Splunk® Supported Add-ons

Splunk Add-on for Salesforce

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

Release notes for the Splunk Add-on for Salesforce

Version 4.8.0 of the Splunk Add-on for Salesforce was released on Aug 11, 2023.

Compatibility

Version 4.8.0 of the Splunk Add-on for Salesforce is compatible with the following software, CIM version, and platforms:

Splunk platform versions 8.2.x, 9.0.x
CIM 5.1.1
Platforms Platform independent
Vendor Products Salesforce API versions 42.0 to 58.0

The field alias functionality is compatible with the current version of this add-on. The current version of this add-on does not support older field alias configurations.

For more information about the field alias configuration change, refer to the Splunk Enterprise Release Notes.

Upgrade

To upgrade to version 4.8.0 of the Splunk Add-on for Salesforce, see the Upgrade topic of this manual.

New features

Version 4.8.0 of the Splunk Add-on for Salesforce provides the following features:

  • Support for Salesforce API version 57.0 and 58.0.
  • Enhanced the EventLogFile input data collection to handle the scenario where a particular EventLogFile gets deleted from the Salesforce server.

Fixed issues

Version 4.8.0 of the Splunk Add-on for Salesforce fixes the following (if any) issues:

Date resolved Issue number Description
2023-08-09 ADDON-62516 Increase oauth_timeout to give enough time for MFA

Known issues

Version 4.8.0 of the Splunk Add-on for Salesforce has the following known issues. If no issues appear below, no issues have yet been reported:


Date filed Issue number Description
2021-06-15 ADDON-38307 Splunk_TA_Salesforce ingests ApexJob event log only 1 time even though the status is changed from Queued to others.
2021-02-19 ADDON-33993, ADDON-33964, ADDON-34491 Stack trace is getting displayed in the input UI validation error message when user try to delete default inputs
2017-04-25 ADDON-14623 The data collection is slow and/or possible data loss when user add multiple inputs through inputs.conf.

Workaround:
Splunk recommends user to configure inputs via Splunk web, instead of configuring them via inputs.conf.

If user needs to configure them in inputs.conf, do the following: 1. Set "disabled = 1" of inputs.conf under default folder $SPLUNK_HOME/etc/apps/Splunk_TA_salesforce/default/inputs.conf.
2. Restart splunk.
3. Configure the inputs under local folder $SPLUNK_HOME/etc/apps/Splunk_TA_salesforce/local/inputs.conf.
4. Go to the inputs page of this add-on to load the inputs you just configured.
5. After loading all the inputs, go to the default folder again and set "disabled = 0"
6. Restart splunk

Third-party software attributions

Some of the components included in this add-on are licensed under free or open source licenses. We wish to thank the contributors to those projects.

A complete listing of third-party software information for this add-on is available as a PDF file for download:
Splunk Add-on for Salesforce third-party software credits.

Last modified on 25 September, 2023
PREVIOUS
Source types for the Splunk Add-on for Salesforce 		  NEXT
Release history for the Splunk Add-on for Salesforce

This documentation applies to the following versions of Splunk® Supported Add-ons: released

Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters