Splunk® Supported Add-ons

Splunk Add-on for Salesforce

Configure your Salesforce account to collect data

To collect data from Salesforce, create a Salesforce account with the following permissions:

  • (Optional) A security token created for the account to access the Salesforce Rest API. For instructions on how to create a security token, see Reset your security token. Note that a security token is not required if your machine IP is within the Salesforce trusted ip range.
  • (Optional) You need a Salesforce App if you want to use OAuth authentication. When you add an account in the Splunk Add-on for Salesforce and you choose OAuth 2.0 authentication as your authentication type, you see a redirect URL. You must copy this URL and paste it into your Salesforce App.
  • To collect Salesforce object data, you have to have read access to the Salesforce objects you want to get data from.
  • To collect Salesforce event log data, you have to have read access to the Salesforce event log and enable the Salesforce event log file API. For any questions about this API, please contact your Salesforce admin or Salesforce sales representative.

Set up the OAuth App in the Salesforce

  1. Login to Salesforce with the same user credentials that you want to collect data in your Splunk deployment.
  2. From Setup, enter "App Manager" in the Quick Find box, then select "App Manager".
  3. Click New Connected App.
  4. Enter the connected app's name, which displays in the App Manager and on its App Launcher tile.
  5. Enter the API name. The default is a version of the name without spaces. Only letters, numbers, and underscores are allowed. If the original app name contains any other characters, edit the default name.
  6. Enter the contact email for Salesforce.
  7. In the API (Enable OAuth Settings) area of the page, select Enable OAuth Settings.
  8. Copy and paste the redirect URL on the configuration page in the Splunk Add-on for Salesforce in the callback URL section.
  9. Select the following OAuth scopes to apply to the connected app:
    • Access and manage your data (api).
    • Perform requests on your behalf at any time (refresh_token, offline_access).
    • (Optional) In case of data collection, if any permission issues arise, add the Full access (full) scope.
  10. Select Require Secret for the Web Server Flow to require the app's client secret in exchange for an access token.
  11. Select Require Secret for Refresh Token Flow to require the app's client secret in the authorization request of a refresh token and hybrid refresh token flow.
  12. Click Save. It can take about 10 minutes for the changes to take effect.
Last modified on 29 January, 2024
Upgrade the Splunk Add-on for Salesforce   Set up the Splunk Add-on for Salesforce

This documentation applies to the following versions of Splunk® Supported Add-ons: released

Was this topic useful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters