SECURITY SECURITY

Splunk App for Salesforce

Do you manage a Salesforce environment and would like to analyze who is accessing what? Would you like to find out who is exporting sensitive data? Would you like to detect any Salesforce related suspicious activities or any slow running reports, dashboards, SOQL queries?

If the answer to the above is yes, you should check out the Splunk App for Salesforce which has been recently released as a service on Splunk Cloud. This App relies on the Salesforce Event Log File that exposes Salesforce access logs. In addition to that, you can also leverage this app to collect and index any data from the standard Salesforce objects. In other words, you can use this app to index structured and unstructured salesforce data.
For a quick peek at the app, check out the Splunk App for Salesforce Demo video

 

Architecture

 

In a nutshell, this App provides deep insight into three categories:

• Application Management: You can view various dashboards that let you detect slow running Salesforce reports, slow running dashboards, stale or unused reports. You can also have deep insight into your APEX backend performance such as slow running classes, SOQL queries, triggers, VisualForce pages and much more.

 

Screen Shot 2014-10-13 at 2.40.28 PM

 

• Adoption and Usage Analytics: You can use this app to perform trend analysis for all access to Salesforce by user, group, regions. You can find out what browsers, platforms/OS (mobile or PC) your users are connecting from. For example, you can also leverage this app to detect if some access related issues are caused by old/unsupported versions of the browser.

 

Browser Analytics

 

• Security: You can detect security threats by analyzing login patterns and also trigger alerts if there are, for example, high login requests from a given IP. The app can also prevent data loss by monitoring Report exports, accessed documents, previews, etc.

 

Data Export/Access

 

• Chatter feed: You can also automatically trigger Chatter feed entries for alerting your Salesforce admins of all anomalies.

 

Chatter feed alert

 

You can test drive the app for free by signing up for the Online Sandbox. The setup is pretty straight forward and should take you a few minutes provided you have the right access to your Salesforce instance. Make sure you have met all the pre-requisites as per the app documentation

Stay tuned for more. Happy Splunking!

Elias Haddad
Posted by Elias Haddad

Join the Discussion