Release notes for the Splunk add-on for Salesforce
Version 2.0.0 of the Splunk Add-on for Salesforce was released on October 11, 2018.
The Splunk Add-on for Salesforce version 2.0.0 introduces breaking changes. If you are upgrading from an earlier version of the Splunk Add-on for Salesforce, you must follow the steps outlined in Upgrade the Splunk Add-on for Salesforce to prevent data loss.
Version 2.0.0 of the Splunk Add-on for Salesforce is compatible with the following software, CIM version, and platforms:
|Splunk platform versions||6.6.x, 7.0.x, 7.1.x, 7.2.x|
|Vendor Products||Salesforce API version 42.0|
To upgrade to version 2.0.0 of the Splunk Add-on for Salesforce, see the Upgrade topic of this manual.
Change in source names in version 2.0.0
Version 2.0.0 of the Splunk Add-on for Salesforce supports multiple accounts or custom endpoints. Therefore, there is a new field in version 2.0.0 called
UserAccountId. Also, in version 2.0.0, the account and input names appear in source names. For example, the source name that was
sfdc_object://LoginHistory in previous versions is
sfdc_object://LoginHistory_accountname_inputname in version 2.0.0.
Version 2.0.0 of the Splunk Add-on for Salesforce provides the following new features:
- Support for Salesforce API version 42.0
- Support for multiple accounts
- Support for custom endpoints
- Escaping of ampersands in the password
- Support for OAuth 2.0 authorization
- Provides default support for
Version 2.0.0 of the Splunk Add-on for Salesforce fixes the following issues:
|Date resolved||Issue number||Description|
|2018-05-21||ADDON-14633||This add-on does not support user to update "Query Start Date" field once it's been configured.|
|2018-05-17||ADDON-15807||Splunk_TA_salesforce crashes while trying do ingest large log files|
|2018-05-14||ADDON-16577||Customer is experiencing authentication issues with Splunk Add-on for Salesforce|
Version 2.0.0 of the Splunk Add-on for Salesforce has the following known issues. If no issues appear below, no issues have yet been reported:
|Date filed||Issue number||Description|
|2018-10-30||ADDON-20114||Few inputs do not consume data after upgrading sfdc addon from 1.0 to 2.0|
|2018-09-05||ADDON-19328, ADDON-19215||Basic account credentials are not validated at the time of account configuration|
|2017-05-16||ADDON-14793||User cannot delete the default inputs in this add-on.|
|2017-04-25||ADDON-14623||The data collection is slow and/or possible data loss when user add multiple inputs through inputs.conf.|
Splunk recommends user to configure inputs via Splunk web, instead of configuring them via inputs.conf.
If user needs to configure them in inputs.conf, do the following:
1. Set "disabled = 1" of inputs.conf under default folder $SPLUNK_HOME/etc/apps/Splunk_TA_salesforce/default/inputs.conf.
|2017-04-17||ADDON-14557||Possible data loss when modular input exits (Restart Splunk, disable input) during data collection|
|2017-04-16||ADDON-14545||User cannot upgrade this add-on on Windows|
Disable this add-on in Splunk settings before upgrading. Then enable it after upgrade is finished.
Source types for the Splunk add-on for Salesforce
Hardware and software requirements for the Splunk Add-on for Salesforce
This documentation applies to the following versions of Splunk® Supported Add-ons: released