Salesforce in SPLUNK

linaaabad · ‎11-14-2024

I am confused on why I only get _ID's from my Salesforce ingest, for example, I am not getting Username, Profile Name, Dashboard Name, Report Names...etc...I am getting the User ID, Profile ID, Dashboard ID, and so fourth, it makes searches really difficult...How am I to correlate the ID to readable relevant information.? Where User_ID equates to Username (Davey Jones)? Help Please.

Gr0und_Z3r0 · ‎11-18-2024

In the salesforce app for splunk, there's a lookup you can use to get the mapping of user ids and user names. Use the following apps for ingestion of Salesforce events & objects. For stream events, use the streaming app.

Splunk Add-on for Salesforce -> https://splunkbase.splunk.com/app/3549

Splunk Add-on for Salesforce Streaming API -> https://splunkbase.splunk.com/app/5689

Splunk App for Salesforce -> https://splunkbase.splunk.com/app/1931

yuanliu · ‎11-14-2024

There might be a Salesforce app that can manage ingestion and extraction. Short of that, if you are certain that ingestion is complete, you can post sample events (anonymize as needed) so volunteers can help.

Salesforce in SPLUNK

fields

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Build the Future of Agentic AI: Join the Splunk Agentic Ops Hackathon

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Splunk Community Badges!

Join the Conversation

Salesforce in SPLUNK

fields

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Build the Future of Agentic AI: Join the Splunk Agentic Ops Hackathon

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Splunk Community Badges!