Hi Elias Haddad
We are trying to get Salesforce & Splunk integration working using the Splunk App for Salesforce developed by you.
Followed all the pre-requisites but still not able to pull any data & gone through all the FAQs. Any insights would be greatly appreciated.
Hi Elias, Since there is no documentation available on the internet to resolve these issues except the one you created. Its really hard to get this working without the support from your end. Appreciate if you could point us in right direction.
I was able to install and had the Splunk App for Salesforce work in my local instance. In the setup, I just provided our dev SF instance w/o the https://, the security token w/o the quotes and other credentials as is, user name and password. I followed the Details on enabling the data inputs and validating data. As long as you can get into the workbench and query tables, you should be able to connect to SF and get data.
searching with index=sfdc is giving me No results found message.
While with second query I am getting below errors though I am using end point as "https://test.salesforce.com/" :
2017-04-04 17:09:44,948 ERROR 140074034743040 - Failed to send rest request=https://127.0.0.1:8089/servicesNS/nobody/splunk-app-sfdc/storage/passwords/https%5C%3A%252F%252Ftest.salesforce.com%252F%3Adummy%3A, errcode=404, reason=Requested endpoint does not exist. host = xxxx.com source = /apps/splunk/var/log/splunk/ta_util_rest.log sourcetype = ta_util_conf-2 4/4/17 11:39:04.978 PM 10.94.194.224 - admin [04/Apr/2017:14:09:04.978 -0400] "GET /en-US/splunkd/__raw/services/search/shelper?output_mode=json&snippet=true&snippetEmbedJS=false&namespace=splunk-app-sfdc&search=search+index%3D_internal+error+sfdc&useTypeahead=true&useAssistant=false&showCommandHelp=true&showCommandHistory=true&showFieldInfo=false&_=1491327593898 HTTP/1.1" 200 6365 "https://xxxx.com:8000/en-US/app/splunk-app-sfdc/search" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" - 6a0a95178dd2a5e39c4218bd08786f6f 149ms host = xxxx.com source = /apps/splunk/var/log/splunk/splunkd_ui_access.log sourcetype = splunkd_ui_access 4/4/1711:38:49.412 PM 2017-04-04 14:08:49,412 ERROR 140223494326016 - Failed to send rest request=https://127.0.0.1:8089/servicesNS/nobody/splunk/configs/conf-sfdc/sfdc_account, errcode=404, reason=Requested endpoint does not exist. host = xxxx.com source = /apps/splunk/var/log/splunk/ta_util_rest.log sourcetype = ta_util_conf-2