Skip to content

Configure your Salesforce account to collect data

To collect data from Salesforce, create a Salesforce account with the following permissions:

  • (Optional) A security token created for the account to access the Salesforce Rest API. For instructions on how to create a security token, see Reset your security token. Note that a security token is not required if your machine IP is within the Salesforce trusted ip range.

  • (Optional) You need a Salesforce App if you want to use OAuth authentication. When you add an account in the Splunk Add-on for Salesforce and you choose OAuth 2.0 Client Credentials as your authentication type.

  • To collect Salesforce object data, you have to have read access to the Salesforce objects you want to get data from.

  • To collect Salesforce event log data, you have to have read access to the Salesforce event log and enable the Salesforce event log file API. For any questions about this API, contact your Salesforce admin or Salesforce sales representative.

Set up the OAuth App in the Salesforce

The Splunk Add-on for Salesforce supports both the OAuth Client Credentials and OAuth Authorization Code flows. The OAuth Client Credentials flow enables authentication without user interaction, whereas the OAuth Authorization Code flow requires user interaction to obtain an access token.

Note

When using the default Salesforce domains, such as login.salesforce.com or test.salesforce.com, it is recommended to use the OAuth Authorization Code flow. This is because Salesforce may experience issues with the OAuth Client Credentials flow when a custom domain is not used.

Oauth Client Credentials flow

  1. Login to Salesforce with the same user credentials that you want to collect data in your Splunk deployment.
  2. Navigate to App Manager:
    • From Setup (gear wheel icon), in the Quick Find box, enter “App Manager” , then select “App Manager”.

  3. Create a New Connected App:

    • Click “New Connected App”.
    • Enter the required details:
    • App Name: This will appear in the App Manager and on its App Launcher tile.
    • API Name: Defaults to a version of the name without spaces. Only letters, numbers, and underscores are allowed. Edit as necessary.
    • Contact Email: Provide a valid email address for Salesforce communication.

  4. Enable OAuth Settings:

    • In the API (Enable OAuth Settings) section:
    • Check Enable OAuth Settings.
    • Define a Callback URL (any valid HTTPS address; this is mandatory but not used in the Client Credentials flow).
    • Move Manage user data via APIS (api) to Selected OAuth Scopes.
    • (Optional) In case of data collection, if any permission issues arise, add the Full access (full) scope.
    • Check Enable Client Credentials Flow.

  5. Save the Connected App:

    • Click Save. It may take approximately 10 minutes for the changes to take effect.

  6. Manage Consumer Details:

    • Once the app is created, go to the API (Enable OAuth Settings) section of the app details.
    • Click Manage Consumer Details.
    • You will need to provide a verification code sent to your email address.
    • Save the Consumer Key and Consumer Secret. These are necessary for authentication.

  7. Configure Client Credentials Policies:

    • Go to Apps > Connected Apps > Manage Connected Apps.
    • Locate your newly created app and click Manage.
    • Under Edit Policies:
    • In the Client Credentials Flow section, set the Run As field to the desired user.
    • Save the changes.

Your Salesforce app is now configured to use the OAuth Client Credentials flow. You can use the Consumer Key and Consumer Secret to authenticate your integration.

OAuth Authorization Code flow

  1. Login to Salesforce with the same user credentials that you want to collect data in your Splunk deployment.

  2. Navigate to App Manager:

    • From Setup (gear wheel icon), in the Quick Find box, enter “App Manager” , then select “App Manager”.

  3. Create a New Connected App:

    • Click “New Connected App”.
    • Enter the required details:
    • App Name: This will appear in the App Manager and on its App Launcher tile.
    • API Name: Defaults to a version of the name without spaces. Only letters, numbers, and underscores are allowed. Edit as necessary.
    • Contact Email: Provide a valid email address for Salesforce communication.

  4. Enable OAuth Settings:

    • In the API (Enable OAuth Settings) section:
    • Check Enable OAuth Settings.
    • Define a Callback URL (Copy and paste the redirect URL on the configuration page in the Splunk Add-on for Salesforce).
    • Move Manage user data via APIS (api) and Perform requests at any time (refresh_token, offline_access) to Selected OAuth Scopes.
    • (Optional) In case of data collection, if any permission issues arise, add the Full access (full) scope.
    • Check Require Secret for the Web Server Flow to require the app’s client secret in exchange for an access token.
    • Check Require Secret for Refresh Token Flow to require the app’s client secret in the authorization request of a refresh token and hybrid refresh token flow. -
  5. Save the Connected App:

    - Click Save. It may take approximately 10 minutes for the changes to take effect.

  6. Manage Consumer Details:
    • Once the app is created, go to the API (Enable OAuth Settings) section of the app details.
    • Click Manage Consumer Details.
    • You will need to provide a verification code sent to your email address.
    • Save the Consumer Key and Consumer Secret. These are necessary for authentication.