:28.390-07:00Using Single Sign-on with TrailheadIn March, Trailhead introduced a new identity service called Trailblazer ID (TBID). This innovation enables Salesforce to create a foundation for unifying community properties such as Trailhead and the Trailblazer Community. But under the covers, there are a number of incredible innovations, one of which I'm asked about at least once per week -<br />
<br />
<blockquote class="tr_bq">
"Can I single sign-on (SSO) and deep link to content on Trailhead without having my users login to Salesforce first and navigate through the site?" </blockquote>
<br />
The short answer is, YES!<br />
<br />
There is one important caveat, of the four login types including Salesforce, Google, LinkedIn, and Email, this solution will only work with your Salesforce login.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhb5-Dur_y0j8UWok-96TQrvD-RKxg1Z3OCQhGmY3ZHRjFiIRtTrn5AnRPWr-zvrm097ngGWi9mlW0YbdTJ49jtPSb5RNuKtVmWUotuytvuBuZe3suZNhDkNdN50TOZTWUPyJMiClN-q9o/s1600/sso-1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="664" data-original-width="464" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhb5-Dur_y0j8UWok-96TQrvD-RKxg1Z3OCQhGmY3ZHRjFiIRtTrn5AnRPWr-zvrm097ngGWi9mlW0YbdTJ49jtPSb5RNuKtVmWUotuytvuBuZe3suZNhDkNdN50TOZTWUPyJMiClN-q9o/s320/sso-1.png" width="223" /></a></div>
<div style="text-align: center;">
<b>Trailblazer ID Login Options</b></div>
<br />
As a result, you need to link your Trailhead account using a Salesforce org login to make SSO work. This is because it gives TBID enough information about who you are to log you in correctly using our SSO solution.<br />
<br />
The following excerpt is customized from the myTrailhead <a href="https://sfdc.co/SSO" target="_blank">Help & Training docs</a> (I can't take credit for that writing - the myTrailhead doc writer deserves all the credit) that describes how to create an SSO deep link to content on myTrailhead. However, with one small change described in this blog post, it works for Trailhead as well.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuLR84C5oxoWnlIVE7v34mg4RgtdFueRtBdXbTBBYldKdMRo8taiLilP7m1C1AV_-5ndIujpNjh_fRkWTT9JXbw7Ep3lbexzWBZbTT__pK8VkfwENAqRftW7-tJtlmLvhKtcTGtm75Sa4/s1600/sso-3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="719" data-original-width="1187" height="241" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuLR84C5oxoWnlIVE7v34mg4RgtdFueRtBdXbTBBYldKdMRo8taiLilP7m1C1AV_-5ndIujpNjh_fRkWTT9JXbw7Ep3lbexzWBZbTT__pK8VkfwENAqRftW7-tJtlmLvhKtcTGtm75Sa4/s400/sso-3.png" width="400" /></a></div>
<div style="text-align: center;">
<b>myTrailhead Help & Training Docs</b></div>
<br />
The second section of this blog post describes how you can apply that deep link using a simple formula customization built on top of <a href="https://sfdc.co/trailtracker" target="_blank">Trail Tracker</a> to make it 'button click' easy to access content on Trailhead as a logged in user.<br />
<br />
Let's say you work at the Pacifica company, and you want to single sign-on an Administrator to the Advanced Formulas module on Trailhead. You can build a link that initiates the necessary relays to confirm that a user is authenticated and then takes the user to the module.<br />
<br />
For example, this SSO link leads to the Advanced Formulas module on Trailhead.<br />
<br />
<a href="https://trailblazer.me/relay?community=trailhead&mydomain=pacificalearning&path=/content/learn/modules/advanced_formulas/">https://trailblazer.me/relay?community=trailhead&mydomain=pacificalearning&path=/content/learn/modules/advanced_formulas/</a><br />
<br />
Follow this process to build the link.<br />
<br />
Navigate to the Trailhead content that you want to link to, such as the Advanced Formulas module.<br />
<br />
Keep the page open in a browser so that you can refer to it. The URL contains some of the details required to create the SSO link.<br />
<br />
Example: <a href="https://trailhead.salesforce.com/content/learn/modules/advanced_formulas/">https://trailhead.salesforce.com/content/learn/modules/advanced_formulas/</a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi61oiAfuEIaZkUeGr33sFGVDz60jLx6jc37hSDDkxgElHq40jrJtbErehNx67p1iYxmfGc1N2fXBVe-GWdAwdntSWAIIt05KsvTcON1HmqPQwAwcHcFphtllhTEk7eXypUarX9bXgthYI/s1600/sso-2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="709" data-original-width="1029" height="275" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi61oiAfuEIaZkUeGr33sFGVDz60jLx6jc37hSDDkxgElHq40jrJtbErehNx67p1iYxmfGc1N2fXBVe-GWdAwdntSWAIIt05KsvTcON1HmqPQwAwcHcFphtllhTEk7eXypUarX9bXgthYI/s400/sso-2.png" width="400" /></a></div>
<div style="text-align: center;">
<b>Advanced Formulas Module - Logged In User</b></div>
<br />
This URL contains the following information for building an SSO link.<br />
<br />
<b>Trailblazer ID Community</b>—<span style="color: blue;">trailhead</span><br />
<b>Namespace name</b>—<span style="color: blue;">learn</span><br />
<b>Content type</b>—<span style="color: blue;">modules</span><br />
<b>Content API name</b>—<span style="color: blue;">advanced_formulas</span><br />
<b>Name the online location of the relay service</b>—<span style="color: blue;">trailblazer.me</span><br />
<br />
Example: <span style="font-family: Courier New, Courier, monospace;">https://trailblazer.me</span><br />
<br />
Add the relay prompt that initiates SSO authentication: <span style="font-family: Courier New, Courier, monospace;">/relay?</span>.<br />
<br />
Example: <span style="font-family: Courier New, Courier, monospace;">https://trailblazer.me/relay?</span><br />
<br />
Now tell the relay where to go by adding <span style="font-family: Courier New, Courier, monospace;">community=trailhead</span>.<br />
<br />
Example: <span style="font-family: Courier New, Courier, monospace;">https://trailblazer.me/relay?community=trailhead</span><br />
<br />
Add an ampersand (&) and one of the following, depending on whether My Domain is set up in your Salesforce org.<br />
<br />
If My Domain is set up in your Salesforce org, add <span style="font-family: Courier New, Courier, monospace;">mydomain=</span> and your My Domain name, such as pacificalearning.<br />
<br />
If My Domain is not set up in your Salesforce org, add <span style="font-family: Courier New, Courier, monospace;">instance=</span> and the instance where your Salesforce org is located, such as na57.<br />
<br />
Example:<br />
<br />
With My Domain:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">https://trailblazer.me/relay?community=trailhead&mydomain=pacificalearning</span><br />
<br />
Without My Domain:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">https://trailblazer.me/relay?community=trailhead&instance=na57</span><br />
<br />
<blockquote class="tr_bq">
NOTE To determine if My Domain is set up in your Salesforce org, navigate to Setup > My Domain. If your org uses My Domain, the domain name is on that page. To determine the instance where your Salesforce org is located, in your org, navigate to Setup > Company Information.<br />You’ve built the part of the link that confirms whether the user is authenticated through SSO. Now add the path to the content where you want to take your users.</blockquote>
<br />
Add <span style="font-family: Courier New, Courier, monospace;">&path=/content/</span>.<br />
<br />
Example:<br />
<br />
With My Domain:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">https://trailblazer.me/relay?community=trailhead&mydomain=pacificalearning&path=/content/</span><br />
<br />
Without My Domain:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">https://trailblazer.me/relay?community=trailhead&instance=na57&path=/content/</span><br />
<br />
To add the path to the content, refer to the URL that you navigated to in step 1. Add:<br />
The content type, such as <span style="font-family: Courier New, Courier, monospace;">modules/</span> or <span style="font-family: Courier New, Courier, monospace;">trails/</span>.<br />
Your namespace name, such as <span style="font-family: Courier New, Courier, monospace;">pacificalearning/</span><br />
The content API name, such as <span style="font-family: Courier New, Courier, monospace;">advanced_formulas</span><br />
<br />
Example:<br />
<br />
With My Domain:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">https://trailblazer.me/relay?community=trailhead&mydomain=pacificalearning&path=/content/learn/modules/advanced_formulas/</span><br />
<br />
Without My Domain:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">https://trailblazer.me/relay?community=trailhead&instance=na57&path=/content/learn/modules/advanced_formulas/</span><br />
<br />
Now you’ve created the SSO authentication link that you can send to your users!<br />
<br />
But how would you use this in the real world?<br />
<br />
You could use this to generate links using an Excel formula and sending the links out via branded emails as invitations to complete Trailhead badges. The downside of this solution is that if you haven't logged into your organization yet, you'll have to first login since we don't have enough information from your email alone to log you into Trailhead.<br />
<br />
Another way you could auto-generate these SSO deep links to Trailhead content is to build a formula field in your org with Trail Tracker. I like this approach over email because it guarantees that you're already logged into your Salesforce organization.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcztG44uCVlIKdSErhkRUFfpxsEurfmnHv9h4qEuy50lIPNKCTSAoeBvoz225MdEU1gGZX_mkF1NQg0L0M0RuI6WIxfTGFenaBML-70GaRCgVjyvyqmvToFopEtVSFrCFFoh5rbifYvMI/s1600/sso-4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="780" data-original-width="1031" height="301" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcztG44uCVlIKdSErhkRUFfpxsEurfmnHv9h4qEuy50lIPNKCTSAoeBvoz225MdEU1gGZX_mkF1NQg0L0M0RuI6WIxfTGFenaBML-70GaRCgVjyvyqmvToFopEtVSFrCFFoh5rbifYvMI/s400/sso-4.png" width="400" /></a></div>
<div style="text-align: center;">
<b>Button Click using Single Sign-on to a Trailhead Module</b></div>
<br />
The flow is pretty straight forward: when you view a badge record, you can click on a custom field, in this case called Single Sign-on URL, it will login you into Trailhead automatically and navigate to the Advanced Formulas module. And if you haven't already registered as a Trailhead user, don't worry, TBID will take you through the progressive profile to create a new user and then return you to the Advanced Formulas module when you're done.<br />
<br />
To create the field, you just need to go to Setup as an Administrator and under the Badge object, create a new formula field called Single Sign-on URL.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXWvwr7hWWgrQlnHUvq_bwUMOhuvofKkguWPRakjmNilzxVlUF5XpJdRVz3BY3pthRxyxb7d2lsGPMMpLI5Ki8e3IOYSIR-PJIkQHEYlpUGyYC9TkaR-9z3nyvLDzWBRyZSADzAM7mwKs/s1600/sso-5.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="655" data-original-width="1011" height="258" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXWvwr7hWWgrQlnHUvq_bwUMOhuvofKkguWPRakjmNilzxVlUF5XpJdRVz3BY3pthRxyxb7d2lsGPMMpLI5Ki8e3IOYSIR-PJIkQHEYlpUGyYC9TkaR-9z3nyvLDzWBRyZSADzAM7mwKs/s400/sso-5.png" width="400" /></a></div>
<div style="text-align: center;">
<b>Badge Formula Field</b></div>
<div>
<b><br /></b></div>
The following formula is a starting point for trying this out in your org. It checks the type of badge (If Module, Then Project, Then Superbadge, Else "None") and then constructs the SSO URL by parsing the standard trailheadapp__URL__c field that comes with the Trail Tracker App.<br />
<br />
Formula:<br />
<br />
<blockquote class="tr_bq">
<span style="font-family: Courier New, Courier, monospace;">IF (ISPICKVAL(trailheadapp__Type__c, '<b>Module</b>'), HYPERLINK('https://trailblazer.me/relay?community=trailhead&mydomain=pacificalearning&path=/content/learn/modules/'&IF(BEGINS( trailheadapp__URL__c , "https://"), MID( trailheadapp__URL__c , FIND('https://', trailheadapp__URL__c , 1)+50, (LEN( trailheadapp__URL__c ) - FIND('https://', trailheadapp__URL__c , 1)+50)), trailheadapp__URL__c ), Name , '_blank'),</span><span style="font-family: Courier New, Courier, monospace;">IF (ISPICKVAL(trailheadapp__Type__c, '<b>Project</b>'), HYPERLINK('https://trailblazer.me/relay?community=trailhead&mydomain=pacificalearning&path=/content/learn/projects/'&IF(BEGINS( trailheadapp__URL__c , "https://"), MID( trailheadapp__URL__c , FIND('https://', trailheadapp__URL__c , 1)+50, (LEN( trailheadapp__URL__c ) - FIND('https://', trailheadapp__URL__c , 1)+50)), trailheadapp__URL__c ), Name , '_blank'),</span><span style="font-family: Courier New, Courier, monospace;">IF (ISPICKVAL(trailheadapp__Type__c, '<b>Superbadge</b>'), HYPERLINK('https://trailblazer.me/relay?community=trailhead&mydomain=pacificalearning&path=/content/learn/superbadges/'&IF(BEGINS( trailheadapp__URL__c , "https://"), MID( trailheadapp__URL__c , FIND('https://', trailheadapp__URL__c , 1)+56, (LEN( trailheadapp__URL__c ) - FIND('https://', trailheadapp__URL__c , 1)+56)), trailheadapp__URL__c ), Name , '_blank'), </span><span style="font-family: Courier New, Courier, monospace;">"none")))</span></blockquote>
<br />
That's the power of the Salesforce platform. From there, you can introduce this link in Login Flows, Workflows, Notifications, Reports, and pretty much anywhere the formula can be presented to a user.<br />
<br />
Single Sign-on to Trailhead from your Salesforce organization is possible to help you ramp your team on Salesforce.atormanhttp://www.blogger.com/profile/12188546691736154200noreply@blogger.com0tag:blogger.com,1999:blog-2565836540734979604.post-9743896429080129492018-04-09T10:58:00.000-07:002018-04-09T17:21:38.987-07:00Getting Badgy at a Trailhead Badge-a-thon<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
I had an incredible conversation at <a href="https://developer.salesforce.com/trailheadx" target="_blank">TrailheaDX</a> ‘18 with Mark Korf. During that conversation, we discussed a really interesting problem - how do you report on badges at a Trailhead badge-a-thon?<br />
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
At this point, you’re probably asking yourself, ‘I’ve heard of a hack-a-thon, but what’s a badge-a-thon?!’<br />
<br />
A badge-a-thon is an event where you bring together trailblazers who compete to earn badges. Those people who win the badge-a-thon earn prizes like cool swag.<br />
<br />
But the best part of the badge-a-thon is that it brings Trailblazers together using Trailhead, the fun way to learn Salesforce. Badge-a-thons introduce trailblazers to career opportunities by learning about Salesforce while keeping it fun and engaging.<br />
<br />
We had one badge-a-thon last month where over ten thousand badges were earned!<br />
<br />
What Mark wanted to do was host badge-a-thons at user groups and with schools to open career opportunities and enable trailblazers to do their jobs more effectively, all while they were having fun and winning swag.<br />
<br />
In order to award the swag, Mark needed to track who earned the most badges. Enter Trail Tracker from the AppExchange.</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="margin-left: 1em; margin-right: 1em;">
<div style="text-align: center;">
<img height="204" src="https://lh6.googleusercontent.com/gZoh0dDKgH6rmv6wPK_6cVEc2wyxXQyxVtAtp42Ik8pbLc1AcoW2fKH_Uu_cSUMVhRCT3I5_TBb3pkr4EiC56VU-ZO2Np9r07Ew7ys8d0Krat1dgZzk_fWfQ-MhJYuDvCTFkOCxK" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>Integrating the Trailhead Profile into an org for tracking badge activity</b></div>
</div>
<div style="text-align: center;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
Trail Tracker is a free app on the AppExchange that enables you to guide your trailblazers through their Salesforce learning adventure on Trailhead. Assign, track, and report on badges earned by your team via pre-built reports and dashboards to take your Salesforce game to the next level.</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="268" src="https://lh4.googleusercontent.com/CCRJzr7gTmdCCb6eSW3TWOuEFJip3ZjHhaGDkP5gHE0pP1HBgs5iy5jrrkErXdbO83w7yBhJrZ7eIU1eW5-ivR-juLcgVwn5Nf9QWqLCFULgpKpgSmEESoPoonz3Xobl4sHj6viV" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>Free AppExchange App</b></div>
</div>
<div style="text-align: center;">
<b style="font-weight: normal;"><br /></b>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
Trail Tracker was originally intended to enable the tracking of employees badges. Mark didn’t have employees, he had user groups and student trailblazers. This presented a different problem. How do you bring individuals together, many of whom were already in their own production orgs, for the purpose of tracking their badges during the event?</div>
<h3 style="line-height: 1.38; margin-bottom: 4pt; margin-top: 18pt;">
How to set up Trail Tracker for a Trailhead Badge-a-thon</h3>
<h4 style="line-height: 1.38; margin-bottom: 4pt; margin-top: 14pt;">
1. Sign up for a Developer Edition org: <a href="https://developer.salesforce.com/signup" style="text-decoration: none;" target="_blank">https://developer.salesforce.com/signup</a></h4>
You need someplace to track the results. Developer Edition is a free org you can use to try out things. And while you can use an existing org like production, you’re going to be adding non-production users so it’s better to keep it separate.<br />
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="209" src="https://lh5.googleusercontent.com/cl3Wq-ETIxg3VyivDU8Kyygspn93H-KXr5Q-0r5PtvR39I6kpS-rJeYUtgDcq72LaF5XU2JvTssKajlmRXy01BvVXPL-Nt8SvAPBTf_G3WAMtVU_d1FIa1QDhFj-kscaaKBZ8q-l" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>Sign up page</b></div>
</div>
<h4 style="line-height: 1.38; margin-bottom: 4pt; margin-top: 14pt;">
2. Install Trail Tracker into the new org: <a href="https://sfdc.co/trailtracker" style="text-decoration: none;" target="_blank">https://sfdc.co/trailtracker</a></h4>
Just head to the AppExchange and install Trail Tracker in your newly provisioned Developer Edition Org. It’s a good idea to have the
<a href="https://salesforce.quip.com/AVc8Aouc4Lzx" style="text-decoration-line: none;">installation directions </a>and the <a href="https://salesforce.quip.com/MUhKAnQqyU3g" style="text-decoration-line: none;">FAQ</a> standing by in case you need it.<br />
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="109" src="https://lh6.googleusercontent.com/3j8fBZWOHgbkv68TFmWH_n0hraF_B83VLuQDHziRYcuL_t1d5V-38P8wGHh_P151uzuSsWGuKDxQWd2sWzCyJ4TBpb-2H-KMoj6oWRYPzPsaxfmFXfYg70mG3u2DqXet7t61mU8x" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>Trail Tracker installed in Developer Edition Org</b></div>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<h4 style="line-height: 1.38; margin-bottom: 4pt; margin-top: 14pt;">
3. Add badge-a-thon participants as new Chatter Free Users</h4>
Besides being free, Developer Edition also provides 5000 Chatter Free licenses which enables you to host a badge-a-thon up to that number easily.<br />
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="171" src="https://lh6.googleusercontent.com/TFhK2KQJXORC8xKJ_gpX3WHEVKSrFwHorcCwSs4E_Cj2hSWUp0YqauQ6N9_Ch8Ag3XZuI-x06YL7-N3NZqH8IG2yUvtH7HvI9JFugr5qJ9BTRQfqVj6qFGfAHMVZYdwqdBBbE13v" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>5000 Chatter Free Licenses</b></div>
</div>
<br />
Keep in mind, Chatter Free licenses don’t have any access to object data in an org in case you're concerned about those users accessing data that they shouldn't.<br />
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="131" src="https://lh6.googleusercontent.com/ZGqq5-ECh9Wac9hPai18Izis1PrszVN8piaEYPY4Eo6Vu805HndxZe--mkOavPEk9lxYeaBP9oWwm8GPNAq2UbhUzvBrvleDP2gL-PaBrIKfelK4qCRpRV1__XFL-qg7Hd9uTpNi" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>Create a new Chatter Free user for each badge-a-thon participant</b></div>
</div>
<h4 style="line-height: 1.38; margin-bottom: 4pt; margin-top: 14pt;">
4. Configure Trail Tracker</h4>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
Configuring Trail Tracker may be a little challenging as many integrations tend to be. I highly recommend having the <a href="https://salesforce.quip.com/AVc8Aouc4Lzx" style="text-decoration-line: none;">installation directions</a> handy for this part.<br />
<br />
When you configure Trail Tracker, make sure to select at least the Chatter Free license type as well as Standard.</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="266" src="https://lh6.googleusercontent.com/NHlCs4GG9JczB35yodE4wUmZQR8Ed7NQFqWAhXjg5WWrbR0hKMQsImrhCj9e_WMpS7eBCglM0msyfpLvppRjOBNQwRSa7pattk5z7fyJY1JhV7g2KIfulaVJ_UxiowStsQaI4mCj" style="border: none; transform: rotate(0rad);" width="400" /></div>
<div style="text-align: center;">
<b>Trailhead Setup</b></div>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
Configure the sync to run at the end of your event so you can do the final tally. The sync currently runs once per day.</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="118" src="https://lh6.googleusercontent.com/_NRj6MRbIvdE2S5Qf_Znx6o_fDHCjPonGmyyHZC7uRWKnUcuCLY1P_68TBsoooYmQqgXEMVVdAHiEslrZkUl3rUhAxGQot_bP6m6Woj5tfLNW9f1ezF4GQzlB_GtcTEr3B36rPnr" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div style="text-align: center;">
<b>Sync Settings</b></div>
<h4 style="line-height: 1.38; margin-bottom: 4pt; margin-top: 14pt;">
5. Have your new badge-a-thon users login for the first time</h4>
You want your newly minted Chatter Free users to login and change their password. They’ll need the password for the next part.<br />
<br />
If the user has never logged into Trailhead before, they can just go directly to sign up and start earning badges. Since they’re logging in using the Chatter Free user you provisioned for them, their badges will automatically start flowing into your Developer Edition org every time Trail Tracker syncs. However, if your users already have Trailhead users established, you'll need to follow a slightly different path.<br />
<h4 style="line-height: 1.38; margin-bottom: 4pt; margin-top: 14pt;">
6. Link/merge Trailhead User Accounts for Existing Trailhead Users</h4>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
This is conceptually the most interesting part of the entire solution.<br />
<br />
The way Trailhead works, each user earns badges. But each user may use multiple identities to login to view their badges.<br />
<br />
Some users already have a Trailhead login and don’t want to give up their badges. The good news is that they don’t have to. They can link or merge their accounts.<br />
<br />
You can read more about linking and merging from the knowledge base article:
<a href="https://force.desk.com/customer/en/portal/articles/2896953-trailhead-self-service-account-merge?b_id=13477" style="text-decoration-line: none;" target="_blank">https://force.desk.com/customer/en/portal/articles/2896953-trailhead-self-service-account-merge?b_id=13477</a>.<br />
<br />
The decision to link or merge comes down to one thing - is there already an existing Trailhead user with badges or is this a new identity that you’re going to use to login to your existing Trailhead user?<br />
<br />
If it’s the latter, you’ll just need to link the two.<br />
<br />
Have your users login to Trailhead using their normal login and go to settings.</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="117" src="https://lh6.googleusercontent.com/kf98IedHO-101Ux3XxDhdUf3ssLUowC5w0ApWv5MsuHbzyC7L26E3vxZhum0fPXM2MtDkOpkdruFRpeqyoV0D-fulC4Bopu_zJaYsFZkjTGUnZAHOak-81AH3-bMc91T6m4wzQIN" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>Trailhead Settings</b></div>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
Under settings, have them go to the Salesforce Login section and click the ‘Connect or Merge’ button. </div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="141" src="https://lh3.googleusercontent.com/zgW2GyG_bJsYWQfjkwJjUQlMWuIcBafFTdcZJrh4S1VGZyofPqiWD2AAnhZCKqRA0Bp_TAYSIEpBKwkRafogn4s-OsPZTyuCqS2VuEV2hkQl1s0Jhgv8DsGFF5IbRKY74H60hTuc" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>Connect or Merge</b></div>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
Login using your newly provisioned Chatter Free user from the badge-a-thon org. You’ll be prompted to login and allow access. </div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="377" src="https://lh4.googleusercontent.com/HFQQClvEUH9xrBg8Bct_Knc8pdBqPXDCh-kCyBO6Wuqckr-aq_j9yuHFiLhk_UvAkdA1z6w36fTTlxbQ3mv5D7Eq62qJ9aGWIX0Mp9fbTgrEXCuAQlj3PmS_qIfdOgEd1ij8LGtf" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>Allow access</b></div>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
Then you’ll be prompted to link accounts.<br />
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="334" src="https://lh4.googleusercontent.com/yPdtfDe8OP_j8e39YfWzVPkuzl3hI6_VDBVgj8xQtLLCZo8HSwq92U_h7Bwhg2SxPKXnrToPwJWXmS5aTPl9ZJSvNR7BvbyBw_sgYLzsdbVxDY_LphiKdQhfNQJUTZPcLsBymvgw" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>Link Account</b></div>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
Once linked, you can go back to Trailhead where you’ll see your newly linked login under the settings page for your existing Trailhead user and you're user is ready to go. Any badges they earn, regardless of whether they login using their existing identity or the newly created Chatter Free identity, will be added to the single Trailhead user that you can report on.</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="137" src="https://lh4.googleusercontent.com/fihr61pDOnIDXYTZ0ZwQ1trliD4KCEm9fn0a4O6CWESgzTmqy4pFyhbEpFIt7193zPF_upKx0J_tkpvm1VJ0-xdoHDjoVaDeD-L4FRmsPvS9trwiVlnMtFDNYeckfc7b3mk_Fry4" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>Salesforce Linked Accounts</b></div>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
However, if you have overachievers who have already signed up for Trailhead using their badge-a-thon Chatter Free users and started to earn badges, you’ll need to have them merge accounts with their existing user. Don’t worry, no badges will get lost in the process and they never lose access to their Trailhead user.<br />
<br />
Have those users login to their existing Trailhead user account and go to settings. They should click the ‘Connect or Merge’ button and login using the badge-a-thon Chatter Free user that also has badges. They’ll be prompted to merge their accounts an provided with all the information about what badges and points will go once the merge is complete.</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="318" src="https://lh3.googleusercontent.com/XtOG192tN5uPQOdJlSpxYxdMhmEJAqa3FLlESJN_wId4hxT6TebPUMwr3UxE-6tT1ZU2KGj_UcYx6jUE-ae_lIq1FyamjX2PddFxOeX9wPIX2cBWXWb8g1mAOxlugpoWsPi98Mww" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>It’s merging time!</b></div>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
Then comes the scary screen - ‘the merge is irreversible’ - Are you sure? Of course you are!</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="340" src="https://lh4.googleusercontent.com/kW9zLBzdjoo_N6e7SpP5I2FmdQcRTqIsh7Fya2Hdw4NuMDNtJyTlwwVVJmb3xn4214d7drJbhmUQUx88ceEUwSK0VGOHGe6WtBOeGIRpnv6N7MQD5xqlxjBRdx354RVO51X8Vqzz" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>Are you sure?!</b></div>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
After the merge, you’ll see the results. </div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="261" src="https://lh4.googleusercontent.com/y6aNltgUOkmipuNaNXnxPhtC16-RgjBAz5DEv7zwOx5zlKnFgyuRZUEaYhCuDkpQIuNU4otuFSmchuK9azWfq5oOzVpgwrjHO0zLEhGYuo3ASSzoysYwjVqSOwvjD03Pab6Zttn0" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>Merge Results</b></div>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
And now you can login using either your existing Trailhead user’s identity or the newly provisioned badge-a-thon Chatter Free user that was provisioned for you. Once again, our single Trailhead user may have multiple identities that they use to login in order to earn badges.</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjAxob_rvomUiPNQFNesLQ7SHMaM7J9MmDwQacri9s4AJ4lT9gQ6SpUX7KUSfR0YdR9tJBpNHKKJyCuaVmVRerjAKl1QIbE0qs7tiCN59T9owSB6FHTHq70X6GMJDK67PNMWrjA56N4vos/s1600/badge-a-thon1.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="450" data-original-width="1105" height="162" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjAxob_rvomUiPNQFNesLQ7SHMaM7J9MmDwQacri9s4AJ4lT9gQ6SpUX7KUSfR0YdR9tJBpNHKKJyCuaVmVRerjAKl1QIbE0qs7tiCN59T9owSB6FHTHq70X6GMJDK67PNMWrjA56N4vos/s400/badge-a-thon1.jpg" width="400" /></a></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="margin-left: 1em; margin-right: 1em;">
</div>
<br />
<div style="text-align: center;">
</div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>Salesforce Login</b></div>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
And when those users earn badges against their single Trailhead user, they’ll be sharing them with the badge-a-thon org based on the affinity to the Chatter Free user identity that they've linked to.<br />
<br />
After the badge-a-thon, or at any point, your users can remove the Chatter Free identity from settings by clicking the big ‘X’ under the Actions menu next to the identity that shouldn’t be used any longer. That will opt them out of sharing the badge data with the badge-a-thon org and will prevent that Chatter Free identity from being used to login to their Trailhead user. That way, your users can choose whether to opt-in or opt-out from sharing badge data, all without ever losing any badges in the process.</div>
<h4 style="line-height: 1.38; margin-bottom: 4pt; margin-top: 14pt;">
6. Track badges in Trail Tracker</h4>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
Finally, you’re ready for the big day. Your trailblazers can now start earning badges. And when you login to your badge-a-thon org with Trail Tracker, you can navigate to the app to track the activity.</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="228" src="https://lh3.googleusercontent.com/F5tZat2DroXcEot5nkFPacbbBLx4cXy11fagPzz9219wDImpR7bhnFjHCJdCJ3sguBjmC4uWO69k0JUELgGesLRa0NY9lwC7sYKIbFec1_MImLkfPdF7IVIEBThfnsnGQOEFmFgR" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>App Menu</b></div>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
Just go to Dashboards and click on the Trailhead Overview.</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="150" src="https://lh5.googleusercontent.com/3YHdWBv1yldpunNlodU0iMHvKpDy9ah3wSjI20mYPr8XWq-4lBY1ponXwGAiDZBlzSl236cXwCJspggQKgmF8BOPrqWkQdCEmyvci9Ow66NQ193SqJuxWCHBZBu036l3Ut8n-dc-" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>Dashboards Tab</b></div>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="368" src="https://lh3.googleusercontent.com/qrj25NpRukqv0iLh6Mt3eGchn_qfRhQMBd4g8tKd4m2miw486fRuYrTqdcClkmhBaOQmY8jQ1INXlNuVeRPOOfjovGSCXqgixlHx4RynNS-jlJewFxZnhGhPWaQAUaFBwDNzX3nN" style="border: none; transform: rotate(0rad);" width="400" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>Trailhead Overview Dashboard</b></div>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
You can customize the dashboard as you need and run reports that help you understand what badges are being earned by which badge-a-thon users.</div>
<h4 style="line-height: 1.38; margin-bottom: 4pt; margin-top: 14pt;">
8. Award prizes</h4>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
The day of the badge-a-thon is finally here! Time for your users to start learning and winning some cool prizes.</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<img height="413" src="https://lh6.googleusercontent.com/lOGWJAQxiGL12rskxZ01XRRWlbpbDd9SzqAlg6jBFM_5NDwofhBzzfV2KqRuht3sXuIlqj8sP47wb8q-6Nx8S1IpglMO15osYXD4ipH07Lq8TIuuWJyLUvp4q-N9GPgC8Bb8Zdtf" style="border: none; transform: rotate(0rad);" width="310" /></div>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="text-align: center;">
<b>My kingdom for a hoodie!</b></div>
</div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
Don't worry about copying down all of these steps, they're all available on the following trailmix if you want to track them: <a href="https://trailhead.salesforce.com/en/users/005500000060MZlAAM/trailmixes/getting-badgy" target="_blank">https://trailhead.salesforce.com/en/users/005500000060MZlAAM/trailmixes/getting-badgy</a>.<br />
<br />
Thanks Mark for the great use case!!</div>
atormanhttp://www.blogger.com/profile/12188546691736154200noreply@blogger.com5tag:blogger.com,1999:blog-2565836540734979604.post-61705012516559208602018-01-15T13:35:00.000-08:002018-01-15T13:35:12.493-08:00What's new in Spring'18 with Event Monitoring<h2>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-weight: normal;">Summary of Event Monitoring Spring'18 Release Features</span></h2>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><b>1. Hourly Event Log Files Beta</b> - enhanced interval to obtain event log data for customers and partners</span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Currently EventLogFile object has your Salesforce event data from the previous 24 hrs. With hourly event logs you are able to track events that have been generated 2-4 hrs ago alongside daily event log files. See the interval field from the picture below where Interval = 'hourly' from workbench API tool. </span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">This allows you to make decisions whether you pull your event log files several times a day to your analytics environment for security or performance monitoring use cases or stay in the daily batch for adoption monitoring. The hourly event log files does not automatically work with event monitoring analytics app, Splunk, New Relic, FairWarning or Cloudlock. Please work with your analytics team to start using the hourly files. </span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><a href="https://releasenotes.docs.salesforce.com/en-us/spring18/release-notes/rn_security_em_eventlogfile_hourly_beta.htm">Link to release notes.</a></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span id="docs-internal-guid-ae6a1da5-fb96-e1f4-3bd6-ac7d847373bc" style="margin-left: 1em; margin-right: 1em;"><img alt="Screen Shot 2017-07-28 at 10.35.39 AM.png" height="329" src="https://lh5.googleusercontent.com/qC2fzM_9sIz-yQZRNShfZssSPt7iOAQUGoK3ETSYVwGsT5MRTV6zatKID_VRtDdWMTQbC4hsF14p2ZM9xlUUWqeDfFdsFqvA6fVYlM5sJpvFew4861ZVAUHwlkWHERMY8sbAVY26z9g" width="640" /></span></div>
<div style="color: #222222; font-size: small;">
</div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<br /></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><b>2. Insecure External Assets Event Log </b>- track insecure external assets hosted in Salesforce and fix URLs from HTTP to HTTPS. This event log file will be generated when your users are accessing external assets like images in Salesforce over insecure HTTP protocol. The insecure external assets event log file will be provided free of charge and out of box to all customers similar to Login and Logout event log files. </span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><a href="https://releasenotes.docs.salesforce.com/en-us/spring18/release-notes/rn_security_em_eventlogfile_insecure_external_assets.htm">Link to release notes.</a></span></div>
<div style="color: #222222; font-size: small;">
<br /></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><b>3. Delete Event Log Files </b>- to help comply with existing and upcoming data regulations like GDPR, event log data can now be deleted with a specific Delete Event Monitoring Records permissions. </span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span id="docs-internal-guid-527ed05b-fbac-4444-1b4b-5c244d967e39"><img height="59" src="https://lh4.googleusercontent.com/uLkB98UAnNV1lftDjGBSGcoYW_UoyulASUnewOA87QdNqbkvTDFTkPU3b3E8Qyrn0yI0c7rldOQW3XJDmf6bq-SQj-tmmjg8vPHoOCfKaIDevWeSIO0z6CsacAUQv9T1nVl3j6uWfcw" width="640" /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Before this permission can be assigned to a user or permission set, there is also a Org wide preference that needs to be turned on. </span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span id="docs-internal-guid-527ed05b-fbab-ef0b-4976-9deb6d24ce8e"><img height="212px;" src="https://lh5.googleusercontent.com/CDwCUgc9BwqQlN39vG4dUWXwxt7qgEjAxasCpdm3jMAeDYMONxiBbsCRIbgcbWfTFCdjw9CLXEIX-Fk5iLY_A2v9vlqA1jXdTin3Os_RhFseddOpOEiNUuVcGwnXwv8xLWqEF6AMcho" width="563px;" /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><a href="https://releasenotes.docs.salesforce.com/en-us/spring18/release-notes/rn_security_em_eventlogfile_delete.htm">Link to release notes.</a></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><b>4. Track User Actions with time based workflows</b> - correlate multiple events together with Login Key and Session Key</span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">To get more visibility into Time Based Workflow, we've added the Login and Session Key to help track all transaction changes in the specific Time Based Workflow.</span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><a href="https://releasenotes.docs.salesforce.com/en-us/spring18/release-notes/rn_security_em_eventlogfile_tbwf_fields.htm">Link to release notes.</a></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><b>5. Salesforce Connect Event Log enhancements</b> - track external objects comprehensively</span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">For Salesforce Connect customers, several log files enhancements have been added to provide more fine grain visibility for external objects, be it query or write operation, when the call occurred and which user accessed the data.</span></div>
<div style="color: #222222; font-size: small;">
<div class="body conbody" style="background-color: white; box-sizing: border-box; color: #3c3d3e; font-size: 14px;">
<div class="p" style="box-sizing: border-box; margin-top: 1em;">
<ul class="ul bulletList" style="box-sizing: border-box; margin-bottom: 0.714286em; margin-top: 0px;">
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">External Cross-Org Callout events</span><ul class="ul bulletList" style="box-sizing: border-box; margin-bottom: 0px; margin-top: 0px;">
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span class="keyword parmname" style="box-sizing: border-box; color: #333333;">EXECUTE_MS</span>—How long it took in milliseconds for Salesforce to prepare and execute the query. Previously, this field was reserved for future use.</span></li>
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span class="keyword parmname" style="box-sizing: border-box; color: #333333;">FETCH_MS</span>—How long it took in milliseconds to retrieve the query results from the external system. Previously, this field was reserved for future use.</span></li>
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span class="keyword parmname" style="box-sizing: border-box; color: #333333;">ROWS_FETCHED</span>—(New) Reserved for future use.</span></li>
</ul>
</li>
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">External Custom Apex Callout events</span><ul class="ul bulletList" style="box-sizing: border-box; margin-bottom: 0px; margin-top: 0px;">
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span class="keyword parmname" style="box-sizing: border-box; color: #333333;">EXECUTE_MS</span>—How long it took in milliseconds for Salesforce to prepare and execute the query. Previously, this field was reserved for future use.</span></li>
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span class="keyword parmname" style="box-sizing: border-box; color: #333333;">FETCH_MS</span>—How long it took in milliseconds to retrieve the query results from the external system. Previously, this field was reserved for future use.</span></li>
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span class="keyword parmname" style="box-sizing: border-box; color: #333333;">ROWS_FETCHED</span>—(New) Number of rows fetched by the callout.</span></li>
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span class="keyword parmname" style="box-sizing: border-box; color: #333333;">THROUGPUT</span>—Number of records retrieved in 1 second. Previously, this field was reserved for future use.</span></li>
</ul>
</li>
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">External OData Callout events</span><ul class="ul bulletList" style="box-sizing: border-box; margin-bottom: 0px; margin-top: 0px;">
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span class="keyword parmname" style="box-sizing: border-box; color: #333333;">EXECUTE_MS</span>—How long it took in milliseconds for Salesforce to prepare and execute the query. Previously, this field was reserved for future use.</span></li>
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span class="keyword parmname" style="box-sizing: border-box; color: #333333;">FETCH_MS</span>—How long it took in milliseconds to retrieve the query results from the external system. Previously, this field was reserved for future use.</span></li>
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span class="keyword parmname" style="box-sizing: border-box; color: #333333;">NEXT_LINK</span>—OData next link that the callout used to request a subsequent batch or page of rows. Previously, this field was reserved for future use. This field isn’t supported for the OData 2.0 adapter on orgs created before Spring ’18.</span></li>
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span class="keyword parmname" style="box-sizing: border-box; color: #333333;">PARENT_CALLOUT</span>—If the callout requested a subsequent page of rows, this field identifies the initial callout whose request resulted in the multi-page result set. Previously, this field was reserved for future use. This field isn’t supported for the OData 2.0 adapter on orgs created before Spring ’18.</span></li>
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span class="keyword parmname" style="box-sizing: border-box; color: #333333;">ROWS</span>—Total number of records in the result set. Previously, this field was reserved for future use.</span></li>
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span class="keyword parmname" style="box-sizing: border-box; color: #333333;">ROWS_FETCHED</span>—Number of rows fetched by the callout. Previously, this field was reserved for future use. This field isn’t supported for the OData 2.0 adapter on orgs created before Spring ’18.</span></li>
<li class="li" style="box-sizing: border-box; margin-top: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span class="keyword parmname" style="box-sizing: border-box; color: #333333;">THROUGHPUT</span>—Number of records retrieved in 1 second. Previously, this field was reserved for future use. This field isn’t supported for the OData 2.0 adapter on orgs created before Spring ’18.</span></li>
</ul>
</li>
</ul>
</div>
<div class="example" style="box-sizing: border-box;">
<h2 class="sectiontitle" style="box-sizing: border-box; color: inherit; font-weight: 500; line-height: 1.3em; margin-bottom: 0.714286em; margin-top: 1.42857em;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Example</span></h2>
<div class="exampleblock" style="box-sizing: border-box;">
<div class="p" style="box-sizing: border-box; margin-top: 1em;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Suppose your Salesforce org connects to an external system via an OData adapter. When you defined the external data source in Salesforce, you selected <strong class="ph uicontrol" style="box-sizing: border-box;">Named Principal</strong> for Identity Type. With the named principal, the same set of credentials is always used to access the external system from your org.</span><br />
<div class="p" style="box-sizing: border-box; margin-bottom: 0.714286em; margin-top: 1em;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">To identify the users who accessed an external object’s records during a specific time period, use the log data for the External OData Callout event type. Sort by <samp class="codeph nolang" style="box-sizing: border-box; color: #333333; font-size: 1em;">ENTITY</samp> and <samp class="codeph nolang" style="box-sizing: border-box; color: #333333; font-size: 1em;">USER_ID</samp> to see which users accessed the external object.</span></div>
<div class="p" style="box-sizing: border-box; margin-bottom: 0.714286em; margin-top: 1em;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">In this event log file, we see that three users accessed the Product external object over 12 callouts.</span><span class="image image-block" style="box-sizing: border-box; display: block; margin: 1em 0pt;"><img alt="Log data for the External OData Callout event type, with highlighted USER_ID values for callouts that access the Products external object" class="image image-block" height="287" src="https://releasenotes.docs.salesforce.com/en-us/spring18/release-notes/release_notes/images/event_monitoring_ExternalODataCallout.png" style="border: 0px; box-sizing: border-box; display: block; height: auto; margin: 1em 0pt; max-width: 100%; vertical-align: text-top;" width="640" /></span></div>
</div>
</div>
</div>
</div>
<div class="related-links" id="sfdc:seealso" style="background-color: white; box-sizing: border-box; color: #3c3d3e; font-size: 14px;">
<div class="relinfo" style="box-sizing: border-box;">
</div>
</div>
</div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><a href="https://releasenotes.docs.salesforce.com/en-us/spring18/release-notes/rn_security_em_eventlogfile_callouts_external_objects.htm">Link to release notes.</a></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><b>6. </b></span><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><b>Event Monitoring Analytics App Trailhead</b>, in case you're using the Event Monitoring Analytics App or a new customer getting started the <a href="https://trailhead.salesforce.com/en/modules/event_monitoring_analytics">Event Monitoring Analytics App Trailhead </a>is a great way to spend 1h 15 mins to understand how to get started for adoption, performance or security monitoring for your Salesforce application.</span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="color: #222222; font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-size: x-small;"><b>7. Changes to Event Log File schema due to regulatory </b></span><span style="color: #222222; font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-size: x-small;"><b>consistency</b></span></div>
<div style="color: #222222; font-size: small;">
<span style="background-color: white; color: #3c3d3e; font-family: , sans-serif; font-size: 14px;"><br /></span></div>
<div style="color: #222222;">
<span style="background-color: white; color: #3c3d3e;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-size: x-small;">Document Attachment Downloads event log file</span></span></div>
<div style="color: #222222;">
<div class="p" style="background-color: white; box-sizing: border-box; color: #3c3d3e; margin-bottom: 0.714286em; margin-top: 1em;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-size: x-small;">We retired the <span class="keyword parmname" style="box-sizing: border-box; color: #333333;">FILE_NAME</span> field. If you’ve created custom fields and need to retrieve data from the <span class="keyword parmname" style="box-sizing: border-box; color: #333333;">FILE_NAME</span> field, query the Document standard object. For example, <samp class="codeph soql" style="box-sizing: border-box; color: #333333;">SELECT Name FROM Document WHERE Id=[ENTITY_ID value from Document Attachment Downloads log data]</samp>.</span></div>
<div class="p" style="background-color: white; box-sizing: border-box; color: #3c3d3e; margin-bottom: 0.714286em; margin-top: 1em;">
<span class="ph b" style="box-sizing: border-box;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-size: x-small;">Knowledge Article View event log file</span></span></div>
<div class="p" style="background-color: white; box-sizing: border-box; color: #3c3d3e; margin-bottom: 0.714286em; margin-top: 1em;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-size: x-small;">We retired the <span class="keyword parmname" style="box-sizing: border-box; color: #333333;">USERNAME</span> field.</span></div>
<div class="p" style="background-color: white; box-sizing: border-box; color: #3c3d3e; margin-bottom: 0.714286em; margin-top: 1em;">
<span class="ph b" style="box-sizing: border-box;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-size: x-small;">Logout event log file</span></span></div>
<div class="p" style="background-color: white; box-sizing: border-box; color: #3c3d3e; margin-bottom: 0.714286em; margin-top: 1em;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-size: x-small;">We retired the <span class="keyword parmname" style="box-sizing: border-box; color: #333333;">USER_NAME</span> field.</span></div>
<div class="p" style="background-color: white; box-sizing: border-box; color: #3c3d3e; margin-bottom: 0.714286em; margin-top: 1em;">
<a href="https://releasenotes.docs.salesforce.com/en-us/spring18/release-notes/rn_api_objects_changed.htm"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-size: x-small;">Link to release note of changed objects</span></a></div>
</div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="color: #222222; font-size: small;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-2565836540734979604.post-5563628534943817382017-11-05T12:21:00.000-08:002017-11-05T12:21:28.062-08:00Event Monitoring at Dreamforce 2017<span style="font-family: Times, Times New Roman, serif;">Ready for Dreamforce 2017? </span><br />
<span style="font-family: Times, Times New Roman, serif;"><br /></span>
<span style="font-family: Times, Times New Roman, serif;">Wanted to give a quick list of Salesforce Shield & Event Monitoring related break out sessions that might be worth your time to check out:</span><br />
<span style="font-family: Times, Times New Roman, serif;"><br /></span>
<style type="text/css"><!--td {border: 1px solid #ccc;}br {mso-data-placement:same-cell;}--></style><span data-sheets-userformat="{"2":513,"3":[null,0],"12":0}" data-sheets-value="{"1":2,"2":"How to Use Event Monitoring to Drive Adoption and Performance"}"><span style="font-family: Times, Times New Roman, serif;">What: <a href="https://success.salesforce.com/Sessions#/session/a2q3A000001ytBKQAY">How to Use Event Monitoring to Drive Adoption and Performance</a></span></span><br />
<span style="font-family: Times, Times New Roman, serif;"><span data-sheets-userformat="{"2":513,"3":[null,0],"12":0}" data-sheets-value="{"1":2,"2":"How to Use Event Monitoring to Drive Adoption and Performance"}">Where: </span>Moscone West 2024</span><br />
<span style="font-family: Times, Times New Roman, serif;">When: <span style="text-align: right;">11/6/2017 at 9:00-10:00am</span></span><br />
<span style="text-align: right;"><span style="font-family: Times, Times New Roman, serif;"><br /></span></span>
<span style="font-family: Times, Times New Roman, serif;"><span style="text-align: right;">What: </span><a href="https://success.salesforce.com/Sessions#/session/a2q3A000001ytBMQAY">Getting Started with Event Monitoring and Field Audit Trail</a></span><br />
<span style="font-family: Times, Times New Roman, serif;">Where: Moscone West 2008</span><br />
<span style="font-family: Times, Times New Roman, serif;">When: <span style="text-align: right;">11/7/2017 at </span>1:30-2:10pm</span><br />
<span style="font-family: Times, Times New Roman, serif;"><br /></span>
<span style="font-family: Times, Times New Roman, serif;">What: <a href="https://success.salesforce.com/Sessions#/session/a2q3A000001ytBJQAY">GDPR Game Show</a></span><br />
<span style="font-family: Times, Times New Roman, serif;">Where: Moscone West 2024</span><br />
<span style="font-family: Times, Times New Roman, serif;">When: 11/7/2017 at 3:00-3:40pm</span><br />
<span style="font-family: Times, Times New Roman, serif;"><br /></span>
<span style="font-family: Times, Times New Roman, serif;">Have a great Dreamforce! </span><br />
<span style="font-family: Times, Times New Roman, serif;"><br /></span>
<span style="font-family: Times, Times New Roman, serif;">#DF17</span><br />
<span style="font-family: Arial; font-size: 10pt;"><br /></span>
<span style="font-family: Arial; font-size: 10pt;"><br /></span>
<style type="text/css"><!--td {border: 1px solid #ccc;}br {mso-data-placement:same-cell;}--></style><style type="text/css"><!--td {border: 1px solid #ccc;}br {mso-data-placement:same-cell;}--></style><style type="text/css"><!--td {border: 1px solid #ccc;}br {mso-data-placement:same-cell;}--></style><style type="text/css"><!--td {border: 1px solid #ccc;}br {mso-data-placement:same-cell;}--></style><style type="text/css"><!--td {border: 1px solid #ccc;}br {mso-data-placement:same-cell;}--></style><style type="text/css"><!--td {border: 1px solid #ccc;}br {mso-data-placement:same-cell;}--></style><style type="text/css"><!--td {border: 1px solid #ccc;}br {mso-data-placement:same-cell;}--></style><style type="text/css"><!--td {border: 1px solid #ccc;}br {mso-data-placement:same-cell;}--></style><style type="text/css"><!--td {border: 1px solid #ccc;}br {mso-data-placement:same-cell;}--></style>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-2565836540734979604.post-20727445803496843072017-06-16T16:36:00.000-07:002017-06-19T13:44:58.947-07:00How to Customize Your Report Downloads Dashboard <b>Attention all security folks! </b>How to monitor data exports from cloud applications is always popular topic amongst security teams.<br />
<br />
With Event Monitoring and Salesforce Shield, customers can closely follow these activities in form of Event Log Files and Transaction Security Policies. With Event Monitoring Wave App, customers can further visualize who's downloading data (exporting reports).<br />
<br />
Event Monitoring Wave App already includes the out of the box denormalization from UserIDs to Usernames but with three simple steps you can also denormalize and update your Report Downloads dashboard to include what reports your users are downloading.<br />
<br />
Dennis Schultz, Principal Solution Engineer from Salesforce has worked on a short video that shows how to use Salesforce Wave Analytics Recipe feature to bring more Salesforce data into Wave and transform your dashboards to include Report Names just under 5 minutes.<br />
<br />
<b>How to add Report Names to the Report Dashboards with Salesforce Wave Analytics Recipes in 3 easy steps.</b><br />
<b><br /></b>
<br />
1. Create "Lookup" Dataset<br />
<ul>
<li>From your Wave app environment click Create Dataset. </li>
<li>Select Salesforce as the source and select Report object. Select fields e.g. Report ID and Report Name. Create the Dataset. </li>
<li>To enable the integration between Wave Analytics and Salesforce, go to Data Manager to enable the default Salesforce Dataflow. Once finished, soon you'll see the dataset in your Wave environment. </li>
<li>You can confirm you have the right information from the Values table.</li>
</ul>
2. Create a new Report Export Dataset with Recipe features<br />
<ul>
<li>Go to Data Manager and select Prepare</li>
<li>Create Recipe and Select ReportExportWithUsers Dataset as the base to work with</li>
<li>Name your new Dataset "ReportExportWithReportNames"</li>
<li>Transform the table with the Lookup Dataset we created in Step 1 with Add Data Transform</li>
<li>Select URI_ID_Derived from the Base ReportExportWithUsers Dataset and Report ID from the new Lookup Dataset</li>
<li>Now specify you want the Report Name field to be included in the new Dataset</li>
<li>Finally create Dataset to run the Recipe</li>
<li>Run on scheduled to pick up new events daily</li>
</ul>
3. Update the Report Downloads Dashboards<br />
<ul>
<li>Open the Report Downloads Dashboard</li>
<li>Make a Copy or Clone the Dashboard before continuing </li>
<li>Rename the Dashboard "New Report Downloads" and Save</li>
<li>Open ReportExportwithReportNames DataSet</li>
<li>Group by Username and ReportName - some names might not be available e.g. User created a new report and deleted the report</li>
<li>Click the scissors to "Clip to Designer" the lense and Provide a name ReportExportWithNames </li>
<li>Return to the New Report Downloads Dashboard and hold the Shift Key down and move the widget to the Dashboard</li>
<li>Save the Dashboard and Click the Eye button to view it</li>
</ul>
<div>
Please take a look at the video and leave comments or questions below: http://salesforce.vidyard.com/watch/SfuJDkrD9qmycyjgwcdiNS</div>
<br />
<iframe allowfullscreen="" frameborder="0" height="315" src="https://www.youtube.com/embed/kxLObaKOgPk" width="560"></iframe><br />
<br />
Cheers, <a href="https://twitter.com/salomaa">Jari</a><br />
<br />Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-2565836540734979604.post-53736169161808158502017-04-06T10:41:00.001-07:002017-04-06T10:42:33.398-07:00Augmenting Salesforce Event Monitoring Datasets<h2>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Augmenting Salesforce Event Monitoring Datasets in Wave Analytics to u</span><span style="font-family: arial, helvetica, sans-serif;">nderstand in more detail what records your users have been viewing</span></h2>
<span style="font-family: "arial" , "helvetica" , sans-serif;">In this short video <a href="https://www.linkedin.com/in/dschultzmo/">Dennis Schultz</a>, Principal Solution Engineer at Salesforce describes how you can use Event Monitoring for Adoption, Performance and Security analysis and specifically use the URI (PageView) dataset in the Event Monitoring Wave App with Wave's new <a href="https://releasenotes.docs.salesforce.com/en-us/spring17/release-notes/rn_bi_integrate_data_prep.htm">Recipe capability</a> (in Spring'17) augmented with entity type, turning the data set and visualization into more insightful and easier to use for human analyst consumption.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="" frameborder="0" height="315" src="https://www.youtube.com/embed/fuz8SNg5BT8" width="560"></iframe>
</div>
<br />
<span style="font-family: "arial" , "helvetica" , sans-serif;">To enable your Event Monitoring Wave App, please visit the instructions in <a href="https://help.salesforce.com/articleView?id=bi_app_admin_wave.htm&language=en_US&type=0">Salesforce Help & Training</a> or to have Event Monitoring turned on to your Salesforce application, please get in touch with your Account Executive.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">To get more familiar with Wave Analytics, see the these <a href="https://trailhead.salesforce.com/trails/wave_analytics_explorer">Trailheads training modules</a> and to learn more about Salesforce Shield and Event Monitoring please capture<a href="https://trailhead.salesforce.com/trails/shield"> these badges</a>.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Please leave your questions and comments below! </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Cheers, Jari</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-2565836540734979604.post-12772951922640946392016-12-09T12:57:00.002-08:002016-12-09T12:57:32.187-08:00Creating Custom Event Monitoring Wave Dashboards<h2>
Creating Custom Event Monitoring Wave Dashboards</h2>
Are you a Salesforce Shield or Event Monitoring customer using the Event Monitoring Wave App? Do you know it's pretty easy and - also very quick - to create custom views to the Event Monitoring data?<br />
<br />
<a href="https://www.linkedin.com/in/mikesmith80249">Mike Smith</a>, Salesforce App Cloud Solution Engineer based in Denver, Colorado area is an expert with Event Monitoring and in this short video below Mike will demonstrate how quickly you can create a custom dashboard with Event Monitoring Wave App for Logins in the last 7 days.<br />
<br />
Enjoy!<br />
<br />
<iframe allowfullscreen="" frameborder="0" height="315" src="https://www.youtube.com/embed/yDyP_g3WoIo" width="560"></iframe>
<br />
<br />
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-2565836540734979604.post-64065368079322378752016-12-07T16:15:00.001-08:002016-12-07T16:17:27.480-08:0010 Event Monitoring Gifts for the Holidays<h2 dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Guest post by Arastun "Russ" Efendiyev. Arastun is Lead Solution Engineer for the Salesforce Platform based in Greater Boston Area. He works with many Salesforce Shield and Event Monitoring customers and is one of the leading experts for Salesforce Event Monitoring and Transaction Security. You can connect with Russ on</span><a href="https://www.linkedin.com/in/russefendiyev" style="text-decoration: none;"><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">LinkedIn</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> and follow him on </span><a href="https://twitter.com/shtooney" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">Twitter</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">.</span></h2>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 3pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 34.666666666666664px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">10 Event Monitoring Gifts for the Holidays</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Holidays are around the corner, and odds are that you’re finding yourself with a shopping list for all the gifts. But don’t forget reward yourself! If you have Event Monitoring, here are Ten Best Practices you can take advantage of - put them on your list! </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">For those of you unaware of Event Monitoring, </span><a href="https://secure2.sfdcstatic.com/assets/pdf/misc/Platform_EventMonitoring_Datasheet.pdf" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">here</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> is a quick cheat-sheet to get you up to speed. </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Here are the Ten Best Practices. </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<ol style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: decimal; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Sit Down and Define</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> what you want to track. Have a Monday morning meeting about it. Take the Event Monitoring reference API doc that provides a list of all things you can track for each event. Ask yourself “What would the ideal dashboard look like?” Use the </span><a href="https://developer.salesforce.com/docs/atlas.en-us.api.meta/api/sforce_api_objects_eventlogfile.htm" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">API doc</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> to help you understand all the data points you can track. Maybe some of them exist outside of Event Logs (i.e., metadata/config changes) – that’s okay, throw them onto the dashboard. Too often I see folks zero in on the technology and encounter a ‘technology-first, business-second’ dilemma. Reverse it! Just bring some good donuts to the meeting.</span></div>
</li>
</ol>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<ol start="2" style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: decimal; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Offload</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">. The logs are retained in Salesforce for 30 days. Then they leave. Set up a process to export them on an archive of your choice. A large use-case of Event Monitoring is doing a retroactive forensic analysis on an individual or individuals that left the company. Let’s say the individual took down top Contacts in a report export and went to a competitor. They did it 4 months ago. You have to be prepared to be able to mine that data. Set up automation – such as using shell scripts provided </span><a href="https://github.com/atorman/elfBash/blob/master/elfBashHelpDoc.pdf" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">here</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> and running a scheduled cron job to grab data, or scheduled to run this python script provided </span><a href="http://www.salesforcehacker.com/2015/03/elfpy-tasty-little-script-for.html" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">here</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">. A </span><a href="https://en.wikipedia.org/wiki/Security_information_and_event_management" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">SIEM</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> tool can help with this and eventually have data reside after it leaves Salesforce in 30 days. This is especially helpful as various SIEM tools excel at log-aggregation and ingestion, which comes from Event Monitoring files. Contact us and we can provide some SIEM vendors that have hot-pluggable adapters for Event Monitoring, if you want an out-of-the-box experience. </span></div>
</li>
</ol>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<ol start="3" style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: decimal; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Compliance vs Productivity.</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> It’s definitely something we all live and breathe, especially in Financial Services, where I see a lot of companies try to walk this very fine and very important line. Use a security model that’s too strict and your end users don’t use the system, while security that’s too lax comes with more threats. Let’s use the same example. So you’re still worried about someone leaving for a competitor and taking all your reports? Okay, remove their privilege to Export Reports and their decommission Connected App Data Loader access. Problem solved, right? Whoops. Too bad you just prevented the user from working on various things they’d need to do in Excel with the exported data. No worries here – </span><a href="https://www.salesforce.com/blog/2016/03/introducing-automated-security-policies-salesforce-shield.html" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">Transaction Security</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">, a feature of Event Monitoring that can alert/block on events in real time, can help. It lets you provide a granular scope on certain types of records and how their export will happen. Maybe we only block anyone who exports an entire contact list, or over 100 contacts. Or, even more lax, maybe we let them do it but email an alert saying they’ve done it. Or, only email or block if they did it in off hours for over 100 contacts. Or email if they did it in off hours, their profile was Standard User, and their User object had a Suspicious__c checkbox boolean flag turned on. You can get really flexible here and get much closer to the business, while letting the end users be productive</span></div>
</li>
</ol>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<ol start="4" style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: decimal; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Keep up with our roadmap!</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> We release 3X per year. Obligatory Forward-Facing statement / #Safeharbor here. We have product managers mapped to Event Monitoring functionality, the Transaction Security aspect of it, and even our </span><a href="https://releasenotes.docs.salesforce.com/en-us/spring16/release-notes/rn_forcecom_monitoring_wave.htm" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">Wave Admin Analytics</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> for Event Monitoring visualization. Take a look at a recent </span><a href="https://releasenotes.docs.salesforce.com/en-us/winter17/release-notes/rn_security_transaction_security.htm" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">Winter ’17</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> example of some things we put in Transaction Security. To broaden picture: we executed on Transaction Security and Wave Admin Analytics – and those are undergoing iterations. Part of it is feedback from YOU! What are the use-cases that are important to you? Continue to share wiith us and we’re open to putting them in our roadmap.</span></div>
</li>
</ol>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<ol start="5" style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: decimal; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Data can come from elsewhere.</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> Event Monitoring is the end-all-be-all. What about your authentication history? Your metadata/configuration changes? Your data & field history changes? Easy to overlook. Don’t forget them for your next audit. As per its name Event Monitoring provides insights on events, while data/metadata changes are a great complement. Wear your fancy audit shoes, seamlessly crunch out reports on all of these things, and give them to the auditors.</span></div>
</li>
</ol>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<ol start="6" style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: decimal; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Join your friend objects.</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> Okay, so you have your logs. Let’s take a look at that example of ours – a user extracting a report. They collect information on User ID of </span><span style="background-color: white; color: #333333; font-family: "arial"; font-size: 15.333333333333332px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">00530000009M943</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">. Good start, but we need to make sense out of it. Well, we have User Object. Plug that into your reporting solution on Event Monitoring, whether it’s a SIEM or our Wave App, for 30 days worth of retention. If I’m looking at a report, Report ID is captured, which can be joined against the Report table to give it a name (versus an ID). We now find out that it was John Smith that looked at a Top Contacts report. And if I want to get a Profile mapping to it, I know that Profile is tied to User via User’s ProfileId. The Wave Admin Analytics is effective here since we’ve brought over some of these friendly objects!</span></div>
</li>
</ol>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<ol start="7" style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: decimal; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">QA Buddy.</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> Not everyone has a QA team and/or QA automation, like Selenium, within their enterprise. When you test your Authorization model, Login-As is a great feature (which is trackable on Event Monitoring, by the way). It lets you impersonate an end-user so you can validate that they can or can’t see functionality, especially data. Who can or can’t see data, create it, edit/update it, etc. Login-As is a QA process, whether it’s you doing it or another individual checking your work. Here’s where your thoughtful effort on Profiles, Permission Sets, Criteria Based Sharing Rules, Apex Managed Sharing Rules, Org Wide Defaults, Role Hierarchy, etc. is put to the test. Those are very important controls – we don’t want the wrong individual within the org to see wrong data, let alone act on it. With event monitoring, you have a true validation of the controls you put in place. You can assert that John Smith never saw a Case filed by Bob Jones for Payroll to validate Bob’s paycheck amount reflects the hours worked. Or, you finally saw that John was able to look at John’s payroll case. So you know your controls need to be changed. This is true automation to validate your controls. </span></div>
</li>
</ol>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<ol start="8" style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: decimal; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Insights into Usage.</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> As per above example of John looking at Cases, you may find this insight beneficial beyond security validation. Let’s say that you want to see how much your Sales team, that John Smith is part of, is looking at customer-only Cases – you’re trying to understand if they are able to help the customer and/or even find new product line opportunities. Event monitoring can help track both use cases, being your QA Buddy for the authorization model and seeing how much functionality is being utilized. A Sales individual can look up a Case and give the customer a call. If they don’t have Salesforce integrated to Telephony, there may not be anything tied to that record, but the log will remain that John Smith went on a customer-field case eight times in two days! </span></div>
</li>
</ol>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<ol start="9" style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: decimal; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Trailhead!</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> We have released various Trailhead modules to get hands-on with this and we run a checker to see if you got your work right or wrong in your Developer org, an account where you can test this. Here are some Trailhead modules: </span><a href="https://trailhead.salesforce.com/en/module/transaction_security" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">Transaction Security Trailhead</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> & </span><a href="https://trailhead.salesforce.com/en/event_monitoring/event_monitoring_intro" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">Event Monitoring Trailhead</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">. There are many other modules that have Security – feel free to search for them in Trailhead depending on your security area of interest. </span></div>
</li>
</ol>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<ol start="10" style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: decimal; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Optimize where it matters.</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> So you saw your complex Visualforce page, that utilizes Angular and is backed by sophisticated Apex Controller, encounter a slower render/request time. You spent 14 hours fixing it. Success! Actually, the behavior witnessed was close enough to average request time. Remember, this was based off your perception of a slower request time. The kicker is that there are two other Visualforce pages that are behaving a good standard deviation out of the ordinary. Perhaps we should’ve chased after those! This is where Event Monitoring can go beyond security – it can help you justify which change requests/projects to allocate your time to. The next kicker is: You encountered slowness on your fancy Visualforce page that was behind or close to average request time… but did you know that you and your peer administrator/developer were the only ones using and testing it? Event Monitoring can tell you how much of your functionality is being used. So perhaps it’s those other two Visualforce page that have been utilized by a lot of users in the past few days that need tweaking!</span></div>
</li>
</ol>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<span id="docs-internal-guid-ee834dda-dbc5-c535-2b6b-c338a1394361"></span><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Happy holidays. Leave your comments below or tweet and discuss with the #salesforcehacker hashtag! Many thanks also for Mike Jacobsen for his contribution on this blog.</span></div>
Unknownnoreply@blogger.com0Boston, MA, USA42.3600825 -71.0588801000000141.984348999999995 -71.704327100000015 42.735816 -70.4134331tag:blogger.com,1999:blog-2565836540734979604.post-11323128407022179132016-12-01T15:57:00.000-08:002016-12-07T13:22:28.638-08:00Two New Keys To Unlock Your Salesforce Users Event Data<br />
<div dir="ltr" style="clear: left; float: left; line-height: 1.38; margin-bottom: 1em; margin-right: 1em; margin-top: 0pt;">
<a href="https://lh4.googleusercontent.com/zq_YL4CuceLkvVqjhf6zdjrSW8r_ppMg6_dxUbHl9IEMAO3wP3cUyk5FpLxoNbJo_ST6fV_QiCn3xHsT4YB5l01z0gWnPxuMDvTHDwYUPUO6b8AKUAeVZyZQqVulRXAqso9Kn9vy" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="400" src="https://lh4.googleusercontent.com/zq_YL4CuceLkvVqjhf6zdjrSW8r_ppMg6_dxUbHl9IEMAO3wP3cUyk5FpLxoNbJo_ST6fV_QiCn3xHsT4YB5l01z0gWnPxuMDvTHDwYUPUO6b8AKUAeVZyZQqVulRXAqso9Kn9vy" style="border: none; transform: rotate(0rad);" width="228" /></a></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 3pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 34.666666666666664px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Two New Keys To Unlock Your Users Event Data</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 14.6667px; white-space: pre-wrap;">Have you been exploring the new release with Event Monitoring? If so, you might have seen the Event Monitoring event log lines that contain Login_Key and Session_Key columns. These are new fields that tie together all the different events in a Salesforce user’s or admin’s login session or activity session, respectively.</span></div>
<h3 dir="ltr" style="line-height: 1.38; margin-bottom: 4pt; margin-top: 16pt;">
<span style="background-color: transparent; color: #434343; font-family: "arial"; font-size: 18.666666666666664px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Introducing Login Key and Session Key </span></h3>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Purpose of the Login Key and Session Key fields are to help provide specific identifier for a user’s login session across various log lines to give customers a better 360 degree view of users behavior within the Salesforce application for a given security investigation, understanding and exploring specific user behavior or when researching a specific application or performance issue.</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Let’s see them in action. Here's an example showing URI event logs - in other words, users’ click path in the Salesforce application across the various generated log lines. To easily see a more concise view of what each user is doing, you can now use LOGIN_KEY as an identifier across the different Events to tie them together as well separate different actions together with this powerful identifier. Please see from the picture below and example of the LOGIN_KEY field within URI event logs.</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-left: 11pt; margin-right: 11pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"></span></div>
<h3 dir="ltr" style="line-height: 1.38; margin-bottom: 4pt; margin-top: 16pt;">
<a href="https://lh4.googleusercontent.com/f7Wuh1LkuZyXB-IFDaPSQaL-z5_Y06AvTfBOFhC3GtCV1G0yzq8RWMx9cZYGA5ecIsVb35Ds7vIzcMQCJ47tQjRKBpmqTV8DwZaO_apQFX9o8URDttCgNA_LLIp4iYvp3pIgNjbK" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="184" src="https://lh4.googleusercontent.com/f7Wuh1LkuZyXB-IFDaPSQaL-z5_Y06AvTfBOFhC3GtCV1G0yzq8RWMx9cZYGA5ecIsVb35Ds7vIzcMQCJ47tQjRKBpmqTV8DwZaO_apQFX9o8URDttCgNA_LLIp4iYvp3pIgNjbK" style="border: none; transform: rotate(0rad);" width="640" /></a><span style="background-color: transparent; color: #434343; font-family: "arial"; font-size: 18.666666666666664px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Login Key and Session Key Examples</span></h3>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">So how can you best take use of this identifier? I’ve collected couple of examples here, please leave your thoughts and additional ideas to the comments below.</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Your application can generate a ton of URI log lines. When researching for specific user’s log lines, you might easily run into issues of finding the needle in the haystack. You can use LOGIN_KEY as grouping mechanism to separate different user sessions and volume of activity.</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<h4 dir="ltr" style="line-height: 1.38; margin-bottom: 4pt; margin-top: 14pt;">
<span style="background-color: transparent; color: #666666; font-family: "arial"; font-size: 16px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Example 1: Splitting User Activity Forensics by Different User Sessions </span></h4>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Looking at URI (i.e. page views) for example in this picture below, we’ve aggregated all URI Logs for user Jari Salomaa on September 23rd. We can see there’s 5 different LOGIN_KEY’s that separate the different sessions ranging from logins from Salesforce1 Mobile, Safari, Chrome browsers from which, there’s over 200 log entries for one specific Login session that we can click and expand and investigate more closely what specific pages those URI logs contain.</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><img alt="Screen Shot 2016-10-19 at 2.28.03 PM.png" height="174" src="https://lh4.googleusercontent.com/S9HZZmpCHg267y5pEUo64Ab_55-kHJ7f1uOvIYJHhepKheVSVdPRkEjQQXy0Bx8Qcc1gkYv-D6WHQDwLZrM-qIlQfpRBXp0VL6tHjBYeUdAiKOMapLObzzIVOGDTb-SRtyF1MAT5" style="border: none; transform: rotate(0rad);" width="640" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Additionally for the security conscious customers, whether on Sales Cloud or Service Cloud or other Salesforce products, understanding data export activity is always important. Who is downloading customer data to their local computers and especially if that happens in very large volume.</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">As an example building real time alerts and policies is important when there are large volume data export activity taking place from different hours of the day outside the typical business hours. This is often the case with compromised credentials and different hacker groups placed in different countries like Russia, China and Eastern Europe targeting valuable data. If you don’t have business users logging in and exporting data in these regions you can use LOGIN_KEY and SESSION_KEY to better understand past behavior against different timezones your business operates. </span></div>
<h4 dir="ltr" style="line-height: 1.38; margin-bottom: 4pt; margin-top: 14pt;">
<span style="background-color: transparent; color: #666666; font-family: "arial"; font-size: 16px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Example 2: Monitoring the number of report exports with SESSION_KEY Salesforce Customers can obtain better visibility to their application’s report export behavior by grouping the ReportExport log line dataset grouped by the hour of the day</span></h4>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">How to identify non business hours data export activity and build alerts</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<ol style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: decimal; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Use Event Monitoring Wave App or any of your preferred data visualization tools or </span><a href="https://salesforce-elf.herokuapp.com/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">Event Log File Browser</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> if you have small volume of logs) to download ReportExport Log Lines</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: decimal; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Group your ReportExport log lines by SESSION_KEY</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: decimal; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Sort the logs by hour of the day </span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: decimal; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Identify non business hour ReportExport events based on your business hours</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: decimal; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Build APEX policy with Transaction Security to alert on a specific threshold e.g. for Account, Opportunity, Lead, Case, Contact etc entity download object by specific timeframe </span></div>
</li>
</ol>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><img alt="Screen Shot 2016-12-01 at 3.15.59 PM.png" height="209" src="https://lh5.googleusercontent.com/LK9dcNTLFZ0ldQH4y_pPl8UQrplMEslZtZv1-xDwN5EsEAwab5tZfDHTyEflVRbYo8yoJt8ey2q0Js3Na41NmkECQm4l1cVuyg-TN5loNcrdZJerDfBfjupvbbX7m2oKA06vsyrC" style="border: none; transform: rotate(0rad);" width="624" /></span></div>
<h4 dir="ltr" style="line-height: 1.38; margin-bottom: 4pt; margin-top: 14pt;">
<span style="background-color: transparent; color: #666666; font-family: "arial"; font-size: 16px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Example 3: Using LOGIN_KEY and SESSION_KEY as identifier across various support 25 log lines</span></h4>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Use it as ID to construct a complete view for forensic investigation to user activity, for example to understand what the user did, which pages the user visited given a specific login session and pull all of that information together in it's own table</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Separate different user sessions within a specific login session within user's credentials, for example when user may have been logged in from API clients, user interface and other places and when it’s hard to understand which session contains unwanted or suspicious behavior</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Parse together otherwise complicated session keys to more holistic view</span></div>
</li>
</ul>
<h3 dir="ltr" style="line-height: 1.38; margin-bottom: 4pt; margin-top: 16pt;">
<span style="background-color: transparent; color: #434343; font-family: "arial"; font-size: 18.666666666666664px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Event Logs That Support Login and Session Key</span></h3>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none; width: 624px;"><colgroup><col width="*"></col><col width="*"></col></colgroup><tbody>
<tr style="height: 0px;"><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">1. Apex Callout</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - details about callouts (external requests) during Apex code execution</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">2. Apex Execution</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - details about Apex classes that are used</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">3. Apex SOAP</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - details about Web Services API calls</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">4. Apex Trigger</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - contains details about triggers that fire in an organization</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">5. API</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - contain details about your organization’s Force.com Web Services API activity</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">6. Asynchronous Report Run </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">- created for scheduled report requests that includes dashboard refreshes, asynchronous reports, scheduled reports and analytics snapshots</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">7. Bulk API</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - contains details about Bulk API requests</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">8. Change Set Operation</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - contains information from change set migrations</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">9. Console</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - contains information about the performance and use of Salesforce console whenever opened with a sidebar component </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">10. Dashboard</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - contains details about dashboards that users view</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">11. Login</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - your organization’s user login history</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">12. Metadata API Operation</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - contains details of Metadata API retrieval and deployment requests</span></div>
</td><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">13. Multiblock Report </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">- contains details about Joined Report reports</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">14. Package Install</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - contains details about package installation in the organization</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">15. Queued Execution</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - details about queued executions, for example Batch Apex</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">16. Report</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - contains information about what happened when user ran a report</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">17. Report Export</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - contains details about reports that a user exported</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">18. REST API</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - contains details about REST specific requests</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">19. Sites</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - contains details of site.com browser UI or API requests</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">20. Transaction Security </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">- contains details about policy execution</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">21. URI</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - contains details about user interaction with the web browser based UI</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">22. Visualforce Request </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">- contains details of browser UI or API based Visualforce requests</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">23. Wave Change</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - represents route or page changes made in the Salesforce Wave Analytics user interface</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">24. Wave Interaction </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">- tracks user interactions with the Wave Analytics user interface</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">25. Wave Performance </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">- help you track trends in your Wave Analytics performance</span></div>
</td></tr>
</tbody></table>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">For more details about supported events, see the </span><a href="https://developer.salesforce.com/docs/atlas.en-us.api.meta/api/sforce_api_objects_eventlogfile.htm" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">SOAP API Guide</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> for additional updates and details, which is updated each release. Thanks for Melissa Kulm, Mike Jacobsen and Lakshmisha Bhat for their invaluable feedback and comments on this blog.</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Please feel free to leave feedback below! </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<span id="docs-internal-guid-348a2e46-bcba-22e4-9867-9bed13ab1207"></span><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
Unknownnoreply@blogger.com1San Francisco, CA, USA37.7749295 -122.4194155000000136.9717915 -123.71030900000001 38.578067499999996 -121.12852200000002tag:blogger.com,1999:blog-2565836540734979604.post-21468889805490272552016-10-02T10:29:00.000-07:002016-10-02T10:29:08.830-07:00Event Monitoring at Dreamforce 16<h2>
Getting ready for Dreamforce? </h2>
Mark your calendars and come join the session about Event Monitoring and Field Audit Trail on <b>Thursday 6th October at 3.30pm - 4.15pm</b> at Moscone West.<br />
<br />
We'll have also Yousuf Khan, VP of IT from PureStorage to present their case for Event Monitoring project for their Salesforce application.<br />
<br />
We'll provide latest roadmap details and insights how to get the most out of your Salesforce application for security and compliance monitoring, application development and performance monitoring as well as user behavior and adoption monitoring.<br />
<br />
We'll highlight also some of the exciting ISV vendor solutions built on top of Event Monitoring APIs to help you analyze, optimize and grow your application securely.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe width="320" height="266" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/dCt2Tzsum2Y/0.jpg" src="https://www.youtube.com/embed/dCt2Tzsum2Y?feature=player_embedded" frameborder="0" allowfullscreen></iframe></div>
<br />
<br />
Remember also to check out the latest Salesforce Shield and Event Monitoring demos at the Salesforce Expo Campground during the conference. We'll have staff to answer any questions related to using the analytics APIs for logs, Login Forensics and Transaction Security policies for customers and partners.<br />
<br />
Details about the Event Monitoring session <a href="https://success.salesforce.com/Ev_Sessions?eventId=a1Q3000000qQOd9EAG#/session/a2q3A000000LBoRQAW">available here</a>.<br />
<br />
You might be additionally interested to check our <a href="https://success.salesforce.com/apex/Sessions?eventId=a1Q3000000qQOd9EAG#/session/a2q3A000000LBoQQAW">Platform Encryption - Bring Your Own Key session</a>.<br />
<br />
See you in Dreamforce! Hope you have a great time!<br />
<br />
Cheers, Jari<br />
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-2565836540734979604.post-71869455817900015892016-07-07T13:06:00.000-07:002016-07-07T13:06:43.161-07:00Get Your Event Monitoring Wave AppHey there! Salesforce Shield and Event Monitoring expands from Event Log API to built in, out of the box data visualization with Event Monitoring Wave App. Now Generally Available (GA)! Big thanks to Adam for all the heavy lifting with the Admin Analytics pilot (former name). <div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyDYP7nHA7Hdk0S4stvKNjY8gqrARGzOFQFchp5DdZEBK38q051mxtzz9jLi0EDw5gGw6K5j_SI8WUOXQvhtutTis72JqHqWXXGEJG3Y8_07NtP-fRPeMcpB4D_WDDxhLvR-x8N1Z0r04/s1600/Screen+Shot+2016-07-07+at+12.16.07+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="191" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyDYP7nHA7Hdk0S4stvKNjY8gqrARGzOFQFchp5DdZEBK38q051mxtzz9jLi0EDw5gGw6K5j_SI8WUOXQvhtutTis72JqHqWXXGEJG3Y8_07NtP-fRPeMcpB4D_WDDxhLvR-x8N1Z0r04/s400/Screen+Shot+2016-07-07+at+12.16.07+PM.png" width="400" /></a></div>
<div>
<br /><div>
<br /></div>
<div>
If you missed the <a href="https://www.salesforce.com/blog/2016/06/event-monitoring-wave-app.html">announcement</a> from June, here's the deal what you need to know.</div>
<div>
<ul>
<li>Event Monitoring supports <a href="https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/using_resources_event_log_files.htm">32</a> different <a href="https://developer.salesforce.com/docs/atlas.en-us.api.meta/api/sforce_api_objects_eventlogfile.htm">Salesforce event types</a> and it can be quite a job to integrate the data flow and figure out which events to subscribe and visualize and build custom dashboards</li>
<li>Event Monitoring customers and partners have now access to <a href="https://help.salesforce.com/apex/HTViewHelpDoc?id=bi_app_admin_wave.htm&language=en_US">Event Monitoring Wave App </a>with 15 built-in dashboards for the core use cases 1. Security, 2. Application Development and Performance monitoring and 3. Salesforce Use and Adoption</li>
<li>Event Monitoring Wave App includes API integration with Event Log Files API providing immediate value out of the box by simply turning Event Monitoring on for your app but also a great point and click interface to slice and dice the data your way with ways to customize dashboards your own way</li>
<li>The Event Monitoring Wave App is licensed for 10 users and 50 million record row limit and there's configuration wizard to select which datasets to include and for how long (default is 7 days) depending on your app's data volume</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiz8EvXJLnscEETad6j3EnOxVyiR_g2L8zQBDnPeuLw7YfMacUr7sIFNDgoX-_VsuzS1HDUrnlCwW1nXOYTsPDuSJhuoPM15te34ITRZW_QkgsbinibLmegqykd_rmhc1NtUKYctFZgynQ/s1600/Screen+Shot+2016-07-07+at+12.21.42+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="154" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiz8EvXJLnscEETad6j3EnOxVyiR_g2L8zQBDnPeuLw7YfMacUr7sIFNDgoX-_VsuzS1HDUrnlCwW1nXOYTsPDuSJhuoPM15te34ITRZW_QkgsbinibLmegqykd_rmhc1NtUKYctFZgynQ/s320/Screen+Shot+2016-07-07+at+12.21.42+PM.png" width="320" /></a></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<b>Security and compliance</b> are a very strong drivers for Event Monitoring customers and we have spent the most of our time building different views for security and compliance related dashboards. Hope you enjoy them, here's a quick walkthrough of each:</div>
</div>
<div>
<ul>
<li><b>My Trust</b>: inspired by trust.salesforce.com, My Trust is a single place to view the health of your Salesforce app, active users, total transactions, average and max page time and end user page time. Drill down to different event types and compare daily trends.</li>
<li><b>Report Downloads</b>: see the percentage of viewed reports that resulted in exports, as well as report export trends by different user agents and IPs that can be filtered down by inactive users to indicate suspicious or large volume of data export activity</li>
<li><b>REST API:</b> analyze who is using the API for example with Data Loader to manage or move large data sets and identify possible hot spots for REST API that are used by managed packages </li>
<li><b>Login As:</b> understand admin behavior logging in as end users and identify possible abuse, where they logged in and who are they and what pages were accessed</li>
<li><b>User Logins:</b> see login trends per user, who is using the application the most, identify IP addressed with shared logins for signs of suspicious use as well as understand what browsers are being used and average times being logged in</li>
<li><b>Setup Audit Trail</b>: identify what admins are doing in the setup and keep track on most common audit changes and their types</li>
<li><b>Files:</b> get visibility which files are being downloaded by different roles, period of time to help identify the top files or resources that are barely being used</li>
</ul>
<div>
<br /></div>
</div>
<div>
<b>Application Development and Performance</b> is also a very important topic to continuously monitor and stay in the know of the application health and understand if some reports are taking long to produce or if certain Apex jobs should be timed differently to avoid hitting governance limits. Here's what we've built for Salesforce developers:</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggU8gN144eOh1F_3PWoeYuzUjysEZSFrJvYNEcxLhs3cKUAGCe79Qy3Re__4_5g9j51-chGE5ZASIeAf0_gaPtEZ08Ig6uvlvMvh4ZFIvttVYRcP0LboNvuR98Ysh3GawnGctae1QlN58/s1600/Screen+Shot+2016-07-07+at+12.35.37+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="152" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggU8gN144eOh1F_3PWoeYuzUjysEZSFrJvYNEcxLhs3cKUAGCe79Qy3Re__4_5g9j51-chGE5ZASIeAf0_gaPtEZ08Ig6uvlvMvh4ZFIvttVYRcP0LboNvuR98Ysh3GawnGctae1QlN58/s320/Screen+Shot+2016-07-07+at+12.35.37+PM.png" width="320" /></a></div>
<div>
<br /></div>
<div>
<ul>
<li><b>Apex Execution:</b> help to prioritize which Apex classes to fix to improve overall performance by comparing overall Apex performance, CPU time, SOQL and DML interactions based on total DB time</li>
<li><b>Reports:</b> see report usage trends accross users and profiles and identify top reports and get visibility into most used reports as well as their performance to load</li>
<li><b>API:</b> see API trends per Object and the overall API performance during certain period of time including average CPU time per API</li>
<li><b>Dashboards:</b> get visibility into Dashboard usage trends over time and the performance of these dashboards so you can prioritize in troubleshooting</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjuT4BDDBD_KEVXAfqa2RUwgbYS6-jUhaYW5oy-Q-nQg-I7eJglZkJX-LUcy_icL1g6Q-K5wHHvHPccFuWJQQwItRVfoAzbMWnVuvsxNnxzt5_QWbSReR9yK8sXJz3Wk9HSMguv7O5gZJs/s1600/Screen+Shot+2016-07-07+at+12.51.07+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="152" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjuT4BDDBD_KEVXAfqa2RUwgbYS6-jUhaYW5oy-Q-nQg-I7eJglZkJX-LUcy_icL1g6Q-K5wHHvHPccFuWJQQwItRVfoAzbMWnVuvsxNnxzt5_QWbSReR9yK8sXJz3Wk9HSMguv7O5gZJs/s320/Screen+Shot+2016-07-07+at+12.51.07+PM.png" width="320" /></a></div>
<div>
<br /></div>
</div>
<div>
<br /></div>
<div>
Last but definitely not least, understanding <b>Adoption and User Engagement</b> for the Salesforce application is key. What are my users doing, how are they accessing the application, when and what are the top resources or click paths. These are valuable for the line of business, executives, IT teams as well as developers alike:</div>
<div>
<br /></div>
<div>
<ul>
<li><b>Lightning SFX:</b> provides visibility who are the users using the new Lightning User Interface and how it's performing, see how many total user interactions took place and what the average and max end user page time (EPT) looks like</li>
<li><b>Page Views (URI)</b>: see what pages the users are clicking the most and how much time they are spending, on average, on these pages. Drill down to additional details for users details and he/she is accessing or drill down to actual pages who are the users using them</li>
<li><b>Visualforce Requests</b>: see the most used Visualforce pages and prioritize troubleshooting based on performance e.g. sorting by runtime you can quickly see the slowest pages, or AppExchange adoption</li>
<li><b>Wave Adoption:</b> last but not least, you have pushed out Event Monitoring Wave App or Sales or Service Wave, and you want to know are your users actually using it, identify details at user level and how many interactions they have with Wave dashboards and which ones they are customizing</li>
</ul>
</div>
<div>
We hope you enjoy the app and will find these built in visualizations useful. You can use your 10 permission set licenses as viewers or editors/managers. If you require more users or are nearing the 50 million limit you can get in touch with your Account Executive to get more with Wave Platform.</div>
<div>
<br /></div>
<div>
If you are an existing Event Monitoring customer and haven't yet tried out the Event Monitoring Wave App: <a href="https://help.salesforce.com/apex/HTViewHelpDoc?id=bi_app_admin_wave.htm&language=en_US">please follow these instructions to get set up.</a> If you're new a customer interested to learn more about Event Monitoring and the Event Monitoring Wave App, get in touch with you Salesforce Account Executive to get started. </div>
<div>
<br /></div>
<div>
For anything else, please leave questions or comments here or reach out on Twitter to <a href="https://twitter.com/salomaa">@salomaa</a>. Thanks and sunny summertime from San Francisco!</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
-Jari</div>
<div>
<br /></div>
<div>
<br /></div>
</div>
Unknownnoreply@blogger.com14tag:blogger.com,1999:blog-2565836540734979604.post-66467739888255613602016-06-08T17:44:00.000-07:002016-06-08T17:44:14.399-07:00New in Summer '16 with Event Monitoring and Transaction Security<b>Event Monitoring with Transaction Security</b> has expanded the support for policy options from API based report export events to cover also UI triggered report exports. You may have seen the updated Apex class for Data Export Policy for Leads? This means any type of report export for specific resources like Leads or Accounts or Opportunities can be set to a specific trigger to apply the appropriate security condition according your security policies. In the stock policy we have defined the condition for more than 2,000 records or more than 1000 ms which would indicate a large data download. You're free to customize the resource and condition in your own policy.<br />
<br />
<span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;">global class DataLoaderLeadExportCondition implements TxnSecurity.PolicyCondition {</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"> public boolean evaluate(TxnSecurity.Event e){</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"> // The event data is a Map<String, String>.</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"> // We need to call the valueOf() method on appropriate data types to use them in our logic.</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"> Integer numberOfRecords = Integer.valueOf(e.data.get('</span><wbr style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"></wbr><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;">NumberOfRecords'));</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"> Long executionTimeMillis = Long.valueOf(e.data.get('</span><wbr style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"></wbr><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;">ExecutionTime'));</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"> String entityName = e.data.get('EntityName');</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"> // Trigger the policy only if and export on leads, where we are downloading more than 2000</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"> // records or it took more than 1 second (1000ms).</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"> if('Lead'.equals(entityName)){</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"> if(numberOfRecords > 2000 || executionTimeMillis > 1000){</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"> return true;</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"> }</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"> }</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"> // For everything else don't trigger the policy.</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"> return false;</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;"> }</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px;">}</span><br />
<br />
This helps security teams to stay in the know with realtime actions for large data export events or shield from unwanted data loss.<br />
<br />
You can use various triggers, such as time, geolocation, IP, profile etc to customize the report export criteria. Simply choose the Data Export event from the dropdown menu and select Account, Case, Contact, Lead or Opportunity from from the resource name and apply your wanted action, in-app notification, email notification, two factor authentication or block.<br />
<br />
Please see the following short demo for applying policy condition on report export with Accounts.<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe width="320" height="266" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/tBasu9gXlYc/0.jpg" src="https://www.youtube.com/embed/tBasu9gXlYc?feature=player_embedded" frameborder="0" allowfullscreen></iframe></div>
<br />
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-2565836540734979604.post-84627913472576754882016-06-01T17:54:00.000-07:002017-04-07T11:56:01.142-07:00Login Forensics: Login History plus for auditing user loginsThe Salesforce App Cloud platform has important auditing capabilities built in to ensure that you can focus on what's most important: your business. One of these foundational audit tools is Login History. The Login History audit trail enables administrators to download the last six months of logins to the Force.com platform, either via a CSV download link in the setup user interface or via the API. With Login History, you can track login successes and failures by user, IP, application, API, or browser to name a few key attributes. In addition, Event Monitoring provides access to the Login log lines as well. As you can tell, we consider Login an important event to keep track of!<br />
<div>
<br /></div>
<div>
We're proud to announce the general availability of a premium add-on service on top of our Event Monitoring product line that goes beyond both the Login log line as well as Login History by tracking login information for ten years!</div>
<div>
<br /></div>
<div>
Here's a breakdown of how the three compare:<br />
<br /></div>
<div>
<table border="1" style="width: 600;">
<tbody>
<tr>
<td></td>
<td>Login History</td>
<td>Login Forensics</td>
<td>Login Log Line</td>
</tr>
<tr>
<td>Data Duration until Deleted</td>
<td>6 months</td>
<td>10 years</td>
<td>30 days</td>
</tr>
<tr>
<td>Storage</td>
<td>Oracle</td>
<td>Hbase</td>
<td>Oracle</td>
</tr>
<tr>
<td>Access</td>
<td>Setup UI, API</td>
<td>API only</td>
<td>API Download only</td>
</tr>
<tr>
<td>Permissions</td>
<td>Manage Users</td>
<td>View Login Forensics Events</td>
<td>View Event Log Files</td>
</tr>
<tr>
<td>Extensibility</td>
<td>No</td>
<td>Yes, via Additional Information</td>
<td>No</td>
</tr>
<tr>
<td>Packaging</td>
<td>Included with every org</td>
<td>Included with Event Monitoring add-on</td>
<td>Included with Event Monitoring add-on</td>
</tr>
<tr>
<td>Name of sObject or File</td>
<td>LoginHistory</td>
<td>LoginEvent</td>
<td>Login Event Type</td>
</tr>
</tbody></table>
<br /></div>
<div>
How is it possible to store this critical data for so long? Salesforce recently adopted an open-source NoSQL database called HBase. HBase is the same database that we use to store up to 10 years of Field Audit Trail data.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkQNoc9Bqb2o2Kh48dihjo-AcS_2Ezx7ZXaYI1fXuVCGZsLTZy1yOE5o6_DCMQqKMET3AROsbtTP35WAlxwYngFES_g89CLk0e9js8O-VuUuoUUr0zY4NBfsQ1_2pnsD0QhhYuzmUL89w/s1600/loginForensicsPage.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="185" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkQNoc9Bqb2o2Kh48dihjo-AcS_2Ezx7ZXaYI1fXuVCGZsLTZy1yOE5o6_DCMQqKMET3AROsbtTP35WAlxwYngFES_g89CLk0e9js8O-VuUuoUUr0zY4NBfsQ1_2pnsD0QhhYuzmUL89w/s400/loginForensicsPage.png" width="400" /></a></div>
<br /></div>
<div>
<br /></div>
<div>
Who cares? Well, I do. As does anyone who wants to maintain an audit trail of login information either for regulatory reasons or to track down anomalous login activity. For instance, imagine that a user always logs in from the same IP address, or during the same login hours, or using the same Chrome browser on Windows. Well, wouldn't it be strange if all of a sudden those behaviors changed over the course of a day, a week, a month, a year, or even a decade? </div>
<div>
<br /></div>
<div>
All of this is possible with SOQL because of the HBase rowkeys we’ve defined. An HBase rowkey defines how we index these objects for fast queries. Imagine if you had to query a billion rows of LoginEvent records from the past decade in less than 120 seconds! That’s fast and furious query performance. </div>
<div>
<br /></div>
<div>
The LoginEvent object, which stores the raw login data, has a rowkey consisting only of EventTime (in a descending sort) and the unique record id. And the PlatformEventMetric object, which stores the hourly roll-up metrics, has rowkey consisting of EventType and then EventTime (in a descending sort). These simple rowkeys enable fast response using standard SOQL. You just need to know the time frame you want to query and in the case of metrics, which metric and for which time frame.</div>
<div>
<br /></div>
<pre style="background-color: #f8f8f8; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); box-sizing: border-box; color: #333333; font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 13px; line-height: 19px; margin-top: 15px; overflow: auto; padding: 6px 10px; word-wrap: normal;">SELECT Application, Browser, EventDate, Id, LoginUrl, UserId
FROM LoginEvent
WHERE EventDate>Yesterday
LIMIT 10</pre>
<div>
<br />
This works because EventDate is the first field in the rowkey and the sort works because of the way we store the rows in descending sort order. This is powerful for querying the last ten Login Events that happened in near real-time. </div>
<div>
<br /></div>
<div>
It’s also powerful for integrating. You can create a polling app that queries every minute in the case of the raw events, and every hour in the case of the metrics, in order to easily integrate the last set of login data since the last query.<br />
<br />
Alternatively, you can use the Asynchronous SOQL solution outlined in my previous blog post: <a href="http://www.salesforcehacker.com/2016/01/using-asynchronous-soql-with-event.html" target="_blank">Using Asynchronous SOQL with Event Monitoring</a>.</div>
<div>
<br /></div>
<div>
Events are captured in near real-time. What does that mean? Well, there can be a minor delay from when the event occurred and when you can query it. If you want, you can self-monitor the near real-time nature of our events. If you take the average difference between the EventDate and the CreatedDate fields, you’ll see how near real-time your events have been captured.<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrty19LqMCJJXPfvS8LfRjkGsZ41UA5KCIG5wD6TShJHuqc8MNlyuElbNquHQ87oRTGRucnKpWxDBdGHcG3jK36SPTlwcoNwfbwUi3UrGhTjfz55OPv3q8OkUFHegA1aXxQdEjavaRtO4/s1600/NearRealTime.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="238" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrty19LqMCJJXPfvS8LfRjkGsZ41UA5KCIG5wD6TShJHuqc8MNlyuElbNquHQ87oRTGRucnKpWxDBdGHcG3jK36SPTlwcoNwfbwUi3UrGhTjfz55OPv3q8OkUFHegA1aXxQdEjavaRtO4/s400/NearRealTime.png" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Near Real Time Example</td></tr>
</tbody></table>
<br /></div>
<div>
There's even the ability to introduce your own metadata into the login flow to further fingerprint user’s login profile and identify anomalies in the login process. We call it Additional Info. It's the ability to introduce your own data through a HTTP Header. This can be done via the browser, a proxy, or API authentication. For instance, you might want to register header name (e.g. "x-sfdc-addinfo-correlationid") and value (e.g. "d18c5a3f-4fba-47bd-bbf8-6bb9a1786624"). Then when you look at your login events, you just need to look for any logins that do not have this identifier to investigate further.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghU1pJPZbFBmPJ4hACyuCIA4asn0Q5fpI0jlPhTeIjzVoeXzoebTjKM8aFlZ828M9BgKeGaNI_Sq0G2vlW8zwVJ75YEqbmjyv38Mmr06vgqDZtOPeNI9YPOg5wJ8vxcWIYm9xcxr5aRe8/s1600/loginForensicsAddInfo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="204" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghU1pJPZbFBmPJ4hACyuCIA4asn0Q5fpI0jlPhTeIjzVoeXzoebTjKM8aFlZ828M9BgKeGaNI_Sq0G2vlW8zwVJ75YEqbmjyv38Mmr06vgqDZtOPeNI9YPOg5wJ8vxcWIYm9xcxr5aRe8/s320/loginForensicsAddInfo.png" width="320" /></a></div>
<br /></div>
<div>
<br /></div>
<div>
Finally, there's a transaction dye that's important to the process. Every Login Event can be traced back to a single Login History Id. This is useful for a couple of reasons. The first one is that Login History connects to Login Geo which captures geographical information like latitude and longitude of your users. As a result, you can use the composite API to orchestrate un-related queries in order to generate the location of every user onto a mapping service like Google Maps. Secondly, with each subsequent activity where the user interacts with data like looking at accounts, you'll be able to track each interaction back to a single Login on both the Login Event and Login History objects. For example, when tracking down which records were viewed from an API query (Data Leakage blog post where this is explained). And after six months, when Login History is deleted, you'll continue to be able to track every interaction back to a single login for nine and one half years more. So even if you login via your iPhone, your Nexus tablet, your Chrome browser on your Mac, and Salesforce for Outlook, we'll be able to separate each set of transactions and link them back to a single login for the next ten years.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6NuT7D7AI1x04Ul2GIMK-hJTTxYEGqXWhtuag3sLP6rILTFLblidHcp9pZo4OIC_jeQBBZDLO0EHZIyEWdsD63ARbPGIalfpFyP6VcSgOf3DSTwLe-8tO2__cYWfLh8HpmbvO1XaMKlg/s1600/sessionId.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="216" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6NuT7D7AI1x04Ul2GIMK-hJTTxYEGqXWhtuag3sLP6rILTFLblidHcp9pZo4OIC_jeQBBZDLO0EHZIyEWdsD63ARbPGIalfpFyP6VcSgOf3DSTwLe-8tO2__cYWfLh8HpmbvO1XaMKlg/s400/sessionId.png" width="400" /></a></div>
<br /></div>
<div>
<br /></div>
<div>
All of the screen shots in this post can be recreated using the sample code found in my <a href="https://github.com/atorman/IdForensics" target="_blank">Github repo</a>.<br />
<br />
Login Forensics ushers in a new age of storing near real-time system generated user activity on the Salesforce platform. </div>
atormanhttp://www.blogger.com/profile/12188546691736154200noreply@blogger.com4tag:blogger.com,1999:blog-2565836540734979604.post-51418732615346265112016-03-23T15:59:00.004-07:002016-03-23T15:59:55.553-07:00Clean up your user's reports in their private folders<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgp75akE6rDDVljtz-1BH67P9hyphenhypheni6MbdKQtwK0iDtDFnL4d6KFqv32kqEXWmJA848c6tiWlpQo8Xcxf5DUwiC9hftzVGaySC7TEUEzaTYq9AOPBeqflzKwep3MVFqjXB8lFQVJXk5nCrm4/s1600/allPrivate2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="383" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgp75akE6rDDVljtz-1BH67P9hyphenhypheni6MbdKQtwK0iDtDFnL4d6KFqv32kqEXWmJA848c6tiWlpQo8Xcxf5DUwiC9hftzVGaySC7TEUEzaTYq9AOPBeqflzKwep3MVFqjXB8lFQVJXk5nCrm4/s400/allPrivate2.png" width="400" /></a></div>
<br />
If I had a nickel for every time an administrator would ask for access to their user's private report folders, I'd have at least $20.45 in my pocket. Just enough to see a movie and buy a small popcorn as I celebrate the awesomeness that is our operational reports team at Salesforce.<br />
<br />
A little known but very cool feature with the <a href="https://releasenotes.docs.salesforce.com/en-us/spring16/release-notes/rn_rd_reports_dashboards_allPrivate_delete.htm" target="_blank">Spring '16 release is the allPrivate scope</a> within SOQL and the API. If you're an administrator and not sure how to use the API, check out my <a href="http://www.salesforcehacker.com/2015/01/api-first-for-administrators.html" target="_blank">API First blog post</a> or just try the publicly available <a href="https://workbench.developerforce.com/login.php" target="_blank">workbench tool</a> which makes it easy for anyone to use the API.<br />
<br />
The allPrivate query scope enables an administrator to query all reports and dashboards that reside in a user's private folder. As a result, when a user becomes inactive or private reports aren't run for long periods of time, it's possible for an administrator to remove those reports.<br />
<br />
There are two simple use cases that illustrate this feature:<br />
1. reports in private folders that haven't been run in the past year<br />
<pre style="background-color: #f8f8f8; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); box-sizing: border-box; color: #333333; font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 13px; line-height: 19px; margin-top: 15px; overflow: auto; padding: 6px 10px; word-wrap: normal;">SELECT Name,FolderName,Owner.Name,Owner.isActive,Id,LastModifiedDate,LastRunDate
FROM Report
USING SCOPE allPrivate
WHERE LastRunDate < LAST_N_DAYS:365
</pre>
<br />
2. reports in an inactive user's private folder<br />
<pre style="background-color: #f8f8f8; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); box-sizing: border-box; color: #333333; font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 13px; line-height: 19px; margin-top: 15px; overflow: auto; padding: 6px 10px; word-wrap: normal;">SELECT Name,FolderName,Owner.Name,Owner.isActive,Id,LastModifiedDate,LastRunDate
FROM Report
USING SCOPE allPrivate
WHERE Owner.isActive = false
</pre>
<br />
Another reason why this feature is at the top of my list for Spring '16 is that it enables Event Monitoring customers to denormalize the names of reports in private report folders. Now when auditing if a report was exported from an inactive user with a report in their private report folder, it's possible for an administrator to pull out the both the report id and the report name using these SOQL queries whereas before, all they got was a report id.<br />
<br />
The Spring '16 release is great time for spring cleaning your user's private reports and for auditing which private reports were exported.<br />
<br />atormanhttp://www.blogger.com/profile/12188546691736154200noreply@blogger.com0tag:blogger.com,1999:blog-2565836540734979604.post-19398966730971519422016-02-03T07:50:00.001-08:002016-02-03T07:50:27.365-08:00Quiddity - the 'whatness' of concurrent Apex limits in Event MonitoringQuiddity.<br />
<br />
I had to look that one up. One of our awesome architects here at Salesforce, <a href="https://twitter.com/Hibbledehibble" target="_blank">Peter Wisnovsky</a>, came up with it.<br />
<br />
Quiddity is defined by <a href="https://en.wikipedia.org/wiki/Quiddity" target="_blank">Wikipedia</a> as the essence of an object. Literally its "whatness" or "what it is".<br />
<br />
What the?! Why not just call it 'type', 'category', or 'dimension'? I asked Peter and he told me that 'type' was too overloaded. I personally just think it's because 'type' was too boring whereas 'quiddity' is supercalifragilisticexpialidocious!<br />
<br />
Regardless it turns out that understanding an Apex class's quiddity is pretty important when determining whether you've hit the synchronous concurrent Apex limit.<br />
<br />
From the <a href="https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_gov_limits.htm" target="_blank">Apex Developer's Guide</a>,<br />
<blockquote class="tr_bq">
"The Concurrent Apex Limit is the number of synchronous concurrent requests for long-running requests that last longer than 5 seconds for each organization. If more requests are made while the 10 long-running requests are still running, they’re denied. Of which, each org has a limit of 10."</blockquote>
What this really means is that when the limit is exceeded, users may receive the following error which can seem confusing to an end-user or even an admin:<br />
<blockquote class="tr_bq">
"Unable to Process Request. Concurrent requests limit exceeded.<br />
To protect all customers from excessive usage and Denial of Service attacks, we limit the number of long-running requests that are processed at the same time by an organization. Your request has been denied because this limit has been exceeded by your organization. Please try your request again later."</blockquote>
There's a great <a href="https://developer.salesforce.com/blogs/engineering/2013/05/force-com-concurrent-request-limits.html" target="_blank">blog post </a>on the engineering developer blog by the former blimp pilot, <a href="https://developer.salesforce.com/blogs/engineering/author/johntan" target="_blank">John Tan</a>, that goes into more detail about what this limit is and how to work with it.<br />
<br />
The quiddity log attribute is key to unlocking an Event Monitoring query to find out which Apex classes have the potential to hit the concurrent Apex limit in your org. Well, that's pretty darn useful, so we added the <a href="http://bit.ly/elfObject">quiddity attribute</a> to the ApexExecution file type in the <a href="https://releasenotes.docs.salesforce.com/en-us/spring16/release-notes/rn_api_objects_changed.htm" target="_blank">Spring '16</a> release.<br />
<br />
There are two reasons why you might run into the concurrent Apex limit:<br />
1. High callout time <--- Probably the most common cause!<br />
2. High database time<br />
<br />
If the cause was a high callout time, you can filter your ApexExecution file based on QUIDDITY (E, H, M, R, V, W, X, L, K, or I) and CALLOUT_TIME (>5000), both of which were added in the Spring '16 release.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjM2Asw2F7erKQSXCsNW8kVt1qUWo7krKwRM6Tu3HRNL3ki5yTQmHXiA9WmhEzscPNCjoFqKX25hS01HoIFtPhmss9tgIWCJb-fTqyJuADhLdbJp8jHxZBQ84pEBVC7S-7lzq5xomzG4Eo/s1600/apexConcurrentLimits.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="283" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjM2Asw2F7erKQSXCsNW8kVt1qUWo7krKwRM6Tu3HRNL3ki5yTQmHXiA9WmhEzscPNCjoFqKX25hS01HoIFtPhmss9tgIWCJb-fTqyJuADhLdbJp8jHxZBQ84pEBVC7S-7lzq5xomzG4Eo/s400/apexConcurrentLimits.png" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Example of how you can use Quiddity and Callout Time to identify Apex classes</td></tr>
</tbody></table>
If the cause was a high db time, you can filter your ApexExecution file based on the QUIDDITY (E, H, M, R, V, W, X, L, K, or I) plus where RUN_TIME>5000.<br />
<br />
The values for quiddity in the logs include:<br />
<br />
A - Legacy Batch Apex<br />
C - Schedule Apex<br />
E - Inbound Email Service<br />
F - Future<br />
H - Apex REST<br />
I - Invocable Action<br />
K - Quick Action<br />
L - Aura<br />
M - Remote Action<br />
Q - Queuable<br />
R - Synchronous<br />
S - Serial Batch Apex<br />
T - Apex Tests<br />
TS - Synchronous Apex Tests<br />
TA - Asynchronous Apex Tests<br />
V - Visualforce<br />
W - SOAP Webservices<br />
X - Execute Anonymous<br />
<br />
This won't exactly tell you where you did hit the limit, but it will at least identify which synchronous Apex classes run longer than five seconds and probably should be optimized using the tips provided <a href="https://developer.salesforce.com/blogs/engineering/2013/05/force-com-concurrent-request-limits.html" target="_blank">John's blog post</a>.<br />
<br />
In addition to quiddity, we also added EXEC_TIME to ApexTrigger files in order to get the run time of each trigger execution instead of RUN_TIME which turns out not to store any values in production. Who knew?!atormanhttp://www.blogger.com/profile/12188546691736154200noreply@blogger.com2tag:blogger.com,1999:blog-2565836540734979604.post-4160560454550814922016-01-12T09:25:00.000-08:002016-01-12T09:25:46.854-08:00Logging Salesforce User Activity with Heroku's LogplexIf you can't already tell, I'm huge advocate of logging user activity. There's something incredibly powerful about understanding what people did in the past. I guess it harkens back to my days as a high school history teacher where I would tell everyone on the first day of class that students who fail my class are doomed to repeat it.<br />
<br />
In my quest for understanding how salesforce customers want to log activity and measure it, there are some consistent themes I've heard:<br />
1. the use case always drives the granularity of the data we need to capture<br />
2. while real-time isn't always necessary, it's almost always desired<br />
3. I really want one place to go to for log data<br />
4. if I have access to the raw log data, I can always slice-and-dice it the way I want in my reporting app of choice<br />
<br />
One interesting solution that I've been playing with is capturing events in Salesforce orgs and sending them over to Heroku. If you haven't heard of <a href="https://www.heroku.com/" target="_blank">Heroku</a> before, you should check it out. It's a platform for developers to effectively deploy and manage their applications. One of the great advantages of Heroku is it's great add-on platform called <a href="https://elements.heroku.com/" target="_blank">Elements</a>. Whether it's cache, video processing, data storage, or monitoring, it's easy to plug Heroku apps into a great ecosystem of app providers.<br />
<br />
Logging Salesforce user activity is pretty simple:<br />
1. I created a polling app that runs on Heroku. In my case, I created a python script that polls Salesforce every minute to retrieve Setup Audit Trail events. But it could just as easily captured Login History, Data Leakage, Apex Limit Events, or really any object accessible via the <a href="https://developer.salesforce.com/docs/atlas.en-us.api.meta/api/sforce_api_objects_list.htm" target="_blank">Salesforce API</a>.<br />
2. The python script writes Salesforce user events to the Heroku logging system called <a href="https://blog.heroku.com/archives/2013/11/7/logplex-down-the-rabbit-hole" target="_blank">LogPlex</a><br />
3. LogPlex is integrated with a series of add-ons including Logentries, Sumologic, and PaperTrail. It can also be integrated into other back end systems like a <a href="https://en.wikipedia.org/wiki/Security_information_and_event_management" target="_blank">SIEM</a> tool or notification apps like PagerDuty<br />
<br />
The advantages of this solution include:<br />
<ul>
<li>it's near real-time (or as real time as the frequency of the polling app you create)</li>
<li>it has the ability to further integrate events from other Heroku apps that you've built</li>
<li>Heroku has a great add-on ecosystem that makes it easy to turn these events into insights</li>
</ul>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJfr4-vXduONA_RDt0VBxMLSA0T95Y6h6HL62LAWA9w4qLBoVi5kwxEv369jD93Ae7h3Le5W0hXHNN1i8goBHLOXawK0HwdQrBPSB2flrHRuSdmyzCgYcJUDsPmpXjBFBWBsiUm4VtKiY/s1600/logentries.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJfr4-vXduONA_RDt0VBxMLSA0T95Y6h6HL62LAWA9w4qLBoVi5kwxEv369jD93Ae7h3Le5W0hXHNN1i8goBHLOXawK0HwdQrBPSB2flrHRuSdmyzCgYcJUDsPmpXjBFBWBsiUm4VtKiY/s320/logentries.png" width="320" /></a></div>
<br />
The disadvantages of this solution include:<br />
<ul>
<li>Heroku's LogPlex only persists the last 1500 events and can be lossy since it was really intended to be used for logging performance trends rather than security events like escalation of privileges.</li>
<li>the polling app will count against API limits. If it polls every minute, it will cost you 1440 API calls per day.</li>
</ul>
To try this solution, check out the sample Setup Audit Trail python script on my <a href="https://github.com/atorman/salesforceLogplex" target="_blank">Github Repo</a>.atormanhttp://www.blogger.com/profile/12188546691736154200noreply@blogger.com0tag:blogger.com,1999:blog-2565836540734979604.post-49139489078494244042016-01-07T15:32:00.001-08:002016-01-07T15:36:16.623-08:00Time For Your Security Health Check<div style="color: rgba(0, 0, 0, 0.701961); font-family: Georgia, serif; font-size: 18px; line-height: 32px; margin-bottom: 32px;">
<div style="color: rgba(0, 0, 0, 0.701961); font-family: Georgia, serif; font-size: 18px; line-height: 32px; margin-bottom: 32px;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOxUZ5mb1D30fVePlr7VbciCaWZOwZTM7Lgg7ADMPYpCBMXJlnL5CeKy9CPgtgFrR3A5GZgYY9i-bPpHrbFWflK03ZT8Sqgj9Lg_s9ASySCgDZ8BCfSZbWd9C0t1_FiHNEEePfH7Y54_g/s1600/spring16.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="183" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOxUZ5mb1D30fVePlr7VbciCaWZOwZTM7Lgg7ADMPYpCBMXJlnL5CeKy9CPgtgFrR3A5GZgYY9i-bPpHrbFWflK03ZT8Sqgj9Lg_s9ASySCgDZ8BCfSZbWd9C0t1_FiHNEEePfH7Y54_g/s320/spring16.png" width="320" /></a></div>
<br />
As a Salesforce administrator, have you ever spent to much time researching security for your cloud applications? Ever felt frustrated trying to find the security setting you need? That's why Salesforce created the <strong>Security Health Check,</strong> available to you in Spring '16 release. </div>
<h2 style="color: rgba(0, 0, 0, 0.85098); font-family: Helvetica, Arial, sans-serif; font-size: 24px; font-weight: 400; margin-bottom: 8px;">
Why we built Security Health Check</h2>
<div style="color: rgba(0, 0, 0, 0.701961); font-family: Georgia, serif; font-size: 18px; line-height: 32px; margin-bottom: 32px;">
Security Health Check was built to bridge the gap with security requirements and actual implementations of security:</div>
<div style="color: rgba(0, 0, 0, 0.701961); font-family: Georgia, serif; font-size: 18px; line-height: 32px; margin-bottom: 32px;">
<img alt="" class="left" data-mce-src="https://media.licdn.com/mpr/mpr/AAEAAQAAAAAAAAZZAAAAJDhmNmNlZTkwLTQzODQtNGViZC1hMjBlLTI5ZTg4YTk5MzBkOQ.png" height="199" src="https://media.licdn.com/mpr/mpr/AAEAAQAAAAAAAAZZAAAAJDhmNmNlZTkwLTQzODQtNGViZC1hMjBlLTI5ZTg4YTk5MzBkOQ.png" style="float: left; height: auto; margin-bottom: 30px; margin-right: 30px; margin-top: 30px; max-width: 100%;" width="246" /></div>
<ul style="color: rgba(0, 0, 0, 0.701961); font-family: Georgia, serif; font-size: 18px; margin-bottom: 15px; margin-left: 0px; margin-right: 0px; padding-left: 35px; padding-right: 0px;">
<li><span style="line-height: 32px;">Difficulty understanding and staying up-to-date with everything security related and how it relates to your business and cloud applications.</span></li>
<li style="line-height: 32px; margin-bottom: 15px; margin-top: 0px;">Configuring security requires security understanding of the business and application environment</li>
<li style="line-height: 32px; margin-bottom: 15px; margin-top: 0px;">Due to changing business landscape, security requirements also keep changing and customers need information how security has been configured</li>
<li style="line-height: 32px; margin-bottom: 15px; margin-top: 0px;">Administrators need to validate compliance across their application portfolio</li>
<li style="line-height: 32px; margin-bottom: 15px; margin-top: 0px;">Identify needs for ISV or add-on security services like <a data-mce-href="http://www.salesforce.com/platform/shield/" href="http://www.salesforce.com/platform/shield/" style="color: #8c68cb; text-decoration: none;">Salesforce Shield</a></li>
</ul>
<h2 style="color: rgba(0, 0, 0, 0.85098); font-family: Helvetica, Arial, sans-serif; font-size: 24px; font-weight: 400; margin-bottom: 8px;">
Using Security Health Check</h2>
<div style="color: rgba(0, 0, 0, 0.701961); font-family: Georgia, serif; font-size: 18px; line-height: 32px; margin-bottom: 32px;">
Security Health Check shows an overall score reflecting how well different security settings in your Salesforce application meet the Salesforce standard baseline. This baseline is the Salesforce recommended practice for implementing highest level of security. </div>
<div style="color: rgba(0, 0, 0, 0.701961); font-family: Georgia, serif; font-size: 18px; line-height: 32px; margin-bottom: 32px;">
<img alt="" class="center" data-mce-src="https://media.licdn.com/mpr/mpr/AAEAAQAAAAAAAAPiAAAAJDVlNmNlNTZlLWU2MGEtNGIyNC1iMzNjLWUwNzlmNTdmYjliOQ.png" height="406" src="https://media.licdn.com/mpr/mpr/AAEAAQAAAAAAAAPiAAAAJDVlNmNlNTZlLWU2MGEtNGIyNC1iMzNjLWUwNzlmNTdmYjliOQ.png" style="display: block; height: auto; margin: 30px auto; max-width: 100%; text-align: center;" width="638" /></div>
<h2 style="color: rgba(0, 0, 0, 0.85098); font-family: Helvetica, Arial, sans-serif; font-size: 24px; font-weight: 400; margin-bottom: 8px;">
Under the hood</h2>
<div style="color: rgba(0, 0, 0, 0.701961); font-family: Georgia, serif; font-size: 18px; line-height: 32px; margin-bottom: 32px;">
The typical Salesforce "org" has about 20 different security nodes in Setup. Each node consists of many different security settings. We've simplified this experience by elevating popular setting groups to the Health Check page. We evaluate each setting's security implication, its implementation, and apply proprietary risk scoring and weights to each security setting.</div>
<h2 style="color: rgba(0, 0, 0, 0.85098); font-family: Helvetica, Arial, sans-serif; font-size: 24px; font-weight: 400; margin-bottom: 8px;">
<strong>What’s Next for Health Check?</strong></h2>
<div style="color: rgba(0, 0, 0, 0.701961); font-family: Georgia, serif; font-size: 18px; line-height: 32px; margin-bottom: 32px;">
We are continuously expanding the scope and functionality of the Health Check on the Security roadmap. Future features include (under Safe Harbor):</div>
<ul style="color: rgba(0, 0, 0, 0.701961); font-family: Georgia, serif; font-size: 18px; margin-bottom: 15px; margin-left: 0px; margin-right: 0px; padding-left: 35px; padding-right: 0px;">
<li style="line-height: 32px; margin-bottom: 15px; margin-top: 0px;">Exposing Health Check API for ISVs and security audits</li>
<li style="line-height: 32px; margin-bottom: 15px; margin-top: 0px;">Adding more setting groups like Certificate and Key Management, Single Sign On and Login Access Policies</li>
<li style="line-height: 32px; margin-bottom: 15px; margin-top: 0px;">Viewing Health Check across multiple Salesforce applications (org’s)</li>
</ul>
<h2 style="color: rgba(0, 0, 0, 0.85098); font-family: Helvetica, Arial, sans-serif; font-size: 24px; font-weight: 400; margin-bottom: 8px;">
<strong>Try It!</strong></h2>
<h2 style="color: rgba(0, 0, 0, 0.85098); font-family: Helvetica, Arial, sans-serif; font-size: 24px; font-weight: 400; margin-bottom: 8px;">
<img class="left" height="456" src="https://media.licdn.com/mpr/mpr/AAEAAQAAAAAAAAcRAAAAJDZlODc5MmMxLTIyYjctNGViOS1hOWE1LTYxNmQ5NGIzODFjMw.png" style="float: left; height: auto; margin-bottom: 30px; margin-right: 30px; margin-top: 30px; max-width: 100%;" width="305" /></h2>
<div style="color: rgba(0, 0, 0, 0.701961); font-family: Georgia, serif; font-size: 18px; line-height: 32px; margin-bottom: 32px;">
<br data-mce-bogus="1" /></div>
<div style="color: rgba(0, 0, 0, 0.701961); font-family: Georgia, serif; font-size: 18px; line-height: 32px; margin-bottom: 32px;">
In Setup, find Security Health Check by typing "Health Check" in the Quick Find box to find it under Security Controls.</div>
<div style="color: rgba(0, 0, 0, 0.701961); font-family: Georgia, serif; font-size: 18px; line-height: 32px; margin-bottom: 32px;">
We hope you use the Health Check and that it becomes a favorite security destination for you.</div>
<div style="color: rgba(0, 0, 0, 0.701961); font-family: Georgia, serif; font-size: 18px; line-height: 32px; margin-bottom: 32px;">
Please feel free to leave your comments, suggestions and feedback below. Thank you!</div>
</div>
Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-2565836540734979604.post-60199652745523731102016-01-05T14:19:00.000-08:002016-01-05T14:19:53.146-08:00Using Asynchronous SOQL with Event MonitoringWorking with BigData requires re-thinking how you work on the Salesforce platform. Since you can assume that you're working with billions of records instead of thousands or even millions, common tasks like aggregate functions (e.g.<span style="color: blue; font-family: Courier New, Courier, monospace;"><b> SELECT count() FROM LoginEvent</b></span>) or complex queries (e.g. <span style="color: blue; font-family: Courier New, Courier, monospace;"><b>SELECT username FROM ApiEvent WHERE Soql LIKE '%SSN__c%</b></span>)) are difficult to perform quickly. By quickly, a SOQL query needs to typically complete within two minutes or it will timeout.<br />
<br />
The advantage of working with BigData on the Salesforce platform is that use cases involving billions of records are now achievable for a variety of use cases including:<br />
<br />
<ul>
<li>long term adoption metrics</li>
<li>audit</li>
<li>performance monitoring</li>
<li>archiving</li>
</ul>
<br />
As a result, it's better to think of BigData as a <a href="https://en.wikipedia.org/wiki/Data_lake" target="_blank">data lake</a>, where massive amounts of data can be processed at scale to meet any of the above use cases.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirAr7qhL-Uf2roY8SP_ymKoG3cTeizWDAdLJ1oPmXp_T2QUHvuKLANT3AorrnajjJx95BUOMxbUjYebAAD2bMzwhbo6wttmwCE3gdMoITYlx64-35mGkwp0C2xDatjnNPZyzmPKpbUOFA/s1600/asyncBlog2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="141" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirAr7qhL-Uf2roY8SP_ymKoG3cTeizWDAdLJ1oPmXp_T2QUHvuKLANT3AorrnajjJx95BUOMxbUjYebAAD2bMzwhbo6wttmwCE3gdMoITYlx64-35mGkwp0C2xDatjnNPZyzmPKpbUOFA/s320/asyncBlog2.png" width="320" /></a></div>
<br />
<br />
In a more concrete case of user login events which we now store in the Salesforce equivalent of BigData called a BigObject, it becomes important to re-think how you can work with the data at scale. This is especially important since not all capabilities that we've come to expect on the Salesforce platform, like operational reports or workflow, may be possible with a BigObject. It's a trade off of scale for limited platform capabilities.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqbD_0FWES_0qJvL4dYz4HHF7vPSnFJ3k8jksmKKbgPuRYRlkwVKBbHflzzQXlV2yqovlEHq7U5-cTzbf-sdzfXiKhLqBUNxsphHCN4aIfW5zB0pNBL4JAM56TZ6QtPTY_Bb7gG0VaST8/s1600/asyncBlog3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="238" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqbD_0FWES_0qJvL4dYz4HHF7vPSnFJ3k8jksmKKbgPuRYRlkwVKBbHflzzQXlV2yqovlEHq7U5-cTzbf-sdzfXiKhLqBUNxsphHCN4aIfW5zB0pNBL4JAM56TZ6QtPTY_Bb7gG0VaST8/s320/asyncBlog3.png" width="320" /></a></div>
<br />
<br />
For instance, rather than querying a BigObject like LoginEvent using a convention like synchronous SOQL via the API for use in real-time applications, it's better to use a new convention called asynchronous SOQL, currently in pilot, for extracting select use cases with analytic apps.<br />
<br />
<a href="http://docs.releasenotes.salesforce.com/en-us/winter16/release-notes/rn_general_async_query.htm" target="_blank">Asynchronous SOQL</a> is similar to the Bulk API in the way it's job based and invoked using the API. But instead of the full CRUD capabilities with Bulk API designed primarily to work with the data off-platform, asynchronous SOQL provides a query-and-insert capability to retrieve sets of data and insert it into a structured object. Currently, this means moving data between BigObjects and custom objects on the platform.<br />
<br />
This doesn't just mean BigObject only data but really any use cases where there is a significant amount of data including (but not inclusive of):<br />
<br />
<ul>
<li>LoginHistory</li>
<li>SetupAuditTrail</li>
<li>AccountHistory (or any other field history object including Field Audit Trail)</li>
<li>Profile or PermissionSet</li>
<li>AccountShare (or any other sharing object)</li>
</ul>
<br />
For instance, you may want to create a subset set of data hourly, daily, or weekly in order to have the full transactionality of the Salesforce platform at your fingertips. Using this design pattern, we can utilize schedule and batch Apex to migrate subsets of data from a BigObject into custom objects. For instance, the ability to extract last week's worth of LoginEvents in order to report on it.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmJ0TrktSnz8_rLGE7uJIRS_8DVnLnYgzhi38fy6Q3lKBvVILaN3xZJ71jyXR8_s-DRDK0he07aqVqNuvpJocga44FLodjxUnfyrVNcRbxnBCqlyvoY-WyxarjeZ6MiQv90kXNNHZ2fI/s1600/asyncBlog4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="175" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmJ0TrktSnz8_rLGE7uJIRS_8DVnLnYgzhi38fy6Q3lKBvVILaN3xZJ71jyXR8_s-DRDK0he07aqVqNuvpJocga44FLodjxUnfyrVNcRbxnBCqlyvoY-WyxarjeZ6MiQv90kXNNHZ2fI/s320/asyncBlog4.png" width="320" /></a></div>
<br />
<br />
As a result, it's now possible to report on it using operational reports:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYIzTGrEQhOI6rQ4K8I8a9fHX93_jZ8KT1XYUne7SfHGaxFojZQRK9qn-_BRHUyiid7zwpYMPSoxkB2RRo-_rhGKFxn9GHgDYp7AmOuoVXvBBuPD4OOlYFRooGt7bCca2OngoqWbcOwiI/s1600/asyncBlog6.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="269" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYIzTGrEQhOI6rQ4K8I8a9fHX93_jZ8KT1XYUne7SfHGaxFojZQRK9qn-_BRHUyiid7zwpYMPSoxkB2RRo-_rhGKFxn9GHgDYp7AmOuoVXvBBuPD4OOlYFRooGt7bCca2OngoqWbcOwiI/s320/asyncBlog6.png" width="320" /></a></div>
<br />
<br />
or with Wave for advanced exploratory capabilities:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwc3J5Qwgu7qFVnDQPL9Wn0hYnC4WTTNoa5ntQT9uxSa_d1mNscVqZrPdG5mnKb-RoabSKObclnwuNZAnC08YHyI4PR-VxHvFfEIB3y12Fu09YJL1jgpAU3DDiqNaxt6LbeyZI0uHMDNA/s1600/asyncBlog7.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="151" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwc3J5Qwgu7qFVnDQPL9Wn0hYnC4WTTNoa5ntQT9uxSa_d1mNscVqZrPdG5mnKb-RoabSKObclnwuNZAnC08YHyI4PR-VxHvFfEIB3y12Fu09YJL1jgpAU3DDiqNaxt6LbeyZI0uHMDNA/s320/asyncBlog7.png" width="320" /></a></div>
<br />
<br />
or utilize workflow for generating tasks and alerts:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFvFIkDsc9Vx_5duCrysxSMepaLni8U14GYfPJVRMtvyOxBuA3rywSduUca2Bs1WZ4Nr9QNv02J9-DM76qxtrBRnfcWLverTTWztDmH36EgO_C0oF7gB-i-oQHr9tTrbH8x3Y32ReghPE/s1600/asyncBlog5.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFvFIkDsc9Vx_5duCrysxSMepaLni8U14GYfPJVRMtvyOxBuA3rywSduUca2Bs1WZ4Nr9QNv02J9-DM76qxtrBRnfcWLverTTWztDmH36EgO_C0oF7gB-i-oQHr9tTrbH8x3Y32ReghPE/s320/asyncBlog5.png" width="320" /></a></div>
<br />
<br />
Asynchronous SOQL provides a new way of interacting with large sets of data on the Salesforce platform. For Event Monitoring use cases, it brings us closer to the kinds of analytic apps that enable CISOs and VPs of IT to understand the state and health of their organization.<br />
<br />
To try this out, contact your Account Executive to have the Asynch SOQL pilot enabled in your org. Then just download the sample code and configurations in my Github <a href="https://github.com/atorman/asyncSOQL" target="_blank">asyncSOQL repository</a> to get started with Event Monitoring use cases like Login Forensics, Data Leakage, or Apex Limit Events.atormanhttp://www.blogger.com/profile/12188546691736154200noreply@blogger.com2tag:blogger.com,1999:blog-2565836540734979604.post-27790149151345629382015-12-23T10:10:00.002-08:002015-12-23T10:10:18.920-08:00A Salesforce Wave App for Comparing PermissionsComparing user's permissions within the Salesforce platform has been a long standing request and non-trivial task for administrators. I wrote a blog post on <a href="http://www.salesforcehacker.com/2013/01/comparing-profiles-and-permission-sets.html" target="_blank">Comparing Profiles and Permission Sets </a>previously about this very topic, outlining some of the challenges reporting on user's access.<br />
<br />
Since then, it's come up on social media a couple of times, most recently with a <a href="https://twitter.com/brentdowney/status/678258476322131968" target="_blank">twitter post</a>.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEia1o8lWPKzyE3_03SmEuTvPo3vRRDFEr4BDB8Pmb6E5l8oceqJCUnRizeE4p_I6HwYM21tVnM04rYbK6JNU3PUpQcM2wzJYRb_Waf1rInbNn4DyS9ZMeJsFSrLb8Y5E6Rbhprf3boic3Y/s1600/TwitterPost.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEia1o8lWPKzyE3_03SmEuTvPo3vRRDFEr4BDB8Pmb6E5l8oceqJCUnRizeE4p_I6HwYM21tVnM04rYbK6JNU3PUpQcM2wzJYRb_Waf1rInbNn4DyS9ZMeJsFSrLb8Y5E6Rbhprf3boic3Y/s320/TwitterPost.png" width="320" /></a></div>
<br />
<br />
While apps like the <a href="https://perm-comparator.herokuapp.com/" target="_blank">Perm-Comparator</a> from <a href="https://twitter.com/_johnbrock" target="_blank">John Brock</a> are still the go-to solution for comparing users, permission sets, and profiles, a thought occurred to me that you could also solve this BigData problem with the Salesforce Wave platform.<br />
<br />
So I set out to use the tooling available via the Wave platform for creating a simple app that compares permission assignments and their containers. It is just a proof of concept but it can be a good starting point for admins who have access to the Wave platform already and want to compare user's permissions.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjs38_epiUzENlNBkYjuD3few76_6S8lOUPKoGL0hlIwnYBIBNyzzMNzKacAeEo2Nn-PDMLY7pK_xJaqPLT2WRLO8cNBlK9r7sYmsC-wB6PY80VRxcewWvsyIM7uUezy8hQ-LdcVSQGTzE/s1600/Dashboard.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="308" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjs38_epiUzENlNBkYjuD3few76_6S8lOUPKoGL0hlIwnYBIBNyzzMNzKacAeEo2Nn-PDMLY7pK_xJaqPLT2WRLO8cNBlK9r7sYmsC-wB6PY80VRxcewWvsyIM7uUezy8hQ-LdcVSQGTzE/s400/Dashboard.png" width="400" /></a></div>
<br />
<br />
The reason to create this kind of dashboard is to explore both permission set assignments (which include profiles) to users as well as the underlying permission set and profile containers.<br />
<br />
This is done by auto-generating datasets using the Wave dataset builder which is a point-and-click tool that accesses these objects via the Salesforce API.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1TFLJZHXTYY1x5M-7H4slO_M_LVj2QTM91Q_Gfsubbbzhn3aWmwTsulnYF_l9hJ1Uj3TZyfuUx6xeOWqlcJx2bMLyasNJi18F_30JgUvhPbaIOMOP8PC-Ri_nllpkadDR5LZRyNWIS-M/s1600/DatasetBuilder.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="210" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1TFLJZHXTYY1x5M-7H4slO_M_LVj2QTM91Q_Gfsubbbzhn3aWmwTsulnYF_l9hJ1Uj3TZyfuUx6xeOWqlcJx2bMLyasNJi18F_30JgUvhPbaIOMOP8PC-Ri_nllpkadDR5LZRyNWIS-M/s400/DatasetBuilder.png" width="400" /></a></div>
<br />
<br />
The Wave platform is an incredible tool for exploring complex datasets and cuts through the complexity of users, permission sets, and profiles like a hot knife through butter. If you have the Wave platform already and would like to try this out after the Spring '16 release, check out my <a href="https://github.com/atorman/permissionsWaveApp" target="_blank">Github repository, permissionsWaveApp</a>.atormanhttp://www.blogger.com/profile/12188546691736154200noreply@blogger.com0tag:blogger.com,1999:blog-2565836540734979604.post-21438386781452794912015-12-14T09:47:00.002-08:002015-12-14T09:47:52.261-08:00Derived Fields or Getting to Last Week's Top Ten by Name Instead of by IdLast December, I <a href="http://www.salesforcehacker.com/2014/12/working-with-timestamps-in-event-log.html">blogged</a> about how to work with timestamps in Event Log Files. The basic idea is that we generate timestamps in the form of a number that looks like this: <span style="font-family: "courier new" , "courier" , monospace;">20151210160337.6</span>. Only, it's not a number really, it's a string. For instance, when you add a couple more characters, you get: <span style="font-family: "courier new" , "courier" , monospace;">2015-12-10T16:03:37.600Z</span>. Look more familiar? More importantly, as an <a href="https://en.wikipedia.org/wiki/ISO_8601">ISO 8601</a> formatted date time type, it's easier to integrate with third party analytic platforms for trending and time series charting.<br />
<div>
<br /></div>
<div>
The same can be said of of other fields like the ubiquitous USER_ID field which is stored as fifteen characters:<span style="font-family: "courier new" , "courier" , monospace;"> 005B0000001WamP</span>. However, in order to integrate with an analytics platform like Wave or Splunk, having the standard eighteen character id like <span style="font-family: "courier new" , "courier" , monospace;">005B0000001WamPIAS</span> makes it much easier to match with the actual User sObject so that you can retrieve other values such as the user's profile or role. The same can be true of any other object that you would want to denormalize so that you can create a report on the top ten users or reports by name instead of by id.<br />
<br />
In Winter '16, we introduced derived fields as a sleepy enhancement to Event Log Files. It is sleepy in that there is no ticker tape parade, no marketing campaigns, no clappies at Dreamforce. Instead, it's a simple and effective way of transforming data when the file is generated based on patterns and data already contained within the file. It's TEL (Transform, Extract, and Load) instead of ETL (Extract, Transform, and Load).<br />
<br />
The original data doesn't go away. Instead, a new field is added with a '_DERIVED' suffix. That way existing integrations won't break and options exist for other kinds of non-standard transformations. For instance, the fifteen character USER_ID now has a counterpart with an eighteen character USER_ID_DERIVED and the TIMESTAMP has a TIMESTAMP_DERIVED equivelent. This opens new doors to future transformations.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEja3Abo5j6_ERjeql_T2VJArvG7j7tgNEZoMVR8o7vAjJAPJiwRkE-8Lhk1e3OBIWxzK5ikwfcFJu-mJf36ysn0qQnU9qIeQbc_ShRA9OD-X-Qi9L0iKU9ubbuS171REYVw-ZRGe15bNKI/s1600/derivedfields1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="103" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEja3Abo5j6_ERjeql_T2VJArvG7j7tgNEZoMVR8o7vAjJAPJiwRkE-8Lhk1e3OBIWxzK5ikwfcFJu-mJf36ysn0qQnU9qIeQbc_ShRA9OD-X-Qi9L0iKU9ubbuS171REYVw-ZRGe15bNKI/s400/derivedfields1.png" width="400" /></a></div>
<br />
This means applications like Wave Analytics can more easily augment or join data based on these transformed ids and timestamps.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQQuC8qMqPuDfGiAe2RDO_g2VwBD3v3htwOZT7Vrt4BamLc5h1bCfzda0ZYIcWsx0TbFa8X5z_JkV-weZprEM_aIeGEA6MRDrATaRj6EpkQb6mmOsvhZ4QcYUcwyscYT5OVONa5p02Z84/s1600/derivedfields2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="172" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQQuC8qMqPuDfGiAe2RDO_g2VwBD3v3htwOZT7Vrt4BamLc5h1bCfzda0ZYIcWsx0TbFa8X5z_JkV-weZprEM_aIeGEA6MRDrATaRj6EpkQb6mmOsvhZ4QcYUcwyscYT5OVONa5p02Z84/s400/derivedfields2.png" width="400" /></a></div>
<br />
<br />
As a result reports look like this<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEieAo15hMltm_HrMqCynqFcAMIziPCN5L8j0ccqXT3N6z6yDmddPQgzcFzlf5QR4lA-nLUE3-sg8ljnw372kzK4QBjToC90p3mHhl90r8x0w4LbxTsIu34UTrQzSqsCfJQq9qpYX2T4Q8g/s1600/derivedfields4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="128" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEieAo15hMltm_HrMqCynqFcAMIziPCN5L8j0ccqXT3N6z6yDmddPQgzcFzlf5QR4lA-nLUE3-sg8ljnw372kzK4QBjToC90p3mHhl90r8x0w4LbxTsIu34UTrQzSqsCfJQq9qpYX2T4Q8g/s400/derivedfields4.png" width="400" /></a></div>
<br />
<br />
instead of like this<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgF6U774wdRORKclSutwMzbi3GCn5YH7DjKNq23vmAMIkIy6gZ_mUidvm9dS6wTI-22IwNXpurBaq7XpryfvNXTcsA0lEyX2h8FBzl58ttS6Otr71suC90TItj8K1QT_XjcmDqHBi48Z_A/s1600/derivedfields5.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="130" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgF6U774wdRORKclSutwMzbi3GCn5YH7DjKNq23vmAMIkIy6gZ_mUidvm9dS6wTI-22IwNXpurBaq7XpryfvNXTcsA0lEyX2h8FBzl58ttS6Otr71suC90TItj8K1QT_XjcmDqHBi48Z_A/s400/derivedfields5.png" width="400" /></a></div>
<br />
<br />
Derived fields with Event Log Files handles the problem of data preparation by transforming the data before the file is generated, making future transformations easier. Hope this helps with your integrations!</div>
atormanhttp://www.blogger.com/profile/12188546691736154200noreply@blogger.com0tag:blogger.com,1999:blog-2565836540734979604.post-6358232582776533252015-11-09T14:28:00.001-08:002015-11-10T08:35:41.567-08:00Using the Setup Audit Trail API - the best kept secret of Winter '16<div>
<div class="separator" style="clear: both; text-align: center;">
</div>
The <a href="https://help.salesforce.com/apex/HTViewHelpDoc?id=admin_monitorsetup.htm&language=en" target="_blank">Setup Audit Trail</a> has been around for a long time. It's part of the Salesforce trust platform and is built into every edition. It tracks changes in setup by administrators such as adding new users, activation of users, changes in permissions including escalations of privilege, and changes to metadata like the creation of fields or deletion of objects. </div>
<div>
<br /></div>
<div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBBw2a2Bt79cnH8AogTIuF9l48AcuWT-wh3doE9M2iDVMdjQfRknHjmme8unssRS_rJMVwGUjyTIShpQIXUU8XGATEROAk7_YMeId8YVkskufty3StS51Him6nCkID68094zXBXSfGpA4/s1600/VSAT.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBBw2a2Bt79cnH8AogTIuF9l48AcuWT-wh3doE9M2iDVMdjQfRknHjmme8unssRS_rJMVwGUjyTIShpQIXUU8XGATEROAk7_YMeId8YVkskufty3StS51Him6nCkID68094zXBXSfGpA4/s320/VSAT.png" width="320" /></a></div>
Until very recently, Setup Audit Trail was only available to manually download to a CSV (comma separated values) file using a link on a page in setup. I kept hearing how customers hated putting manual processes in place to click the link once a month as well as merge newly downloaded CSV files into previous exports. It made audit and compliance use cases much harder than what anyone wanted. Everyone was asking to integrate the Setup Audit Trail using the API so they could schedule regular, automated downloads of audit trail data to analytics and SIEM tools.<br />
<br /></div>
<div>
Starting with Winter '16, we added the Setup Audit Trail to the API as the <a href="https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_setupaudittrail.htm" target="_blank">SetupAuditTrail sObject</a>. There are a couple key use cases that you might want to try out using a tool like <a href="https://workbench.developerforce.com/login.php" target="_blank">Workbench</a>.</div>
<div>
<br /></div>
<div>
1. I want to know everyone who logged in as a particular end-user:<br />
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">SELECT Action, CreatedById, CreatedDate, DelegateUser, Display, Id, Section </span><br />
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">FROM SetupAuditTrail </span><br />
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">WHERE CreatedBy.Name = 'Jim Rivera' </span><br />
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">ORDER BY CreatedDate DESC NULLS FIRST LIMIT 10</span></div>
<div>
<br /></div>
<div>
2. I want to know everyone an admin user logged in as:</div>
<div>
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">SELECT Action, CreatedBy.Name, CreatedDate, DelegateUser, Display, Id, Section </span><br />
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">FROM SetupAuditTrail </span><br />
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">WHERE DelegateUser = 'at@xx.com' </span><br />
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">ORDER BY CreatedDate DESC NULLS FIRST LIMIT 10</span></div>
<div>
<br /></div>
<div>
3. I want to know everything that any users with a specific profile (or role) did in setup:</div>
<div>
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">SELECT Action, CreatedBy.Profile.Name, CreatedDate, DelegateUser, Display, Id, Section </span><br />
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">FROM SetupAuditTrail </span><br />
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">WHERE CreatedBy.Profile.Name = 'EMEA VP' </span><br />
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">ORDER BY CreatedDate DESC NULLS FIRST LIMIT 10</span></div>
<div>
<br /></div>
<div>
4. I want to know every user who was 'frozen' in the last week</div>
<div>
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">SELECT Action, CreatedById, CreatedDate, DelegateUser, Display, Id, Section </span><br />
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">FROM SetupAuditTrail </span><br />
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">WHERE Action = 'frozeuser' AND CreatedDate = Last_n_Days:7 </span><br />
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">ORDER BY CreatedDate DESC NULLS FIRST LIMIT 10</span></div>
<div>
<br /></div>
<div>
5. I want to know everything a specific user did last week</div>
<div>
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">SELECT Action, CreatedById, CreatedDate, DelegateUser, Display, Id, Section </span><br />
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">FROM SetupAuditTrail </span><br />
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">WHERE CreatedBy.Name = 'Adrian Kunzle' AND CreatedDate = Last_n_Days:7 </span><br />
<span style="color: blue; font-family: "courier new" , "courier" , monospace;">ORDER BY CreatedDate DESC NULLS FIRST LIMIT 10</span></div>
<div>
<br /></div>
<div>
I use '<span style="color: blue; font-family: "courier new" , "courier" , monospace;">Limit 10'</span> to just test the queries and keep them from taking a long time to return which is a good idea when experimenting with new queries.<br />
<br />
Once you know what kind of queries you can write, you can create incredible apps that combine the SetupAuditTrail API with an app building platform like Node.js on Heroku:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaRn5SzQGQj2nyh3ux2FGHtj3yH1uqWk36IwhmgTPUFm9FduHb0yVPjaYLFwb9B_8MD0iKFouVxv44uHu_BThwviZjj1Wd2CLlWTZKJ-D6KMagiQebswB2bB8kZTmbDn-FFXqF8zhybpA/s1600/screenshot_external.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaRn5SzQGQj2nyh3ux2FGHtj3yH1uqWk36IwhmgTPUFm9FduHb0yVPjaYLFwb9B_8MD0iKFouVxv44uHu_BThwviZjj1Wd2CLlWTZKJ-D6KMagiQebswB2bB8kZTmbDn-FFXqF8zhybpA/s400/screenshot_external.png" width="365" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
The application above was created by the incredible <a href="https://twitter.com/phollo" target="_blank">Alessandro</a>. You can download the source code from his <a href="https://github.com/phof/AuditTrailYo" target="_blank">Github repository</a> or try it out with this <a href="https://audittrailyo.herokuapp.com/" target="_blank">free Heroku app</a>.</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px; widows: 1;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
You can also explore Setup Audit Trail data using an analytics platform like Wave:</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmPwR68rxcrARo8ugfWNvQWLxf20VOgR_6RwLAJ12ewHzYR1B6FqZBdG-9bf4Ewx60hq-M0hBSkbAQspTlv6cyuY2ovMRmGgkD_DrCnt7TVbaJ8aypGHLZ0gRXWyIBQM3dvLekCPWGHOE/s1600/waveSAT.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="215" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmPwR68rxcrARo8ugfWNvQWLxf20VOgR_6RwLAJ12ewHzYR1B6FqZBdG-9bf4Ewx60hq-M0hBSkbAQspTlv6cyuY2ovMRmGgkD_DrCnt7TVbaJ8aypGHLZ0gRXWyIBQM3dvLekCPWGHOE/s400/waveSAT.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<br /></div>
<div>
The Setup Audit Trail is a powerful way of tracking important administrative audit events and now it's even more accessible through the API.</div>
atormanhttp://www.blogger.com/profile/12188546691736154200noreply@blogger.com6tag:blogger.com,1999:blog-2565836540734979604.post-86050398191452914942015-11-02T10:28:00.001-08:002015-11-02T10:28:52.291-08:00These are a few of my favorite things<div style="text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6aPetabQ-jEi-FwD50hcOt7X1Hy9LZVFRstXnDHUp4lNHJRXxPXg9mzRtmaYXiHJr4qxun9jUht_ZyTsvbyiiJybhsnztPbBlK1N-9NGdl7CnOBLC_seR0JMwgwuJMraBuEWZAHHEPzs/s1600/FewOfMyFavorite.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6aPetabQ-jEi-FwD50hcOt7X1Hy9LZVFRstXnDHUp4lNHJRXxPXg9mzRtmaYXiHJr4qxun9jUht_ZyTsvbyiiJybhsnztPbBlK1N-9NGdl7CnOBLC_seR0JMwgwuJMraBuEWZAHHEPzs/s1600/FewOfMyFavorite.jpeg" /></a></div>
<br />
Event Monitoring provides easily downloadable CSV(Comma Separated Value) log files. The value of this data is really in the insights that you gain from rolling up and aggregating the data based on questions like:<br />
<ol>
<li>how many accounts were accessed in the last week?</li>
<li>how many reports were downloaded by a specific user in the last 6 months?</li>
<li>how many total executions did I have in the past year?</li>
<li>how big are the files that I need to store on an ongoing basis for regulatory reasons?</li>
</ol>
Normally you would spend time to integrate, enrich, and analyze log data using an analytics platform. We have a great app ecosystem of ISV (Independent Software Vendors) that provide pre-built insights into this data.<br />
<br />
But sometimes you just want a quick and easy way to answer this data without first creating an integration or enriching the data. In particular, you may want to analyze the data when it ranges over extremely long periods of time and significant volumes of data that you may not already have integrated into your analytics platform of choice. This actually came up in conversation with a customer administrator who told me that he was downloading Event Log Files and using a command line tool called grep to ask simple questions about the data; in effect he was trying to find a needle in the log file haystack without using an analytics platform.<br />
<br />
Event Log Files generate CSV log file content. As a result, it's easy to report on it using piping in a Unix based CLI (Command Line Interface or Terminal). This is definitely not for the button click crowd but it's incredibly fast and efficient for processing large amounts of data quickly. And since it's a good idea to keep a source system of files for a long period of time, you can always write quick piping commands to answer ad-hoc questions that may come up where you don't want to first stage or munge the data into an analytics platform.<br />
<br />
If you haven't ever worked with a CLI (Command Line Interface or Terminal), I recommend first reading this great blog post from <a href="http://lifehacker.com/5633909/who-needs-a-mouse-learn-to-use-the-command-line-for-almost-anything" target="_blank">Lifehacker</a> or this <a href="http://datavu.blogspot.com/2014/08/useful-unix-commands-for-exploring-data.html" target="_blank">DataVu</a> blog post. Also, if you're a windows only user, I wouldn't really continue with this post unless your files are on a unix based system like Mac or Linux that you can SSH into.<br />
<br />
Here a few of my favorite things when it comes to commands to CLI prompts:<br />
<br />
<b>Use case:</b> login to the file server where you're keeping the source log files<br />
<b>Example Prompt: </b><span style="color: blue; font-family: "courier new" , "courier" , monospace;">ssh username@boxname</span><br />
<b>Notes:</b> you'll need a password which means if you don't own that server, you'll need to request access<br />
<br />
<b>Use case:</b> navigate to the directory where the log files are for a specific date (assuming you're storing them by date rather than by type or something else)<br />
<b>Example Prompt:</b> <span style="color: blue; font-family: "courier new" , "courier" , monospace;">cd Documents/logs/2015-09-30</span><br />
<b>Notes:</b> if you don't manage this server, you'll need to find out where the files are first<br />
<br />
<b>Use case:</b> list the files based on last modified date<br />
<b>Example Prompt:</b> <span style="color: blue; font-family: "courier new" , "courier" , monospace;">ls -tr</span><br />
<b>Example Output:</b><br />
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
ApexCallout-2015-09-30.csv</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
ApexExecution-2015-09-30.csv</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
ApexSoap-2015-09-30.csv</div>
<b>Notes: </b>I love this command. It's super simple and assumes you're dealing with the latest change first.<br />
<br />
<b>Use case:</b> list the files based on size sorted from largest to smallest<br />
<b>Example Prompt: </b><span style="color: blue; font-family: "courier new" , "courier" , monospace;">ls -less | sort -n -r</span><br />
<b>Example Output:</b><br />
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
4116672 -rw-r--r-- 1 auser SFDC\Domain Users 2107733241 Oct 1 21:43 ApexTrigger-2015-09-30.csv</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
3512792 -rw-r--r-- 1 auser SFDC\Domain Users 1798546132 Oct 1 21:53 UITracking-2015-09-30.csv</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
3437816 -rw-r--r-- 1 auser SFDC\Domain Users 1760159289 Oct 1 21:58 URI-2015-09-30.csv</div>
<b>Notes: </b>This is really helpful for finding the size of files, for instance if you just want to view the smallest file as a sample data set.<br />
<br />
<b>Use case:</b> view the entire file in the terminal<br />
<b>Example Prompt:</b> <span style="color: blue; font-family: "courier new" , "courier" , monospace;">cat PackageInstall-2015-09-30.csv</span><br />
<b>Example Output:</b><br />
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
"EVENT_TYPE","TIMESTAMP","REQUEST_ID","ORGANIZATION_ID","USER_ID","RUN_TIME","CPU_TIME","CLIENT_IP","URI","OPERATION_TYPE","IS_SUCCESSFUL","IS_PUSH","IS_MANAGED","IS_RELEASED","PACKAGE_NAME","FAILURE_TYPE","TIMESTAMP_DERIVED","USER_ID_DERIVED"</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
"PackageInstall","20150930175506.083","4-YHvN7eC7w3t6H5TippD-","00D000000000062","0053000000BqwWz","175","","","","INSTALL","0","0","0","0","SOS Quick Setup & Dashboard","OTHER","2015-09-30T17:55:06.083Z","0053000000BqwWzAAJ"</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
"PackageInstall","20150930175953.848","4-YIEBVUUMqV2bH5Tiluk-","00D000000000062","0053000000BqwWz","96","","","","INSTALL","0","0","0","0","SOS Quick Setup</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
Dashboard","OTHER","2015-09-30T17:59:53.848Z","0053000000BqwWzAAJ"</div>
<b>Notes:</b> This is really helpful for small files but can be overwhelming when you have a larger one unless you first reduce the output using a command like grep.<br />
<br />
<b>Use case:</b> only view the first 10 lines of a file<br />
<b>Example Prompt:</b> <span style="color: blue; font-family: "courier new" , "courier" , monospace;">head -10 ApexTrigger-2015-09-30.csv</span><br />
<b>Example Output:</b><br />
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
"EVENT_TYPE","TIMESTAMP","REQUEST_ID","ORGANIZATION_ID","USER_ID","RUN_TIME","CPU_TIME","CLIENT_IP","URI","REQUEST_STATUS","DB_TOTAL_TIME","TRIGGER_ID","TRIGGER_NAME","ENTITY_NAME","TRIGGER_TYPE","TIMESTAMP_DERIVED","USER_ID_DERIVED"</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
"ApexTrigger","20151101000000.414","408evS044zRUwrH5Tipt5-","00D000000000062","00530000003ffnX","","","","","","","01q3000000008Xn","OrderTrigger","Order","BeforeUpdate","2015-11-01T00:00:00.414Z","00530000003ffnXAAQ"</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
"ApexTrigger","20151101000000.496","408evS044zRUwrH5Tipt5-","00D000000000062","00530000003ffnX","","","","","","","01q3000000008Xn","OrderTrigger","Order","AfterUpdate","2015-11-01T00:00:00.496Z","00530000003ffnXAAQ"</div>
<b>Notes: </b>This is really helpful for really large files when you want to quickly validate the file headers with some sample data without having to load all of the data to the terminal or first reduce the data using a command like grep.<br />
<br />
<b>Use case:</b> only view the last 10 lines of a file<br />
<b>Example Prompt:</b> <span style="color: blue; font-family: "courier new" , "courier" , monospace;">tail -10 ApexTrigger-2015-09-30.csv</span><br />
<b>Example Output:</b><br />
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
"ApexTrigger","20151101084720.661","4096gnLuAlCzC6H5Tilrk-","00D000000000062","00530000001fAyR","","","","","","","01q300000000014","eimContractTrigger","Contract","AfterUpdate","2015-11-01T08:47:20.661Z","00530000001fAyRAAU"</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
"ApexTrigger","20151101084720.661","4096gnLuAlCzC6H5Tilrk-","00D000000000062","00530000001fAyR","","","","","","","01q3000000007mq","RenewalsContractTrigger","Contract","AfterUpdate","2015-11-01T08:47:20.661Z","00530000001fAyRAAU"</div>
<b>Notes:</b> This is really helpful for really large files to find when and where the file ends without having to load all of the data to there terminal. Several times, I had questions where the file ended and when the last events were processed for the day. Tail helps me to find out where the file and day ends.<br />
<br />
<b>Use case: </b>find out how many total transactions you had for a day, sorted from highest to lowest<br />
<b>Example Prompt:</b> <span style="color: blue; font-family: "courier new" , "courier" , monospace;">wc -cl /Users/atorman/Documents/logs/2015-09-30/*.csv | sort -n -r </span><br />
<b>Example Output:</b><br />
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
31129864 9577494169 total</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
8904594 2107733241 /Users/auser/Documents/logs/2015-09-30/ApexTrigger-2015-09-30.csv</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
5655267 1760159289 /Users/auser/Documents/logs/2015-09-30/URI-2015-09-30.csv</div>
<b>Notes: </b>This is really helpful for capacity planning or for quick questions around total transactions by file type or date. I'm often asked how many log lines were generated or how big the files are that we're collecting. This is also really easy to output to a CSV so you can provide the information to another person. Just change the prompt to <span style="color: blue; font-family: Courier New, Courier, monospace;">wc -cl /Users/atorman/Documents/logs/ | sort -n -r <b>>> lineCount.csv.</b></span><br />
<br />
<b>Use case:</b> simple report on number of lines by file type (*.csv)<br />
<b>Example Prompt:</b> <span style="color: blue; font-family: "courier new" , "courier" , monospace;">du -a *.csv | sort -n -r </span><br />
<b>Example Output:</b><br />
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
1676752<span class="Apple-tab-span" style="white-space: pre;"> </span>UITracking-2015-11-01.csv</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
1094160<span class="Apple-tab-span" style="white-space: pre;"> </span>ApexExecution-2015-11-01.csv</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
554040<span class="Apple-tab-span" style="white-space: pre;"> </span>ApexSoap-2015-11-01.csv</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
443408<span class="Apple-tab-span" style="white-space: pre;"> </span>RestApi-2015-11-01.csv</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
276112<span class="Apple-tab-span" style="white-space: pre;"> </span>URI-2015-11-01.csv</div>
<b>Notes:</b> Similar to <span style="font-family: "courier new" , "courier" , monospace;">wc -l</span>, <span style="font-family: Courier New, Courier, monospace;">du </span>helps with capacity planning and enables you to answer quick questions around total transactions for a file or event type.<br />
<br />
<b>Use case:</b> simple report on size by file type (*.csv)<br />
<b>Example Prompt: </b><span style="color: blue; font-family: "courier new" , "courier" , monospace;">du -hs *.csv | sort -n</span><br />
<b>Example Output:</b><br />
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
1.4M<span class="Apple-tab-span" style="white-space: pre;"> </span>ApexCallout-2015-11-01.csv</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
1.7M<span class="Apple-tab-span" style="white-space: pre;"> </span>TimeBasedWorkflow-2015-11-01.csv</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
3.2M<span class="Apple-tab-span" style="white-space: pre;"> </span>QueuedExecution-2015-11-01.csv</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
3.6M<span class="Apple-tab-span" style="white-space: pre;"> </span>Logout-2015-11-01.csv</div>
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
5.7M<span class="Apple-tab-span" style="white-space: pre;"> </span>Report-2015-11-01.csv</div>
<b>Notes: </b>Similar to <span style="font-family: "courier new" , "courier" , monospace;">wc -c</span>, helps with capacity planning and to answer quick questions around total transactions for a file or event type.<br />
<br />
<b>Use case:</b> merge multiple CSV files together into a new CSV<br />
<b>Example Prompt:</b> <span style="color: blue; font-family: "courier new" , "courier" , monospace;">Merge cat *.csv > new.csv</span><br />
<b>Notes:</b> This is really helpful when merging multiple files of the same type (e.g. API) that span multiple days into a single CSV prior to loading to an analytics platform.<br />
<br />
<b>Use case:</b> get all of the report export log lines for a specific user (e.g. '00530000000h51Z')<br />
<b>Example Prompt:</b> <span style="color: blue; font-family: "courier new" , "courier" , monospace;">grep -r '00530000000h51Z' 2015*/ReportExport*.csv</span><br />
<b>Example Output:</b><br />
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
2015-10-13/ReportExport-2015-10-13.csv:"ReportExport","20151013205624.313","4-nPScfLnMsalbH5Tipnt-","00D000000000062","00530000000h51Z","","","102.14.229.01","/00O30000008ZXB4","Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36"</div>
<b>Notes:</b> I <3 grep! Grep is basically a simple search, and as a result, is a good tool for finding a needle in the haystack of log lines. Grep is really helpful for providing a quick audit report for your auditors on everything a specific user did. It's also really powerful to combine this with other commands by using a pipe (i.e. '|'). For instance, by adding <span style="color: blue;">'<span style="font-family: "courier new" , "courier" , monospace;">| wc -l'</span></span> to the end of the above command, you can get the total number of reports the user exported instead of the specific report log lines. This is similar to performing a count() in SOQL and filtering by a specific user Id. Now you're using the command line for reporting purposes!<br />
<br />
<b>Use case: </b>get all of the events where an account was accessed<br />
<b>Example Prompt:</b> <span style="color: blue; font-family: "courier new" , "courier" , monospace;">grep 'EVENT_TYPE\|/001' URI*.csv | head -10</span><br />
<b>Example Output:</b><br />
<div style="background-color: #fef49c; font-family: Menlo; font-size: 11px;">
"URI","20151101000017.742","408ewGnZuAVzcrH5Tipu4-","00D000000000062","00530000003jh6y","3597","695","102.14.229.01","/0013000001J4uxa","S","1801149015","8408","430","https-//na2-salesforce-com/00630000010Pxtw?srPos=0-srKp=006","2015-11-01T00:00:17.742Z","00530000003jh6yAAA"</div>
<b>Notes:</b> This is really helpful for providing a quick audit report for your auditors on account access. This is also another good prompt to add '<span style="font-family: "courier new" , "courier" , monospace;">| wc -l</span>' to in order to find out how many times a specific account was accessed.<br />
<br />
<b>Use case: </b>convert timestamp from a number to a string prior to importing to a reporting application<br />
<b>Example Prompt: </b><span style="color: blue; font-family: "courier new" , "courier" , monospace;">awk -F ',' '{ if(NR==1) printf("%s\n",$0); else{ for(i=1;i<=NF;i++) { if(i>1&& i<=NF) printf("%s",","); if(i == 2) printf "\"%s-%s-%sT%s:%s:%sZ\"", substr($2,2,4),substr($2,6,2),substr($2,8,2),substr($2,10,2),substr($2,12,2),substr($2,14,2); else printf ("%s",$i); if(i==NF) printf("\n")}}}' "${eventTypes[$i]}-raw/${eventTypes[$i]}-${logDates[$i]}.csv" > "${eventTypes[$i]}/${eventTypes[$i]}-${logDates[$i]}.csv"</span><br />
<b>Notes: </b>this one takes a lot more work but is really helpful for transforming data before loading it into a system that has specific formatting requirements.<br />
<br />
There are many more great utilities available on the command line, which when coupled with pipes (|) and shell scripts makes for an easy way to automate many simple tasks or perform ad-hoc queries against the raw log files.<br />
<br />
And those are a few of my favorite things!atormanhttp://www.blogger.com/profile/12188546691736154200noreply@blogger.com2tag:blogger.com,1999:blog-2565836540734979604.post-56945569122903096032015-10-29T20:36:00.001-07:002015-10-29T20:36:49.247-07:00LogDate vs CreatedDate - when to use one vs the other in an integrationWhy are there two date-time fields for each Event Log File: LogDate and CreatedDate? Shouldn't one be good enough?<br />
<br />
Seems like it should be a straightforward question, but it comes up frequently and the answer can effect how you integrate with Event Log Files.<br />
<br />
Lets start with the definition of each:<br />
<ul>
<li>LogDate tracks usage activity of a log file for a 24-hour period, from 12:00 a.m. to 11:59 p.m.</li>
<li>CreatedDate tracks when the log file was generated.</li>
</ul>
Why is this important? Why have these two different timestamps? Because having both ensure the reliability and eventual consistency of log delivery within a massively distributed system.<br />
<br />
Each customer is co-located on a logical collection of servers we call a 'pod'. You can read more about pods and the multi-tenant architecture on the <a href="https://developer.salesforce.com/page/Multi_Tenant_Architecture" target="_blank">developer force blog</a>.<br />
<br />
There can be anywhere from ten to one hundred thousand customer organizations on a single pod. Each pod has numerous app servers which, at any given time, handle requests from any of those customer organizations. In such a large, distributed system, it's possible, though not frequently, for an app server to go down.<br />
<br />
As a result, while a customer's transactions are being captured, if an app server does goes down, their transactions can be routed to another server seamlessly without affecting the end-user's experience or the integrity of the data. For a variety of reasons, app servers can go up or down throughout the day but what's important is that this activity doesn't affect the end-user's experience of the app or the integrity of the customer's data.<br />
<br />
Each app server captures it's own log files throughout the day regardless of which customer's transactions are being handled by the server. Each log file therefore represents log entries for all customers who had transactions on that app server throughout the day. At the end of the day (~2am local server time), Salesforce ships the log files from active app servers to an <a href="https://wiki.apache.org/hadoop/HDFS" target="_blank">HDFS</a> where <a href="https://en.wikipedia.org/wiki/Apache_Hadoop" target="_blank">Hadoop</a> jobs run. The Hadoop server generates the Event Log File content (~3am local server time) for each customer based on the app logs that were shipped earlier. This job is what generates Event Log File content which is accessible to the customer via the API.<br />
<br />
It's possible that some log files will have to get shipped at a later date. This could have been from an app server that was offline during some part of the day that comes back on line after the log files are shipped for that day. Therefore log files may be considered <a href="https://en.wikipedia.org/wiki/Eventual_consistency" target="_blank">eventually consistent</a> based on the log shipper or Hadoop job picking up a past file in a future job run. As a result, it's possible that Salesforce will catch up at a later point. We have built look back functionality to address this scenario. Every night when we run the Hadoop job, we check to see if new files exist for previous days and then re-generate new Event Log File content, overwriting the existing log files that were previously generated.<br />
<br />
This is why we have both CreatedDate and LogDate fields - LogDate reflects the actual 24-hour period when the user activity occurred and CreatedDate reflects when the actual Event Log File was generated. So it's possible, due to look back functionality, that we will re-generate a previous LogDate's file and in the process, write more lines than we did on the previous day with the newly available app server files co-mingled with the original app server log files that were originally received.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGf8IBCH1MqkRmxLWySjvotb8dI0RlCxf5z7w2kV1bwcmU-BNDPs5WmO-ygehyk99oNCKEJ4D2mpz9dRT48bcqEAoBXGMANZ-fIbB_udgCtk30sM-vk5WOI6c-6gVIlxjuiDep3leu6_w/s1600/LogDateBlog.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGf8IBCH1MqkRmxLWySjvotb8dI0RlCxf5z7w2kV1bwcmU-BNDPs5WmO-ygehyk99oNCKEJ4D2mpz9dRT48bcqEAoBXGMANZ-fIbB_udgCtk30sM-vk5WOI6c-6gVIlxjuiDep3leu6_w/s400/LogDateBlog.png" width="400" /></a></div>
<br />
<br />
This eventual consistency of log files may impact your integration with Event Log Files.<br />
<br />
The easy way to integrate with Event Log Files is to use LogDate and write a daily query that simply asks for the last 'n' days of log files based on the LogDate:<br />
<br />
<pre style="background-color: #f8f8f8; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); box-sizing: border-box; color: #333333; font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 13px; line-height: 19px; margin-top: 15px; overflow: auto; padding: 6px 10px; word-wrap: normal;">Select LogFile from EventLogFile where LogDate=Last_n_Days:7</pre>
<br />
However, if you query on LogDate, it is possible to miss data that you might get from downloading it later. For instance, if you downloaded yesterday's log files and then re-download them tomorrow, you may actually have more log lines in the newer download. This is because some app log files may have caught up, overwriting the original log content with more log lines.<br />
<br />
To ensure a more accurate query that also captures look back updates of the previous day's log files, you should use CreatedDate:<br />
<br />
<pre style="background-color: #f8f8f8; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); box-sizing: border-box; color: #333333; font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 13px; line-height: 19px; margin-top: 15px; overflow: auto; padding: 6px 10px; word-wrap: normal;">Select LogFile from EventLogFile where CreatedDate=Last_n_Days:7</pre>
<br />
This is a more complicated integration because you will have to keep track of the CreatedDate for each LogDate and EventType that was previously downloaded in the case that a CreatedDate is newer than a previously downloaded file. You may also need to handle event row de-duplication where you've already downloaded log lines from a previous download into an analytics tool like Splunk only to find additional log lines added in a subsequent download.<br />
<br />
There's one option that simplifies this a little bit. You can overwrite past data every time you run your integration. This is what we do with some analytics apps that work with Event Log Files; the job automatically overwrites the last seven days worth of log data with each job rather than appending new data and de-duplicating older downloads.<br />
<br />
This may seem antithetical but believe it or not, having look back is a really good thing because it increases the reliability and eventual consistency when working with logs to ensure you get all of the data you expect to be there.<br />
<br />atormanhttp://www.blogger.com/profile/12188546691736154200noreply@blogger.com0tag:blogger.com,1999:blog-2565836540734979604.post-56800781639569579072015-10-19T11:00:00.001-07:002016-02-02T16:37:08.393-08:00ELF on ELK on Docker<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3ckvFHuKH4hF1uxyzhrns5cr0bUql0hPV0KDNBIycsqVbKW_nqCdrM8VxZH8zzrmdigRe-35nUiX2dOsAe2o6AXGKYOZS3mwg-x7K53kzrtN1BcF3eEU8KKUN1rweIYYvxpguL4yA-YY/s1600/elfonelk.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="141" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3ckvFHuKH4hF1uxyzhrns5cr0bUql0hPV0KDNBIycsqVbKW_nqCdrM8VxZH8zzrmdigRe-35nUiX2dOsAe2o6AXGKYOZS3mwg-x7K53kzrtN1BcF3eEU8KKUN1rweIYYvxpguL4yA-YY/s320/elfonelk.png" width="320" /></a></div>
<br />
The ELF on ELK on Docker repository is available!<br />
<br />
You can download it from Github: <a href="https://github.com/developerforce/elf_elk_docker">https://github.com/developerforce/elf_elk_docker</a>.<br />
<br />
What in the world is ELK? How does an ELF fit on top of an ELK? Who is this Docker I keep hearing about? Why do I feel like I've fallen down the on-premise rabbit hole of acronym based logging solutions??!!<br />
<br />
Okay, lets back up a second. We're trying to solve the problem of creating insights on top of Event Log File (ELF) data.<br />
<br />
ELF stands for Event Log Files. It's Salesforce's solution for providing an easy to download set of organization specific log files. Everything from page views to report downloads. You can't really swing a cat by it's tail (not that I really would try) without hitting a blog post on SalesforceHacker.com about Event Log Files. Event Monitoring is the packaging of Event Log Files.<br />
<br />
Since we launched Event Log Files last November, I've talked with a lot of customers about how to derive insights and visualizations on top of the log data. One of the solutions I keep hearing about is the ELK stack.<br />
<br />
ELK stands for Elasticsearch, Logstash, and Kibana. The ELK stack is an open-source, scalable log management stack that supports exploration, analysis, and visualization of log data.<br />
<br />
It consists of three key solutions:<br />
<ol>
<li>Elasticsearch: A Lucene-based search server for storing log data.</li>
<li>Logstash: ETL process for retrieving, transforming, and pushing logs into data warehouses.</li>
<li>Kibana: Web GUI for exploring, analyzing, and visualizing log data in Elasticsearch.</li>
</ol>
ELK requires multiple installations and configurations on top of commoditized hardware or IaaS like AWS. To simplify the installation and deployment process, we use Docker.<br />
<br />
Docker is an emerging open source solution for software containers. From the <a href="https://www.docker.com/" target="_blank">Docker website</a>:<br />
<blockquote class="tr_bq">
"Docker is an open platform for building, shipping and running distributed applications. It gives programmers, development teams and operations engineers the common toolbox they need to take advantage of the distributed and networked nature of modern applications."</blockquote>
With Docker, all the user needs to do to start working with ELF on ELK is:<br />
<ol>
<li>download the ELF on ELK from <a href="https://github.com/abisek/elf_elk_docker" target="_blank">Github</a></li>
<li>change the sfdc_elf.config file (add authorization credentials)</li>
<li>run Docker from the terminal</li>
</ol>
The purpose of the plug-in is to reduce the time it takes integrating Event Log Files into ELK, not to provide out-of-the-box dashboards like this one that I quickly created:<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinDktLexDvhtb2W0Rixl8mquATJ5fGHbhFvoaPpqoMzSnZJBwL2rGSLa6dm3Hms07YB4mjjNhfnyppuJ9Q_K5MdVNndbfCsv43SaTpDALn4HwQnDluemZWXLUHOuVKTGrLNbqZoBhvGn4/s1600/ELFonELK.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em; text-align: center;"><img border="0" height="224" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinDktLexDvhtb2W0Rixl8mquATJ5fGHbhFvoaPpqoMzSnZJBwL2rGSLa6dm3Hms07YB4mjjNhfnyppuJ9Q_K5MdVNndbfCsv43SaTpDALn4HwQnDluemZWXLUHOuVKTGrLNbqZoBhvGn4/s320/ELFonELK.png" width="320" /></a><br />
As a result, once you start importing Event Log Files into ELK through this ETL plug-in, you'll still need to create the visualizations on top of the data. The advantage of Kibana is that it makes that part point-and-click easy.<br />
<br />
Depending on how you configure Docker and ELK, you might want to expose your new dashboards onto to the corporate network. I found the following terminal command helps to enable access across the VPN:<br />
<blockquote class="tr_bq">
<span style="font-family: "courier new" , "courier" , monospace;">VBoxManage controlvm "default" natpf1 "tcp-port8081,tcp,,8081,,8081";</span></blockquote>
ELF on ELK on Docker provides an on-premise, scalable solution for visualizing Event Monitoring data.<br />
<br />
The ELF on ELK on Docker plug-in was created by the dynamic duo of <a href="https://www.linkedin.com/in/abhishekbs" target="_blank">Abhishek Sreenivasa</a> and <a href="https://www.linkedin.com/in/mislam11" target="_blank">Mohammaed Islam</a>.<br />
<br />
Let us know what you think!atormanhttp://www.blogger.com/profile/12188546691736154200noreply@blogger.com2