diff --git a/packages/salesforce/_dev/build/docs/README.md b/packages/salesforce/_dev/build/docs/README.md index 4eedff7943b..4f11a6a2476 100644 --- a/packages/salesforce/_dev/build/docs/README.md +++ b/packages/salesforce/_dev/build/docs/README.md @@ -4,7 +4,7 @@ The Salesforce integration enables users to monitor their [Salesforce](https://www.salesforce.com/) instance effectively. Salesforce is a comprehensive customer relationship management (CRM) platform that supports businesses in managing marketing, sales, commerce, service, and IT teams from a unified platform accessible from anywhere. -### Key Benefits of Salesforce Integration: +### Key benefits of Salesforce Integration - **Operational Insights**: Gain valuable insights into login and logout activities and other operational events within your organization. - **Data Visualization**: Create detailed visualizations to monitor, measure, and analyze usage trends and key data, helping you derive actionable business insights. @@ -12,28 +12,27 @@ The Salesforce integration enables users to monitor their [Salesforce](https://w ## Data streams -The Salesforce integration collects log events using the Salesforce REST API. +The Salesforce integration provides the following data streams: -Logs help users maintain a record of events occurring in Salesforce. The log data streams collected by the Salesforce integration include: +- `login`: Tracks login activity of users who log in to Salesforce. +- `logout`: Tracks logout activity of users who log out from Salesforce. +- `apex`: Represents information about various Apex events such as Callout, Execution, REST API, SOAP API, Trigger, etc. +- `setupaudittrail`: Represents changes users made in the organization's setup area for at least the last 180 days. + +The Salesforce integration collects events using the Salesforce REST API. We are collecting following events: - [Login EventLogFile](https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_eventlogfile_login.htm) - [Login Platform Events](https://developer.salesforce.com/docs/atlas.en-us.236.0.platform_events.meta/platform_events/sforce_api_objects_logineventstream.htm) - [Logout EventLogFile](https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_eventlogfile_logout.htm) - [Logout Platform Events](https://developer.salesforce.com/docs/atlas.en-us.platform_events.meta/platform_events/sforce_api_objects_logouteventstream.htm) - [Apex EventLogFile](https://developer.salesforce.com/docs/atlas.en-us.238.0.object_reference.meta/object_reference/sforce_api_objects_apexclass.htm) -- [SetupAuditTrail Object](https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_setupaudittrail.htm). - -Data streams: -- `login`: Tracks login activity of users who log in to Salesforce. -- `logout`: Tracks logout activity of users who log out from Salesforce. -- `apex`: Represents information about various Apex events such as Callout, Execution, REST API, SOAP API, Trigger, etc. -- `setupaudittrail`: Represents changes users made in the organization's setup area for at least the last 180 days. +- [SetupAuditTrail Object](https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_setupaudittrail.htm) ## Compatibility -This integration has been tested against Salesforce Spring '22 (v54.0) release. +This integration has been tested against Salesforce Spring '22 (v54.0) release. Minimum supported version is v46.0. -### Finding Your Salesforce Instance Version +### Finding your Salesforce Instance Version You can determine your Salesforce instance version using one of the following methods: @@ -47,9 +46,8 @@ You can determine your Salesforce instance version using one of the following me 1. Use your Salesforce Instance URL with the following format: `(Salesforce Instance URL)/services/data` -2. Example: `https://na9.salesforce.com/services/data` -This will return an XML response listing available API versions. For example: +Example: `https://na9.salesforce.com/services/data`. This will return an XML response listing with available API versions: ```xml @@ -85,7 +83,7 @@ Ensure that the `API Enabled` permission is selected for the user profile in you 2. Click on the profile link associated with the `User Account` used for data collection. 3. Search for the `API Enabled` permission on the profile page. If it’s not present, search under `System Permissions` and check if the `API Enabled` privilege is selected. If not, enable it for data collection. -### Collecting Data Using Real-Time Event Monitoring API +### Collecting Data using Real-Time Event Monitoring API To enable data collection using the [Real-Time Event Monitoring API](https://help.salesforce.com/s/articleView?id=sf.real_time_event_monitoring_enable.htm&type=5): @@ -94,29 +92,23 @@ To enable data collection using the [Real-Time Event Monitoring API](https://hel 3. For each event type you want to monitor (e.g., Login Event, Logout Event), click the dropdown arrow and select "Enable Storage". 4. Ensure you have the necessary permissions: "View Real-Time Event Monitoring Data" and "Use Real-Time Event Monitoring APIs". -> Note: Real-Time Event Monitoring may require additional licensing. Check with your Salesforce account representative if you're unsure about your subscription level. +> **Note**: Real-Time Event Monitoring may require additional licensing. Check with your Salesforce account representative if you're unsure about your subscription level. ## Setup For step-by-step instructions on how to set up an integration, see the [Getting started](https://www.elastic.co/guide/en/welcome-to-elastic/current/getting-started-observability.html) guide. -> **Note:** Please enable either the `login` data stream or the `logout` data stream to avoid data duplication. - ## Configuration -To configure the Salesforce integration in Elastic, you will need the following information from your Salesforce instance: +To configure the Salesforce integration, you will need the following information from your Salesforce instance: ### Salesforce Instance URL The Salesforce Instance URL is the URL of your Salesforce Organization. It can be found in the address bar in Salesforce Classic or Salesforce Lightning. -- **Salesforce Classic**: The value before 'salesforce.com' in the URL is your Salesforce Instance. +- **Salesforce Classic**: Given the example URL `https://na9.salesforce.com/home/home.jsp`, the Salesforce Instance URL is extracted as `https://na9.salesforce.com`. - Example URL: `https://na9.salesforce.com/home/home.jsp` - - In this example, the Salesforce Instance URL is: `https://na9.salesforce.com` - -- **Salesforce Lightning**: The instance URL is available under your user name in the “View Profile” tab. +- **Salesforce Lightning**: The instance URL is available under your user name in the "View Profile" tab. ### Client Key and Client Secret for Authentication @@ -151,7 +143,7 @@ The User ID of the registered user in Salesforce. The password used for authenticating the above user. -## Additional Information +## Additional information Follow the steps below if you need to find the API version: @@ -171,6 +163,24 @@ Once the Salesforce integration is successfully configured, you can validate the If the dashboard displays the data correctly, your integration is successfully validated. +## Salesforce Integration: v0.15.0 and Beyond + +With version 0.15.0, we've significantly enhanced the Salesforce integration, introducing major changes in data collection mechanisms, authentication, and data streams. Due to these changes, we recommend using Salesforce integration v0.15.0 or above and uninstalling previous versions. + +### Key enhancements + +1. Unified data collection: The integration now uses a single Filebeat input ([Salesforce input](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-input-salesforce.html)) for data collection from EventLogFile and Real-time Event Monitoring APIs. +2. JWT authentication: Introduced JWT authentication mechanism. +3. Expanded configuration options: Added `initial_interval` and other options to fine-tune data collection, including historical data retrieval. +4. Change in data-collection mechanism: Replaced Streaming API (cometd) with Real-time Event Monitoring APIs. +5. Performance optimization: Significantly reduced CPU and memory usage during data collection. +6. Enhanced dashboards: Improved visualizations. + +### Breaking changes + +1. Data stream consolidation: Reduced from 6 to 4 data streams — `apex`, `login`, `logout`, and `setupaudittrail`. +2. Field mapping updates: Modified mappings for multiple fields. +3. Additional changes: Various other modifications to enhance overall integration performance and functionality. ## Troubleshooting @@ -178,35 +188,21 @@ This section provides solutions to common issues you might encounter while using ### Request timeout -If you experience delays in the response from the Salesforce server in the `Apex`, `Login Rest`, `Logout Rest`, or `SetupAuditTrail` data streams, you might encounter the following error: +If you experience delays in the response from the Salesforce server in the `apex`, `login`, `logout`, or `setupaudittrail` data streams, you might encounter the following error: ``` Error while processing http request: failed to execute rf.collectResponse: failed to execute http client.Do: failed to execute http client.Do: failed to read http.response.body ``` -**Solution:** Consider increasing the `Request timeout` configuration from the `Advanced options` section of the affected data stream. +**Solution:** Consider increasing the `Request timeout` setting in the `Advanced options` section for the affected data stream. ### Data ingestion error -If you encounter data ingestion errors, you might see logs similar to the following: - -```json -{ - "log.level": "error", - "@timestamp": "2022-11-24T12:59:36.835+0530", - "log.logger": "input.httpjson-cursor", - "log.origin": { - "[file.name](http://file.name/)": "compat/compat.go", - "file.line": 124 - }, - "message": "Input 'httpjson-cursor' failed with: input.go:130: input 8A049E17A5CA661D failed (id=8A049E17A5CA661D)\n\toauth2 client: error loading credentials using user and password: oauth2: cannot fetch token: 400 Bad Request\n\tResponse: {\"error\":\"invalid_grant\",\"error_description\":\"authentication failure\"}", - "[service.name](http://service.name/)": "filebeat", - "id": "8A049E17A5CA661D", - "ecs.version": "1.6.0" -} -``` +If you encounter data ingestion errors, you might see an error message similar to the following: + +> oauth2 client: error loading credentials using user and password: oauth2: cannot fetch token: 400 Bad Request -**Solution:** Ensure that the `API Enabled` permission is provided to the `profile` associated with the `username` used for the integration. Refer to the **Prerequisites** section above for more information. +**Solution:** Ensure that the `API Enabled` permission is granted to the `profile` associated with the `username` used for the integration. Refer to the **Prerequisites** section above for more information. If the error persists, follow these steps: @@ -214,10 +210,6 @@ If the error persists, follow these steps: 2. Click on the Connected App name created to generate the client ID and client secret (Refer to Client Key and Client Secret for Authentication) under the Master Label. 3. Click on `Edit Policies` and select `Relax IP restrictions` from the dropdown for IP Relaxation. -### Missing old events in "Login events table" panel - -If **Login events table** does not display older documents after upgrading to version `0.8.0` or later, this issue can be resolved by [reindexing](https://www.elastic.co/guide/en/elasticsearch/reference/current/use-a-data-stream.html#reindex-with-a-data-stream) the `login` data stream. - ## Logs reference ### Apex diff --git a/packages/salesforce/changelog.yml b/packages/salesforce/changelog.yml index c808e42e09e..a03d535a8f4 100644 --- a/packages/salesforce/changelog.yml +++ b/packages/salesforce/changelog.yml @@ -1,9 +1,12 @@ # newer versions go on top -- version: "0.15.0-next" +- version: "0.15.0" changes: - - description: Revamp Salesforce integration to use new filebeat Salesforce input. - type: enhancement + - description: Revamp Salesforce integration. + type: breaking-change link: https://github.com/elastic/integrations/pull/9629 + - description: Add dashboards for the salesforce integration. + type: enhancement + link: https://github.com/elastic/integrations/pull/10341 - version: "0.14.1" changes: - description: Update README with reindexing steps. diff --git a/packages/salesforce/data_stream/login/_dev/test/pipeline/test-login-object.log b/packages/salesforce/data_stream/login/_dev/test/pipeline/test-login-object.log index 72355b5ec7c..5956b3839be 100644 --- a/packages/salesforce/data_stream/login/_dev/test/pipeline/test-login-object.log +++ b/packages/salesforce/data_stream/login/_dev/test/pipeline/test-login-object.log @@ -1 +1,2 @@ {"EventDate":"2021-10-19T11:47:22Z","AuthServiceId":null,"CountryIso":"IN","Platform":"Mac OSX","EvaluationTime":0,"CipherSuite":"ECDHE-RSA-AES256-GCM-SHA384","PostalCode":"395007","ClientVersion":"N/A","LoginGeoId":"04F5j00000FadrI","LoginUrl":"login.salesforce.com","LoginHistoryId":"0Ya5j00000GLxCdCAL","CreatedById":"0055j000000q9s7AAA","SessionKey":null,"ApiType":"N/A","AuthMethodReference":null,"LoginType":"Remote Access 2.0","PolicyOutcome":null,"Status":"Success","AdditionalInfo":"{}","ApiVersion":"N/A","EventIdentifier":"06af6d92-1167-467d-a826-ee8583f7134d","RelatedEventIdentifier":null,"LoginLatitude":21.1888,"City":"Surat","Subdivision":"Gujarat","SourceIp":"89.160.20.112","Username":"user.name@email.com","UserId":"0056j000000utlQAAR","CreatedDate":"2021-10-19T11:47:30Z","Country":"India","LoginLongitude":72.8293,"TlsProtocol":"TLS 1.2","LoginKey":"o3vhFaSRBb0OzpCl","Application":"elastic integration","UserType":"Standard","PolicyId":null,"HttpMethod":"POST","SessionLevel":"STANDARD","Browser":"Chrome"} +{ "ApiType": "N/A", "ApiVersion": "N/A", "Application": "testing_salesforce", "Browser": "Unknown", "CipherSuite": "TLS_AES_256_GCM_SHA384", "ClientVersion": "N/A", "CreatedDate": "2024-07-08T07:26:22.128+0000", "EvaluationTime": 0, "EventDate": "2024-07-08T07:26:18.239+0000", "EventIdentifier": "95eeec6d-1e93-46c1-882b-88bd28f7f8de", "HttpMethod": "POST", "Id": "000000000000000AAA", "LoginHistoryId": "0YaJ400000H0kYoKAJ", "LoginKey": "Qv1P3iAGDrGQxSmN", "LoginType": "Remote Access 2.0", "LoginUrl": "devtestin-dev-ed.develop.my.salesforce.com", "Platform": "Unknown", "SessionLevel": "STANDARD", "SourceIp": "89.160.20.112", "Status": "Failed: Missing Consumer Key Parameter", "TlsProtocol": "TLS 1.3", "UserId": "0055j00000AT6I1AAL", "UserType": "Standard", "Username": "salesforceinstance@devtest.in" } \ No newline at end of file diff --git a/packages/salesforce/data_stream/login/_dev/test/pipeline/test-login-object.log-expected.json b/packages/salesforce/data_stream/login/_dev/test/pipeline/test-login-object.log-expected.json index 372f71dba77..4bda13f490a 100644 --- a/packages/salesforce/data_stream/login/_dev/test/pipeline/test-login-object.log-expected.json +++ b/packages/salesforce/data_stream/login/_dev/test/pipeline/test-login-object.log-expected.json @@ -13,7 +13,7 @@ "created": "2021-10-19T11:47:30.000Z", "dataset": "salesforce.login", "id": "06af6d92-1167-467d-a826-ee8583f7134d", - "ingested": "2024-06-21T17:00:24.547548675Z", + "ingested": "2024-07-09T13:24:55.645009279Z", "kind": "event", "module": "salesforce", "original": "{\"EventDate\":\"2021-10-19T11:47:22Z\",\"AuthServiceId\":null,\"CountryIso\":\"IN\",\"Platform\":\"Mac OSX\",\"EvaluationTime\":0,\"CipherSuite\":\"ECDHE-RSA-AES256-GCM-SHA384\",\"PostalCode\":\"395007\",\"ClientVersion\":\"N/A\",\"LoginGeoId\":\"04F5j00000FadrI\",\"LoginUrl\":\"login.salesforce.com\",\"LoginHistoryId\":\"0Ya5j00000GLxCdCAL\",\"CreatedById\":\"0055j000000q9s7AAA\",\"SessionKey\":null,\"ApiType\":\"N/A\",\"AuthMethodReference\":null,\"LoginType\":\"Remote Access 2.0\",\"PolicyOutcome\":null,\"Status\":\"Success\",\"AdditionalInfo\":\"{}\",\"ApiVersion\":\"N/A\",\"EventIdentifier\":\"06af6d92-1167-467d-a826-ee8583f7134d\",\"RelatedEventIdentifier\":null,\"LoginLatitude\":21.1888,\"City\":\"Surat\",\"Subdivision\":\"Gujarat\",\"SourceIp\":\"89.160.20.112\",\"Username\":\"user.name@email.com\",\"UserId\":\"0056j000000utlQAAR\",\"CreatedDate\":\"2021-10-19T11:47:30Z\",\"Country\":\"India\",\"LoginLongitude\":72.8293,\"TlsProtocol\":\"TLS 1.2\",\"LoginKey\":\"o3vhFaSRBb0OzpCl\",\"Application\":\"elastic integration\",\"UserType\":\"Standard\",\"PolicyId\":null,\"HttpMethod\":\"POST\",\"SessionLevel\":\"STANDARD\",\"Browser\":\"Chrome\"}", @@ -85,6 +85,91 @@ "name": "Mac OSX" } } + }, + { + "@timestamp": "2024-07-08T07:26:18.239Z", + "ecs": { + "version": "8.11.0" + }, + "event": { + "action": "login-attempt", + "category": [ + "authentication" + ], + "created": "2024-07-08T07:26:22.128Z", + "dataset": "salesforce.login", + "id": "95eeec6d-1e93-46c1-882b-88bd28f7f8de", + "ingested": "2024-07-09T13:24:55.645018952Z", + "kind": "event", + "module": "salesforce", + "original": "{ \"ApiType\": \"N/A\", \"ApiVersion\": \"N/A\", \"Application\": \"testing_salesforce\", \"Browser\": \"Unknown\", \"CipherSuite\": \"TLS_AES_256_GCM_SHA384\", \"ClientVersion\": \"N/A\", \"CreatedDate\": \"2024-07-08T07:26:22.128+0000\", \"EvaluationTime\": 0, \"EventDate\": \"2024-07-08T07:26:18.239+0000\", \"EventIdentifier\": \"95eeec6d-1e93-46c1-882b-88bd28f7f8de\", \"HttpMethod\": \"POST\", \"Id\": \"000000000000000AAA\", \"LoginHistoryId\": \"0YaJ400000H0kYoKAJ\", \"LoginKey\": \"Qv1P3iAGDrGQxSmN\", \"LoginType\": \"Remote Access 2.0\", \"LoginUrl\": \"devtestin-dev-ed.develop.my.salesforce.com\", \"Platform\": \"Unknown\", \"SessionLevel\": \"STANDARD\", \"SourceIp\": \"89.160.20.112\", \"Status\": \"Failed: Missing Consumer Key Parameter\", \"TlsProtocol\": \"TLS 1.3\", \"UserId\": \"0055j00000AT6I1AAL\", \"UserType\": \"Standard\", \"Username\": \"salesforceinstance@devtest.in\" }", + "outcome": "failure", + "provider": "Object", + "type": [ + "info" + ], + "url": "devtestin-dev-ed.develop.my.salesforce.com" + }, + "http": { + "request": { + "method": "POST" + } + }, + "related": { + "ip": [ + "89.160.20.112" + ] + }, + "salesforce": { + "login": { + "api": { + "type": "N/A", + "version": "N/A" + }, + "application": "testing_salesforce", + "client_version": "N/A", + "evaluation_time": 0.0, + "history_id": "0YaJ400000H0kYoKAJ", + "key": "Qv1P3iAGDrGQxSmN", + "type": "Remote Access 2.0" + } + }, + "source": { + "geo": { + "city_name": "Linköping", + "continent_name": "Europe", + "country_iso_code": "SE", + "country_name": "Sweden", + "location": { + "lat": 58.4167, + "lon": 15.6167 + }, + "region_iso_code": "SE-E", + "region_name": "Östergötland County" + }, + "ip": "89.160.20.112" + }, + "tags": [ + "preserve_original_event" + ], + "tls": { + "cipher": "TLS_AES_256_GCM_SHA384", + "version": "1.3", + "version_protocol": "tls" + }, + "user": { + "email": "salesforceinstance@devtest.in", + "id": "0055j00000AT6I1AAL", + "roles": [ + "Standard" + ] + }, + "user_agent": { + "name": "Unknown", + "os": { + "name": "Unknown" + } + } } ] } \ No newline at end of file diff --git a/packages/salesforce/data_stream/login/elasticsearch/ingest_pipeline/object.yml b/packages/salesforce/data_stream/login/elasticsearch/ingest_pipeline/object.yml index 809645b1a48..499731bd34b 100644 --- a/packages/salesforce/data_stream/login/elasticsearch/ingest_pipeline/object.yml +++ b/packages/salesforce/data_stream/login/elasticsearch/ingest_pipeline/object.yml @@ -156,7 +156,7 @@ processors: target_field: source.geo ignore_missing: true ignore_failure: true - if: 'ctx?.source?.ip != null && !ctx.source?.geo?.location?.containsKey("lat") && !ctx.source?.geo?.location?.containsKey("lon")' + if: 'ctx?.source?.ip != null && ctx.source?.geo?.location?.lat == null && ctx.source?.geo?.location?.lon == null' - rename: field: json.CountryIso target_field: source.geo.country_iso_code diff --git a/packages/salesforce/data_stream/logout/_dev/test/pipeline/test-logout-eventlogfile.log-expected.json b/packages/salesforce/data_stream/logout/_dev/test/pipeline/test-logout-eventlogfile.log-expected.json index f959c951a10..d214b8ec4c4 100644 --- a/packages/salesforce/data_stream/logout/_dev/test/pipeline/test-logout-eventlogfile.log-expected.json +++ b/packages/salesforce/data_stream/logout/_dev/test/pipeline/test-logout-eventlogfile.log-expected.json @@ -12,7 +12,7 @@ ], "code": "4exLFFQZNa5xxFl1cJNwOV", "dataset": "salesforce.logout", - "ingested": "2024-06-21T17:00:25.297824969Z", + "ingested": "2024-07-04T09:26:05.874153302Z", "kind": "event", "module": "salesforce", "original": "{\"EVENT_TYPE\":\"Logout\",\"TIMESTAMP\":\"20211019050707.13\",\"REQUEST_ID\":\"4exLFFQZNa5xxFl1cJNwOV\",\"ORGANIZATION_ID\":\"00D5j000000VI3n\",\"USER_ID\":\"0056j000000utlQAAR\",\"USER_TYPE\":\"X\",\"SESSION_TYPE\":\"C\",\"SESSION_LEVEL\":\"1\",\"BROWSER_TYPE\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36\",\"PLATFORM_TYPE\":\"1015\",\"RESOLUTION_TYPE\":\"9999\",\"APP_TYPE\":\"1000\",\"CLIENT_VERSION\":\"9998\",\"API_TYPE\":\"fo\",\"API_VERSION\":\"54.0\",\"USER_INITIATED_LOGOUT\":\"1\",\"SESSION_KEY\":\"/b1/C123g6WXplkT\",\"LOGIN_KEY\":\"OK123uSUIZVr9YzF\",\"TIMESTAMP_DERIVED\":\"2021-10-19T05:07:07.128Z\",\"USER_ID_DERIVED\":\"0056j000000utlQAAR\",\"CLIENT_IP\":\"175.16.199.0\"}", @@ -50,7 +50,7 @@ ] }, "user_id": "0056j000000utlQAAR", - "user_initiated_logout": "1" + "user_initiated_logout": true } }, "source": { diff --git a/packages/salesforce/data_stream/logout/_dev/test/pipeline/test-logout-object.log-expected.json b/packages/salesforce/data_stream/logout/_dev/test/pipeline/test-logout-object.log-expected.json index 546d7a4c2cb..8dcc065fdc2 100644 --- a/packages/salesforce/data_stream/logout/_dev/test/pipeline/test-logout-object.log-expected.json +++ b/packages/salesforce/data_stream/logout/_dev/test/pipeline/test-logout-object.log-expected.json @@ -12,7 +12,7 @@ ], "created": "2021-10-19T11:38:54.000Z", "dataset": "salesforce.logout", - "ingested": "2024-06-21T17:00:25.429890746Z", + "ingested": "2024-07-04T09:26:05.931796385Z", "kind": "event", "module": "salesforce", "original": "{\"EventDate\":\"2021-10-19T11:38:54Z\",\"EventIdentifier\":\"06ce4a9d-8d6b-4a71-aad8-04d28c9a43df\",\"SourceIp\":\"89.160.20.112\",\"CreatedById\":\"0055j000000q9s7AAA\",\"Username\":\"user.name@email.com\",\"UserId\":\"0056j000000utlQAAR\",\"RelatedEventIdentifier\":null,\"SessionKey\":\"6/HAElgoPCwskqBU\",\"CreatedDate\":\"2021-10-19T11:38:54Z\",\"LoginKey\":\"CuRVtbMjat6xxbTH\",\"SessionLevel\":\"STANDARD\"}", diff --git a/packages/salesforce/data_stream/logout/elasticsearch/ingest_pipeline/eventlogfile.yml b/packages/salesforce/data_stream/logout/elasticsearch/ingest_pipeline/eventlogfile.yml index d19c0b88e0e..aeb35a2cda7 100644 --- a/packages/salesforce/data_stream/logout/elasticsearch/ingest_pipeline/eventlogfile.yml +++ b/packages/salesforce/data_stream/logout/elasticsearch/ingest_pipeline/eventlogfile.yml @@ -175,10 +175,14 @@ processors: target_field: salesforce.logout.api.version ignore_missing: true ignore_failure: true - - rename: - field: json.USER_INITIATED_LOGOUT - target_field: salesforce.logout.user_initiated_logout - ignore_missing: true + - set: + field: salesforce.logout.user_initiated_logout + value: false + ignore_failure: true + - set: + field: salesforce.logout.user_initiated_logout + value: true + if: ctx.json?.USER_INITIATED_LOGOUT != null && ctx.json.USER_INITIATED_LOGOUT == '1' ignore_failure: true - rename: field: json.LOGIN_KEY diff --git a/packages/salesforce/data_stream/logout/fields/fields.yml b/packages/salesforce/data_stream/logout/fields/fields.yml index 981343e4b43..6a44596170d 100644 --- a/packages/salesforce/data_stream/logout/fields/fields.yml +++ b/packages/salesforce/data_stream/logout/fields/fields.yml @@ -84,9 +84,9 @@ The 18-character case-safe ID of the user who's using Salesforce services through the UI or the API. - name: user_initiated_logout - type: keyword + type: boolean description: > - The value is 1 if the user intentionally logged out of the organization by clicking the Logout button. If the user's session timed out due to inactivity or another implicit logout action, the value is 0. + The value is true if the user intentionally logged out of the organization by clicking the Logout button. If the user's session timed out due to inactivity or another implicit logout action, the value is false. - name: user.roles type: keyword diff --git a/packages/salesforce/docs/README.md b/packages/salesforce/docs/README.md index 0ebb9b68f5e..1dc49febc44 100644 --- a/packages/salesforce/docs/README.md +++ b/packages/salesforce/docs/README.md @@ -4,7 +4,7 @@ The Salesforce integration enables users to monitor their [Salesforce](https://www.salesforce.com/) instance effectively. Salesforce is a comprehensive customer relationship management (CRM) platform that supports businesses in managing marketing, sales, commerce, service, and IT teams from a unified platform accessible from anywhere. -### Key Benefits of Salesforce Integration: +### Key benefits of Salesforce Integration - **Operational Insights**: Gain valuable insights into login and logout activities and other operational events within your organization. - **Data Visualization**: Create detailed visualizations to monitor, measure, and analyze usage trends and key data, helping you derive actionable business insights. @@ -12,28 +12,27 @@ The Salesforce integration enables users to monitor their [Salesforce](https://w ## Data streams -The Salesforce integration collects log events using the Salesforce REST API. +The Salesforce integration provides the following data streams: -Logs help users maintain a record of events occurring in Salesforce. The log data streams collected by the Salesforce integration include: +- `login`: Tracks login activity of users who log in to Salesforce. +- `logout`: Tracks logout activity of users who log out from Salesforce. +- `apex`: Represents information about various Apex events such as Callout, Execution, REST API, SOAP API, Trigger, etc. +- `setupaudittrail`: Represents changes users made in the organization's setup area for at least the last 180 days. + +The Salesforce integration collects events using the Salesforce REST API. We are collecting following events: - [Login EventLogFile](https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_eventlogfile_login.htm) - [Login Platform Events](https://developer.salesforce.com/docs/atlas.en-us.236.0.platform_events.meta/platform_events/sforce_api_objects_logineventstream.htm) - [Logout EventLogFile](https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_eventlogfile_logout.htm) - [Logout Platform Events](https://developer.salesforce.com/docs/atlas.en-us.platform_events.meta/platform_events/sforce_api_objects_logouteventstream.htm) - [Apex EventLogFile](https://developer.salesforce.com/docs/atlas.en-us.238.0.object_reference.meta/object_reference/sforce_api_objects_apexclass.htm) -- [SetupAuditTrail Object](https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_setupaudittrail.htm). - -Data streams: -- `login`: Tracks login activity of users who log in to Salesforce. -- `logout`: Tracks logout activity of users who log out from Salesforce. -- `apex`: Represents information about various Apex events such as Callout, Execution, REST API, SOAP API, Trigger, etc. -- `setupaudittrail`: Represents changes users made in the organization's setup area for at least the last 180 days. +- [SetupAuditTrail Object](https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_setupaudittrail.htm) ## Compatibility -This integration has been tested against Salesforce Spring '22 (v54.0) release. +This integration has been tested against Salesforce Spring '22 (v54.0) release. Minimum supported version is v46.0. -### Finding Your Salesforce Instance Version +### Finding your Salesforce Instance Version You can determine your Salesforce instance version using one of the following methods: @@ -47,9 +46,8 @@ You can determine your Salesforce instance version using one of the following me 1. Use your Salesforce Instance URL with the following format: `(Salesforce Instance URL)/services/data` -2. Example: `https://na9.salesforce.com/services/data` -This will return an XML response listing available API versions. For example: +Example: `https://na9.salesforce.com/services/data`. This will return an XML response listing with available API versions: ```xml @@ -85,7 +83,7 @@ Ensure that the `API Enabled` permission is selected for the user profile in you 2. Click on the profile link associated with the `User Account` used for data collection. 3. Search for the `API Enabled` permission on the profile page. If it’s not present, search under `System Permissions` and check if the `API Enabled` privilege is selected. If not, enable it for data collection. -### Collecting Data Using Real-Time Event Monitoring API +### Collecting Data using Real-Time Event Monitoring API To enable data collection using the [Real-Time Event Monitoring API](https://help.salesforce.com/s/articleView?id=sf.real_time_event_monitoring_enable.htm&type=5): @@ -94,29 +92,23 @@ To enable data collection using the [Real-Time Event Monitoring API](https://hel 3. For each event type you want to monitor (e.g., Login Event, Logout Event), click the dropdown arrow and select "Enable Storage". 4. Ensure you have the necessary permissions: "View Real-Time Event Monitoring Data" and "Use Real-Time Event Monitoring APIs". -> Note: Real-Time Event Monitoring may require additional licensing. Check with your Salesforce account representative if you're unsure about your subscription level. +> **Note**: Real-Time Event Monitoring may require additional licensing. Check with your Salesforce account representative if you're unsure about your subscription level. ## Setup For step-by-step instructions on how to set up an integration, see the [Getting started](https://www.elastic.co/guide/en/welcome-to-elastic/current/getting-started-observability.html) guide. -> **Note:** Please enable either the `login` data stream or the `logout` data stream to avoid data duplication. - ## Configuration -To configure the Salesforce integration in Elastic, you will need the following information from your Salesforce instance: +To configure the Salesforce integration, you will need the following information from your Salesforce instance: ### Salesforce Instance URL The Salesforce Instance URL is the URL of your Salesforce Organization. It can be found in the address bar in Salesforce Classic or Salesforce Lightning. -- **Salesforce Classic**: The value before 'salesforce.com' in the URL is your Salesforce Instance. - - Example URL: `https://na9.salesforce.com/home/home.jsp` +- **Salesforce Classic**: Given the example URL `https://na9.salesforce.com/home/home.jsp`, the Salesforce Instance URL is extracted as `https://na9.salesforce.com`. - In this example, the Salesforce Instance URL is: `https://na9.salesforce.com` - -- **Salesforce Lightning**: The instance URL is available under your