Splunk® Supported Add-ons

Splunk Add-on for Salesforce

Release notes for the Splunk Add-on for Salesforce

Version 4.9.0 of the Splunk Add-on for Salesforce was released on January 23, 2024.


Version 4.9.0 of the Splunk Add-on for Salesforce is compatible with the following software, CIM version, and platforms:

Splunk platform versions 9.0.x, 9.1.x
CIM 5.1.1
Platforms Platform independent
Vendor Products Salesforce API versions 42.0 to 59.0

The field alias functionality is compatible with the current version of this add-on. The current version of this add-on does not support older field alias configurations.

For more information about the field alias configuration change, refer to the Splunk Enterprise Release Notes.


To upgrade to version 4.9.0 of the Splunk Add-on for Salesforce, see the Upgrade topic of this manual.

New features

Version 4.9.0 of the Splunk Add-on for Salesforce provides the following features:

  • Support for Salesforce API version 59.0

Fixed issues

Version 4.9.0 of the Splunk Add-on for Salesforce fixes the following (if any) issues:

Date resolved Issue number Description
2024-02-09 ADDON-65826 Not able to access salesforce add-on when assigning the 'list_storage_passowrds' capabilities to non-admin local user in Splunk

Known issues

Version 4.9.0 of the Splunk Add-on for Salesforce has the following known issues. If no issues appear below, no issues have yet been reported:

Date filed Issue number Description
2021-06-15 ADDON-38307 Splunk_TA_Salesforce ingests ApexJob event log only 1 time even though the status is changed from Queued to others.
2021-02-19 ADDON-33993, ADDON-33964, ADDON-34491 Stack trace is getting displayed in the input UI validation error message when user try to delete default inputs
2017-04-25 ADDON-14623 The data collection is slow and/or possible data loss when user add multiple inputs through inputs.conf.

Splunk recommends user to configure inputs via Splunk web, instead of configuring them via inputs.conf.

If user needs to configure them in inputs.conf, do the following: 1. Set "disabled = 1" of inputs.conf under default folder $SPLUNK_HOME/etc/apps/Splunk_TA_salesforce/default/inputs.conf.
2. Restart splunk.
3. Configure the inputs under local folder $SPLUNK_HOME/etc/apps/Splunk_TA_salesforce/local/inputs.conf.
4. Go to the inputs page of this add-on to load the inputs you just configured.
5. After loading all the inputs, go to the default folder again and set "disabled = 0"
6. Restart splunk

Third-party software attributions

Some of the components included in this add-on are licensed under free or open source licenses. We wish to thank the contributors to those projects.

A complete listing of third-party software information for this add-on is available as a PDF file for download:
Splunk Add-on for Salesforce third-party software credits.

Last modified on 12 July, 2024
Source types for the Splunk Add-on for Salesforce   Release history for the Splunk Add-on for Salesforce

This documentation applies to the following versions of Splunk® Supported Add-ons: released, released

Was this topic useful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters