Skip to main content
Skip table of contents

Initialize the Salesforce Beat

Prerequisites

  • Open Collector is installed. If you have not already installed it, follow the instructions in the Open Collector Installation and User Guide, and then return to this topic.

  • Set OpenCollector buffer size to 50000.

  • You have the required B2C Salesforce credentials: Client ID and Client Password. To collect log data from B2C Salesforce, the LogRhythm Agent requires the Salesforce user to be have the following permissions:

    • The user must have View Event Log Files and API Enabled user permissions. Users with View All Data permissions can view event log files.

    • READ access permissions must be enabled for the following Salesforce objects: 

      • Event Log File

      • Report, Dashboard

      • User

      • Opportunity

      • Account

      • LoginHistory

    • To connect over the REST API, the Salesforce user needs to have a security token associated with it. If you do not have a security token, follow the instructions at the following link: Reset Security Token.

  • The following port is open:

Direction

Port

Protocol

Source

Outbound

443

HTTPS

salesforcebeat

Initialize the Beat

  1. Confirm the Open Collector is running:

    CODE
    ./lrctl status

    You should see the open_collector and metrics version:

    If Open Collector is not running correctly, see Troubleshoot the Open Collector in the Open Collector Installation and User Guide.

  2. Run the following command to start the beat:

    CODE
    ./lrctl salesforcebeat start
  3. Using the arrow keys, select New salesforcebeat instance from the list, and then press Enter.

  4. Enter a unique identifier for this Salesforce beat instance, and then press Enter.

  5. Enter the Salesforce beat domain name, and then press Enter.

  6. Enter the Client ID for the Salesforce Beat configuration, and then press Enter.

  7. Enter the Client Password for the Salesforce Beat configuration, and then press Enter.

  8. Enter the hostname or IP Address of the Open Collector, and then press Enter.

  9. Enter the port number on which open collector listens the request, and then press Enter.

    The Salesforce Beat starts successfully.

  10. To check the status of the service, run the following command:

    CODE
    ./lrctl salesforcebeat status

Salesforce Beat Notes

  1. Since Salesforce is used to process extremely large logs, it is highly recommended to set the OpenCollector buffer size to 50000.

  2. The Salesforce Beat will collect logs only once per day at 5 AM UST.

  3. If the beat is started after/before 5 AM UST, it will collect logs that are available up to that time. The beat will run again at its scheduled time of 5 AM UST and collect all the logs once again. This may cause duplicate logs in the system.

  4. If you wish to fetch logs from a particular date, you can provide the date in the salesforcebeat.yml file in the customPullDate field, using the YYYY-MM-DD format, and then restart the beat, whch will collect logs from that date. You will then have a one hour window to reset this field to blank to avoid repeated logs from that date. After resetting this field to blank, you will need to restart the beat for its regular functionality. This restart will collect logs of that day up to that time. This activity may also cause duplicate logs in the system.

Default Config Values for the Salesforce Beat

S.No

Field Name

Default Values

1

heartbeatinterval

60s

2

heartbeatdisabled

false

3

period

1000s

4

throttlingIntervalSecs

60

This field value should always be greater than 0.

5

customPullDate

““

This date is in the YYYY-MM-DD format. The Salesforce Beat will pull the data for the mentioned date only, if one has been entered. It will keep pulling the data for this date only after the Period time elapsed.

It is suggested to revert the date to blank after the logs have been pulled for the desired date.

6

limit

1000

The supported limit range is 1-1000.

7

ingestToday

false

This field can be changed to “true” when the log of today’s date is required.

8

numbackdaysData

0

Edit this field to determine the number of back days for which to collect logs.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.