user name in the “View Profile” tab. +- **Salesforce Lightning**: The instance URL is available under your user name in the "View Profile" tab. ### Client Key and Client Secret for Authentication @@ -151,7 +143,7 @@ The User ID of the registered user in Salesforce. The password used for authenticating the above user. -## Additional Information +## Additional information Follow the steps below if you need to find the API version: @@ -171,6 +163,24 @@ Once the Salesforce integration is successfully configured, you can validate the If the dashboard displays the data correctly, your integration is successfully validated. +## Salesforce Integration: v0.15.0 and Beyond + +With version 0.15.0, we've significantly enhanced the Salesforce integration, introducing major changes in data collection mechanisms, authentication, and data streams. Due to these changes, we recommend using Salesforce integration v0.15.0 or above and uninstalling previous versions. + +### Key enhancements + +1. Unified data collection: The integration now uses a single Filebeat input ([Salesforce input](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-input-salesforce.html)) for data collection from EventLogFile and Real-time Event Monitoring APIs. +2. JWT authentication: Introduced JWT authentication mechanism. +3. Expanded configuration options: Added `initial_interval` and other options to fine-tune data collection, including historical data retrieval. +4. Change in data-collection mechanism: Replaced Streaming API (cometd) with Real-time Event Monitoring APIs. +5. Performance optimization: Significantly reduced CPU and memory usage during data collection. +6. Enhanced dashboards: Improved visualizations. + +### Breaking changes + +1. Data stream consolidation: Reduced from 6 to 4 data streams — `apex`, `login`, `logout`, and `setupaudittrail`. +2. Field mapping updates: Modified mappings for multiple fields. +3. Additional changes: Various other modifications to enhance overall integration performance and functionality. ## Troubleshooting @@ -178,35 +188,21 @@ This section provides solutions to common issues you might encounter while using ### Request timeout -If you experience delays in the response from the Salesforce server in the `Apex`, `Login Rest`, `Logout Rest`, or `SetupAuditTrail` data streams, you might encounter the following error: +If you experience delays in the response from the Salesforce server in the `apex`, `login`, `logout`, or `setupaudittrail` data streams, you might encounter the following error: ``` Error while processing http request: failed to execute rf.collectResponse: failed to execute http client.Do: failed to execute http client.Do: failed to read http.response.body ``` -**Solution:** Consider increasing the `Request timeout` configuration from the `Advanced options` section of the affected data stream. +**Solution:** Consider increasing the `Request timeout` setting in the `Advanced options` section for the affected data stream. ### Data ingestion error -If you encounter data ingestion errors, you might see logs similar to the following: +If you encounter data ingestion errors, you might see an error message similar to the following: -```json -{ - "log.level": "error", - "@timestamp": "2022-11-24T12:59:36.835+0530", - "log.logger": "input.httpjson-cursor", - "log.origin": { - "[file.name](http://file.name/)": "compat/compat.go", - "file.line": 124 - }, - "message": "Input 'httpjson-cursor' failed with: input.go:130: input 8A049E17A5CA661D failed (id=8A049E17A5CA661D)\n\toauth2 client: error loading credentials using user and password: oauth2: cannot fetch token: 400 Bad Request\n\tResponse: {\"error\":\"invalid_grant\",\"error_description\":\"authentication failure\"}", - "[service.name](http://service.name/)": "filebeat", - "id": "8A049E17A5CA661D", - "ecs.version": "1.6.0" -} -``` +> oauth2 client: error loading credentials using user and password: oauth2: cannot fetch token: 400 Bad Request -**Solution:** Ensure that the `API Enabled` permission is provided to the `profile` associated with the `username` used for the integration. Refer to the **Prerequisites** section above for more information. +**Solution:** Ensure that the `API Enabled` permission is granted to the `profile` associated with the `username` used for the integration. Refer to the **Prerequisites** section above for more information. If the error persists, follow these steps: @@ -214,10 +210,6 @@ If the error persists, follow these steps: 2. Click on the Connected App name created to generate the client ID and client secret (Refer to Client Key and Client Secret for Authentication) under the Master Label. 3. Click on `Edit Policies` and select `Relax IP restrictions` from the dropdown for IP Relaxation. -### Missing old events in "Login events table" panel - -If **Login events table** does not display older documents after upgrading to version `0.8.0` or later, this issue can be resolved by [reindexing](https://www.elastic.co/guide/en/elasticsearch/reference/current/use-a-data-stream.html#reindex-with-a-data-stream) the `login` data stream. - ## Logs reference ### Apex @@ -745,7 +737,7 @@ An example event for `logout` looks as following: | salesforce.logout.user.roles | The roles of the user who's using Salesforce services through the UI or the API. | keyword | | salesforce.logout.user_id | The 15-character ID of the user who's using Salesforce services through the UI or the API. | keyword | | salesforce.logout.user_id_derived | The 18-character case-safe ID of the user who's using Salesforce services through the UI or the API. | keyword | -| salesforce.logout.user_initiated_logout | The value is 1 if the user intentionally logged out of the organization by clicking the Logout button. If the user's session timed out due to inactivity or another implicit logout action, the value is 0. | keyword | +| salesforce.logout.user_initiated_logout | The value is true if the user intentionally logged out of the organization by clicking the Logout button. If the user's session timed out due to inactivity or another implicit logout action, the value is false. | boolean | ### SetupAuditTrail diff --git a/packages/salesforce/img/salesforce-apex-dashboard.png b/packages/salesforce/img/salesforce-apex-dashboard.png new file mode 100644 index 00000000000..b80aa59aa71 Binary files /dev/null and b/packages/salesforce/img/salesforce-apex-dashboard.png differ diff --git a/packages/salesforce/img/salesforce-login-dashboard.png b/packages/salesforce/img/salesforce-login-dashboard.png new file mode 100644 index 00000000000..d8a62d1ab08 Binary files /dev/null and b/packages/salesforce/img/salesforce-login-dashboard.png differ diff --git a/packages/salesforce/img/salesforce-logout-dashboard.png b/packages/salesforce/img/salesforce-logout-dashboard.png new file mode 100644 index 00000000000..23550c16b16 Binary files /dev/null and b/packages/salesforce/img/salesforce-logout-dashboard.png differ diff --git a/packages/salesforce/img/salesforce-setupaudittrail-dashboard.png b/packages/salesforce/img/salesforce-setupaudittrail-dashboard.png new file mode 100644 index 00000000000..af1d9825a5b Binary files /dev/null and b/packages/salesforce/img/salesforce-setupaudittrail-dashboard.png differ diff --git a/packages/salesforce/kibana/dashboard/salesforce-19da7408-dbd1-4745-a888-da9dadcd747d.json b/packages/salesforce/kibana/dashboard/salesforce-19da7408-dbd1-4745-a888-da9dadcd747d.json new file mode 100644 index 00000000000..19e4ad9d01e --- /dev/null +++ b/packages/salesforce/kibana/dashboard/salesforce-19da7408-dbd1-4745-a888-da9dadcd747d.json @@ -0,0 +1,1240 @@ +{ + "attributes": { + "controlGroupInput": { + "chainingSystem": "HIERARCHICAL", + "controlStyle": "oneLine", + "ignoreParentSettingsJSON": { + "ignoreFilters": false, + "ignoreQuery": false, + "ignoreTimerange": false, + "ignoreValidations": false + }, + "panelsJSON": { + "aa1567ec-2dda-42da-a4a7-d8fafc6fd162": { + "explicitInput": { + "enhancements": {}, + "fieldName": "salesforce.instance_url", + "id": "aa1567ec-2dda-42da-a4a7-d8fafc6fd162", + "selectedOptions": [], + "title": "Instance URL" + }, + "grow": false, + "order": 0, + "type": "optionsListControl", + "width": "large" + } + }, + "showApplySelections": false + }, + "description": "Overview of Apex logs", + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "field": "data_stream.dataset", + "indexRefName": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "key": "data_stream.dataset", + "negate": false, + "params": { + "query": "salesforce.apex" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "data_stream.dataset": "salesforce.apex" + } + } + } + ], + "query": { + "language": "kuery", + "query": "" + } + } + }, + "optionsJSON": { + "hidePanelTitles": false, + "syncColors": false, + "syncCursor": true, + "syncTooltips": false, + "useMargins": true + }, + "panelsJSON": [ + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-6b3e9ab2-2d33-46c3-9575-78a6bc8af75b", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "currentIndexPatternId": "logs-*", + "layers": { + "6b3e9ab2-2d33-46c3-9575-78a6bc8af75b": { + "columnOrder": [ + "d70ad4b5-d399-41ce-b3c1-e1314a80da88", + "4cfb821a-ad49-4dc4-ada1-cd7e4317242c" + ], + "columns": { + "4cfb821a-ad49-4dc4-ada1-cd7e4317242c": { + "dataType": "number", + "isBucketed": false, + "label": "Count of records", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "d70ad4b5-d399-41ce-b3c1-e1314a80da88": { + "dataType": "string", + "isBucketed": true, + "label": "Top 5 values of event.outcome", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "4cfb821a-ad49-4dc4-ada1-cd7e4317242c", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": true, + "parentFormat": { + "id": "terms" + }, + "size": 5 + }, + "scale": "ordinal", + "sourceField": "event.outcome" + } + }, + "incompleteColumns": {}, + "indexPatternId": "logs-*" + } + } + } + }, + "filters": [], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "categoryDisplay": "default", + "colorMapping": { + "assignments": [ + { + "color": { + "colorCode": "#c82626", + "type": "colorCode" + }, + "rule": { + "type": "matchExactly", + "values": [ + "failure" + ] + }, + "touched": true + }, + { + "color": { + "colorIndex": 0, + "paletteId": "eui_amsterdam_color_blind", + "type": "categorical" + }, + "rule": { + "type": "matchExactly", + "values": [ + "success" + ] + }, + "touched": false + } + ], + "colorMode": { + "type": "categorical" + }, + "paletteId": "eui_amsterdam_color_blind", + "specialAssignments": [ + { + "color": { + "type": "loop" + }, + "rule": { + "type": "other" + }, + "touched": false + } + ] + }, + "layerId": "6b3e9ab2-2d33-46c3-9575-78a6bc8af75b", + "layerType": "data", + "legendDisplay": "default", + "metrics": [ + "4cfb821a-ad49-4dc4-ada1-cd7e4317242c" + ], + "nestedLegend": false, + "numberDisplay": "percent", + "primaryGroups": [ + "d70ad4b5-d399-41ce-b3c1-e1314a80da88" + ] + } + ], + "palette": { + "name": "default", + "type": "palette" + }, + "shape": "pie" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsPie" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 15, + "i": "7d620b82-ea06-4ce9-ba1b-aa5017aab73e", + "w": 16, + "x": 0, + "y": 0 + }, + "panelIndex": "7d620b82-ea06-4ce9-ba1b-aa5017aab73e", + "title": "Distribution of request status [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-197919f5-ef5b-4ae9-8432-cd2a91e337d2", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "currentIndexPatternId": "logs-*", + "layers": { + "197919f5-ef5b-4ae9-8432-cd2a91e337d2": { + "columnOrder": [ + "61308466-190f-4872-9976-8e5320f6eee6", + "b00acfd3-e92b-4b7c-bf69-86e3ebf49971", + "d856470e-3075-4c79-a99b-77cb8fd0f5ea" + ], + "columns": { + "61308466-190f-4872-9976-8e5320f6eee6": { + "dataType": "string", + "isBucketed": true, + "label": "Top 10 values of salesforce.apex.trigger_name", + "operationType": "terms", + "params": { + "accuracyMode": true, + "missingBucket": false, + "orderBy": { + "columnId": "d856470e-3075-4c79-a99b-77cb8fd0f5ea", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": true, + "parentFormat": { + "id": "terms" + }, + "size": 10 + }, + "scale": "ordinal", + "sourceField": "salesforce.apex.trigger_name" + }, + "b00acfd3-e92b-4b7c-bf69-86e3ebf49971": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "dropPartials": false, + "includeEmptyRows": true, + "interval": "auto" + }, + "scale": "interval", + "sourceField": "@timestamp" + }, + "d856470e-3075-4c79-a99b-77cb8fd0f5ea": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Trigger count", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + } + }, + "incompleteColumns": {}, + "indexPatternId": "logs-*" + } + } + } + }, + "filters": [], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "emphasizeFitting": true, + "fittingFunction": "Carry", + "layers": [ + { + "accessors": [ + "d856470e-3075-4c79-a99b-77cb8fd0f5ea" + ], + "layerId": "197919f5-ef5b-4ae9-8432-cd2a91e337d2", + "layerType": "data", + "position": "top", + "seriesType": "area_stacked", + "showGridlines": false, + "splitAccessor": "61308466-190f-4872-9976-8e5320f6eee6", + "xAccessor": "b00acfd3-e92b-4b7c-bf69-86e3ebf49971" + } + ], + "legend": { + "isVisible": true, + "position": "right" + }, + "preferredSeriesType": "area_stacked", + "title": "Empty XY chart", + "valueLabels": "hide" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsXY" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 15, + "i": "b97ea1e1-fc08-4404-96a7-ddf8aea9d084", + "w": 32, + "x": 16, + "y": 0 + }, + "panelIndex": "b97ea1e1-fc08-4404-96a7-ddf8aea9d084", + "title": "Top 10 apex triggers over time [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-1ddfa426-0787-44a0-a6d4-7ba89384d487", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-9518bc3e-d87d-49f2-ba14-84a071cf9140", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "1ddfa426-0787-44a0-a6d4-7ba89384d487": { + "columnOrder": [ + "189cd662-a8bb-44dd-b11c-a6006f3deb18", + "80b5b013-c11c-440a-af98-1d98a8c81eb4" + ], + "columns": { + "189cd662-a8bb-44dd-b11c-a6006f3deb18": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "dropPartials": false, + "includeEmptyRows": true, + "interval": "auto" + }, + "scale": "interval", + "sourceField": "@timestamp" + }, + "80b5b013-c11c-440a-af98-1d98a8c81eb4": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Average run time", + "operationType": "average", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "salesforce.apex.run_time" + } + }, + "incompleteColumns": {} + }, + "9518bc3e-d87d-49f2-ba14-84a071cf9140": { + "columnOrder": [ + "40d6a20f-660b-4268-b801-c1c46ff7ea34", + "65763421-d4aa-4e0d-8cfc-e7334715d1b9" + ], + "columns": { + "40d6a20f-660b-4268-b801-c1c46ff7ea34": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "dropPartials": false, + "includeEmptyRows": true, + "interval": "auto" + }, + "scale": "interval", + "sourceField": "@timestamp" + }, + "65763421-d4aa-4e0d-8cfc-e7334715d1b9": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Request count", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [], + "internalReferences": [], + "query": { + "language": "kuery", + "query": " salesforce.apex.run_time: *" + }, + "visualization": { + "axisTitlesVisibilitySettings": { + "x": false, + "yLeft": true, + "yRight": true + }, + "layers": [ + { + "accessors": [ + "65763421-d4aa-4e0d-8cfc-e7334715d1b9" + ], + "layerId": "9518bc3e-d87d-49f2-ba14-84a071cf9140", + "layerType": "data", + "position": "top", + "seriesType": "bar", + "showGridlines": false, + "xAccessor": "40d6a20f-660b-4268-b801-c1c46ff7ea34", + "yConfig": [ + { + "axisMode": "left", + "color": "#00e499", + "forAccessor": "65763421-d4aa-4e0d-8cfc-e7334715d1b9" + } + ] + }, + { + "accessors": [ + "80b5b013-c11c-440a-af98-1d98a8c81eb4" + ], + "layerId": "1ddfa426-0787-44a0-a6d4-7ba89384d487", + "layerType": "data", + "seriesType": "line", + "xAccessor": "189cd662-a8bb-44dd-b11c-a6006f3deb18", + "yConfig": [ + { + "axisMode": "right", + "color": "#ff3a66", + "forAccessor": "80b5b013-c11c-440a-af98-1d98a8c81eb4" + } + ] + } + ], + "legend": { + "isVisible": true, + "position": "right" + }, + "preferredSeriesType": "bar_stacked", + "title": "Empty XY chart", + "valueLabels": "hide", + "valuesInLegend": true, + "xTitle": "", + "yRightExtent": { + "mode": "dataBounds" + }, + "yRightTitle": "Average run time (ms)" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsXY" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 17, + "i": "730ee164-7cb1-4ccc-b403-ec3e2861d696", + "w": 48, + "x": 0, + "y": 15 + }, + "panelIndex": "730ee164-7cb1-4ccc-b403-ec3e2861d696", + "title": "Apex performance over time [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "description": "", + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-e5191636-4eda-47ed-a871-fbbeecb288b2", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "currentIndexPatternId": "logs-*", + "layers": { + "e5191636-4eda-47ed-a871-fbbeecb288b2": { + "columnOrder": [ + "d6544130-d324-4e62-8147-bf8206321aa2", + "c06e0b3b-14ec-4692-8b1d-1f695ee57620" + ], + "columns": { + "c06e0b3b-14ec-4692-8b1d-1f695ee57620": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "SOQL queries", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "d6544130-d324-4e62-8147-bf8206321aa2": { + "customLabel": true, + "dataType": "string", + "isBucketed": true, + "label": "Entry point", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "c06e0b3b-14ec-4692-8b1d-1f695ee57620", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": false, + "parentFormat": { + "id": "terms" + }, + "size": 10 + }, + "scale": "ordinal", + "sourceField": "salesforce.apex.entry_point" + } + }, + "incompleteColumns": {}, + "indexPatternId": "logs-*" + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "b7612aa9-6e02-446f-b745-1a10a6e03fdc", + "key": "event.action", + "negate": false, + "params": { + "query": "apex-execution" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.action": "apex-execution" + } + } + } + ], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "axisTitlesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "fittingFunction": "None", + "gridlinesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "labelsOrientation": { + "x": 0, + "yLeft": 0, + "yRight": 0 + }, + "layers": [ + { + "accessors": [ + "c06e0b3b-14ec-4692-8b1d-1f695ee57620" + ], + "colorMapping": { + "assignments": [], + "colorMode": { + "type": "categorical" + }, + "paletteId": "eui_amsterdam_color_blind", + "specialAssignments": [ + { + "color": { + "type": "loop" + }, + "rule": { + "type": "other" + }, + "touched": false + } + ] + }, + "layerId": "e5191636-4eda-47ed-a871-fbbeecb288b2", + "layerType": "data", + "position": "top", + "seriesType": "bar_horizontal", + "showGridlines": false, + "xAccessor": "d6544130-d324-4e62-8147-bf8206321aa2" + } + ], + "legend": { + "isVisible": true, + "position": "right", + "showSingleSeries": true + }, + "preferredSeriesType": "bar_horizontal", + "tickLabelsVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "valueLabels": "hide", + "xTitle": "" + } + }, + "title": "Top 10 SOQL queries per entry point [Logs Salesforce]", + "type": "lens", + "visualizationType": "lnsXY" + }, + "enhancements": {} + }, + "gridData": { + "h": 16, + "i": "f59d2b43-52fc-4bf4-a220-fb9ab7cac8c7", + "w": 48, + "x": 0, + "y": 32 + }, + "panelIndex": "f59d2b43-52fc-4bf4-a220-fb9ab7cac8c7", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-70a83117-8122-47eb-80e0-dc92fc2602bb", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "70a83117-8122-47eb-80e0-dc92fc2602bb": { + "columnOrder": [ + "bb7f05fd-4314-447c-87c9-7be78c2e3e71", + "71d2e21f-621b-457b-b574-c8be7fb58b72" + ], + "columns": { + "71d2e21f-621b-457b-b574-c8be7fb58b72": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Trigger count", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "bb7f05fd-4314-447c-87c9-7be78c2e3e71": { + "dataType": "string", + "isBucketed": true, + "label": "Top 10 values of salesforce.apex.trigger_type", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "71d2e21f-621b-457b-b574-c8be7fb58b72", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": true, + "parentFormat": { + "id": "terms" + }, + "size": 10 + }, + "scale": "ordinal", + "sourceField": "salesforce.apex.trigger_type" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "gridConfig": { + "isCellLabelVisible": false, + "isXAxisLabelVisible": true, + "isXAxisTitleVisible": false, + "isYAxisLabelVisible": true, + "isYAxisTitleVisible": false, + "type": "heatmap_grid" + }, + "layerId": "70a83117-8122-47eb-80e0-dc92fc2602bb", + "layerType": "data", + "legend": { + "isVisible": true, + "position": "right", + "type": "heatmap_legend" + }, + "shape": "heatmap", + "valueAccessor": "71d2e21f-621b-457b-b574-c8be7fb58b72", + "xAccessor": "bb7f05fd-4314-447c-87c9-7be78c2e3e71" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsHeatmap" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 16, + "i": "5547f039-8c17-4b64-9a5f-3d7043143a7b", + "w": 24, + "x": 0, + "y": 48 + }, + "panelIndex": "5547f039-8c17-4b64-9a5f-3d7043143a7b", + "title": "Trigger trends over time [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-70a83117-8122-47eb-80e0-dc92fc2602bb", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "70a83117-8122-47eb-80e0-dc92fc2602bb": { + "columnOrder": [ + "fa79fcac-32b6-4a66-8ead-cc5bf315c3ab", + "71d2e21f-621b-457b-b574-c8be7fb58b72" + ], + "columns": { + "71d2e21f-621b-457b-b574-c8be7fb58b72": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Trigger count", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "fa79fcac-32b6-4a66-8ead-cc5bf315c3ab": { + "dataType": "string", + "isBucketed": true, + "label": "Filters", + "operationType": "filters", + "params": { + "filters": [ + { + "input": { + "language": "kuery", + "query": "salesforce.apex.trigger_type : *Update*" + }, + "label": "Updates" + }, + { + "input": { + "language": "kuery", + "query": "salesforce.apex.trigger_type : *Insert*" + }, + "label": "Inserts" + }, + { + "input": { + "language": "kuery", + "query": "salesforce.apex.trigger_type : *Delete*" + }, + "label": "Deletes" + } + ] + }, + "scale": "ordinal" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "axisTitlesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "layers": [ + { + "accessors": [ + "71d2e21f-621b-457b-b574-c8be7fb58b72" + ], + "layerId": "70a83117-8122-47eb-80e0-dc92fc2602bb", + "layerType": "data", + "position": "top", + "seriesType": "bar_horizontal", + "showGridlines": false, + "xAccessor": "fa79fcac-32b6-4a66-8ead-cc5bf315c3ab" + } + ], + "legend": { + "isVisible": true, + "position": "right" + }, + "preferredSeriesType": "bar_horizontal", + "title": "Empty XY chart", + "valueLabels": "hide", + "xTitle": "Trigger type" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsXY" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 16, + "i": "27c1591b-7be0-4a0e-8d18-17dd6ccf1e04", + "w": 24, + "x": 24, + "y": 48 + }, + "panelIndex": "27c1591b-7be0-4a0e-8d18-17dd6ccf1e04", + "title": "Number of triggers by type [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-5e5e7f82-ace7-426a-975b-c01a009ccc21", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "5e5e7f82-ace7-426a-975b-c01a009ccc21": { + "columnOrder": [ + "ffc42d57-84ce-42a8-966d-53b68f384ffd", + "30970875-b396-4f47-9b79-1defd279743f" + ], + "columns": { + "30970875-b396-4f47-9b79-1defd279743f": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Apex