Splunk App for Salesforce

With Splunk App for Salesforce, monitor all operational activities, analyze trends and user behavior, with extensive reports and dashboards for application management, adoption and usage analytics and security.


Video Transcript

Hi, my name is Elliot [? Sedan, ?] and in this short video, we'll give you a quick tour of the Splunk app for Salesforce.

For those of us who are not familiar with Splunk, it is a machine data platform. Splunk helps you make sense out of your data and gives you insight into it, whether this data is coming from Salesforce, or any other environment.

Now, the Splunk app for Salesforce runs on top of the Splunk platform. In a nutshell, it allows you to automatically collect, analyze data from any Salesforce object, including the event log API, to give you better insight into your Salesforce activities.

Once the data is automatically collected by this app, you can leverage the numerous dashboard that come out of the box. These dashboard are grouped into three categories, App Management that gives you insight into your overall health of your Salesforce instance, Salesforce Adoption that lets you know how and where users are connecting, and Security that helps you detect any security threat.

Let's start with the App Management dashboard that comes built in within this app. As you can see, we have various dashboard that an SFDC admin, or a developer, can leverage. Whether it is to analyze login patterns to find that locked user, whether it is to get insight into a visual force performance, and many more.

What you see here on the screen is a dashboard that helps you find out, in real time, what reports have the highest performance impact, what reports are causing problems, where are the stale or no longer used report, and what are the users that are abusing the environment scheduling an unreasonably high number of report runs.

So how about the performance of your custom application running on your first dotcom platform? How can you troubleshoot performance problems there? Well, with the help of the apex performance dashboard, you can quickly isolate it all the way down to the apex page, to the slowest apex classes, or even the slowest SOQL query. You can also find out the load per application.

These are all valuable dashboards in the app management space that an operations engineer or an SFDC admin can leverage. But what if I want to look at how my users are logging in, and what devices they are using in order to connect?

What you see here is a dashboard that provides insight into the login patterns. We can look into the failed and successful login, and quickly identify if we have high login failure rate at any point in time.

Below that, we can see the device that my Salesforce users are connecting from, what are the most active users, what are the most active IP address that have the highest number of login attempts, whether these are failed or successful logins.

Another interesting dashboard is the login by geographies. We can look at a nice map with real-time view of login geographies.

In addition to that, we can look at the overall login patterns grouped by different browsers and browser versions. This is very helpful, especially when you have issues related to a specific browser. For example, when users are using an old version of a browser that is no longer supported which is resulting in a high number of failure.

In terms of security and data loss prevention, this app examines your security posture by analyzing the URLs access by Salesforce user. In this report, we can monitor activities by a given user. From here, we can analyze the login pattern of that selected user, what reports and what dashboard have been mostly accessed, but most importantly, if any confidential data is being exported from the system. That, in addition to monitoring the document, the opportunities, and the accounts that are mostly viewed by that user. This is very powerful, especially when I want to prevent proprietary data loss by employees who are leaving or about to leave the company to a competitor.

In addition to that, this app helps you flag suspicious login. In this dashboard, Splunk is analyzing all consecutive logins by a given user and calculating the time difference, as well as the distance traveled between those two logins.

So in this case, this user is logged in from Germany, followed by another login from the United States. The time difference between those two logins is about 2,000 seconds, which does not justify the distance traveled. This would result in Splunk flagging this as a suspicious log in.

In summary, we have seen a short glimpse of the numerous capabilities of the Splunk app for Salesforce. Feel free to test drive the app against your Salesforce instance by requesting the Splunk online sandbox from the URL you see on the screen. If you have any questions, please contact us sales@splunk.com. Thank you.