trigger name", + "operationType": "unique_count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "salesforce.apex.trigger_name" + }, + "ffc42d57-84ce-42a8-966d-53b68f384ffd": { + "customLabel": true, + "dataType": "string", + "isBucketed": true, + "label": "Entity name", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "30970875-b396-4f47-9b79-1defd279743f", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": true, + "parentFormat": { + "id": "terms" + }, + "size": 10 + }, + "scale": "ordinal", + "sourceField": "salesforce.apex.entity_name" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "categoryDisplay": "default", + "layerId": "5e5e7f82-ace7-426a-975b-c01a009ccc21", + "layerType": "data", + "legendDisplay": "default", + "metrics": [ + "30970875-b396-4f47-9b79-1defd279743f" + ], + "nestedLegend": false, + "numberDisplay": "percent", + "primaryGroups": [ + "ffc42d57-84ce-42a8-966d-53b68f384ffd" + ] + } + ], + "shape": "treemap" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsPie" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 16, + "i": "d01e7e2a-ea2a-4978-86ed-76cbbece13ab", + "w": 24, + "x": 0, + "y": 64 + }, + "panelIndex": "d01e7e2a-ea2a-4978-86ed-76cbbece13ab", + "title": "Triggers by entity categorization [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-df249e19-0f2d-4700-96d3-0521bfff6614", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "currentIndexPatternId": "logs-*", + "layers": { + "df249e19-0f2d-4700-96d3-0521bfff6614": { + "columnOrder": [ + "cb7add83-b77d-41a2-9600-55954e7d271e", + "4d47a9d2-3346-4cca-9381-817a87cfe236", + "afe5af6d-6f9f-41e5-92e5-ea6a5f3adc21", + "7f9ac6d2-92e2-462a-b4e6-73de4de38bd0" + ], + "columns": { + "4d47a9d2-3346-4cca-9381-817a87cfe236": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Request count", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "7f9ac6d2-92e2-462a-b4e6-73de4de38bd0": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Max run time (ms)", + "operationType": "max", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "salesforce.apex.run_time" + }, + "afe5af6d-6f9f-41e5-92e5-ea6a5f3adc21": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Average run time (ms)", + "operationType": "average", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "salesforce.apex.run_time" + }, + "cb7add83-b77d-41a2-9600-55954e7d271e": { + "customLabel": true, + "dataType": "string", + "isBucketed": true, + "label": "Entry point", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "4d47a9d2-3346-4cca-9381-817a87cfe236", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": false, + "parentFormat": { + "id": "terms" + }, + "size": 10 + }, + "scale": "ordinal", + "sourceField": "salesforce.apex.entry_point" + } + }, + "incompleteColumns": {}, + "indexPatternId": "logs-*" + } + } + } + }, + "filters": [], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "columns": [ + { + "columnId": "cb7add83-b77d-41a2-9600-55954e7d271e" + }, + { + "columnId": "4d47a9d2-3346-4cca-9381-817a87cfe236" + }, + { + "columnId": "afe5af6d-6f9f-41e5-92e5-ea6a5f3adc21" + }, + { + "columnId": "7f9ac6d2-92e2-462a-b4e6-73de4de38bd0", + "isTransposed": false + } + ], + "headerRowHeight": "auto", + "layerId": "df249e19-0f2d-4700-96d3-0521bfff6614", + "layerType": "data", + "paging": { + "enabled": true, + "size": 10 + }, + "rowHeight": "auto", + "sorting": { + "columnId": "afe5af6d-6f9f-41e5-92e5-ea6a5f3adc21", + "direction": "desc" + } + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsDatatable" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 16, + "i": "1548ae17-add4-4e40-a604-c74fd8efbbfc", + "w": 24, + "x": 24, + "y": 64 + }, + "panelIndex": "1548ae17-add4-4e40-a604-c74fd8efbbfc", + "title": "Top 10 entry points by request count [Logs Salesforce]", + "type": "lens" + } + ], + "timeRestore": false, + "title": "[Logs Salesforce] Apex Dashboard", + "version": 2 + }, + "coreMigrationVersion": "8.8.0", + "created_at": "2024-07-05T11:04:03.658Z", + "id": "salesforce-19da7408-dbd1-4745-a888-da9dadcd747d", + "managed": false, + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "7d620b82-ea06-4ce9-ba1b-aa5017aab73e:indexpattern-datasource-layer-6b3e9ab2-2d33-46c3-9575-78a6bc8af75b", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "b97ea1e1-fc08-4404-96a7-ddf8aea9d084:indexpattern-datasource-layer-197919f5-ef5b-4ae9-8432-cd2a91e337d2", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "730ee164-7cb1-4ccc-b403-ec3e2861d696:indexpattern-datasource-layer-1ddfa426-0787-44a0-a6d4-7ba89384d487", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "730ee164-7cb1-4ccc-b403-ec3e2861d696:indexpattern-datasource-layer-9518bc3e-d87d-49f2-ba14-84a071cf9140", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "f59d2b43-52fc-4bf4-a220-fb9ab7cac8c7:indexpattern-datasource-layer-e5191636-4eda-47ed-a871-fbbeecb288b2", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "5547f039-8c17-4b64-9a5f-3d7043143a7b:indexpattern-datasource-layer-70a83117-8122-47eb-80e0-dc92fc2602bb", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "27c1591b-7be0-4a0e-8d18-17dd6ccf1e04:indexpattern-datasource-layer-70a83117-8122-47eb-80e0-dc92fc2602bb", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "d01e7e2a-ea2a-4978-86ed-76cbbece13ab:indexpattern-datasource-layer-5e5e7f82-ace7-426a-975b-c01a009ccc21", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "1548ae17-add4-4e40-a604-c74fd8efbbfc:indexpattern-datasource-layer-df249e19-0f2d-4700-96d3-0521bfff6614", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "controlGroup_aa1567ec-2dda-42da-a4a7-d8fafc6fd162:optionsListDataView", + "type": "index-pattern" + } + ], + "type": "dashboard", + "typeMigrationVersion": "10.2.0" +} \ No newline at end of file diff --git a/packages/salesforce/kibana/dashboard/salesforce-31f56373-0faf-4bf9-8741-3c560bb69f82.json b/packages/salesforce/kibana/dashboard/salesforce-31f56373-0faf-4bf9-8741-3c560bb69f82.json new file mode 100644 index 00000000000..2db8c6cfe17 --- /dev/null +++ b/packages/salesforce/kibana/dashboard/salesforce-31f56373-0faf-4bf9-8741-3c560bb69f82.json @@ -0,0 +1,545 @@ +{ + "attributes": { + "controlGroupInput": { + "chainingSystem": "HIERARCHICAL", + "controlStyle": "oneLine", + "ignoreParentSettingsJSON": { + "ignoreFilters": false, + "ignoreQuery": false, + "ignoreTimerange": false, + "ignoreValidations": false + }, + "panelsJSON": { + "8949b7ee-d607-4d5e-8207-70ae1a69fac1": { + "explicitInput": { + "enhancements": {}, + "fieldName": "salesforce.instance_url", + "id": "8949b7ee-d607-4d5e-8207-70ae1a69fac1", + "searchTechnique": "prefix", + "selectedOptions": [], + "title": "Instance URL" + }, + "grow": false, + "order": 0, + "type": "optionsListControl", + "width": "large" + } + }, + "showApplySelections": false + }, + "description": "Overview of SetupAuditTrail logs", + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "field": "data_stream.dataset", + "indexRefName": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "key": "data_stream.dataset", + "negate": false, + "params": { + "query": "salesforce.setupaudittrail" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "data_stream.dataset": "salesforce.setupaudittrail" + } + } + } + ], + "query": { + "language": "kuery", + "query": "" + } + } + }, + "optionsJSON": { + "hidePanelTitles": false, + "syncColors": true, + "syncCursor": true, + "syncTooltips": true, + "useMargins": true + }, + "panelsJSON": [ + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-d9d1a80f-da0d-4de3-b81b-915a1451dfae", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "d9d1a80f-da0d-4de3-b81b-915a1451dfae": { + "columnOrder": [ + "c330a448-da57-4033-9575-6fc498a6a00e", + "de7e5b08-824f-4884-b4af-4cca15a26500", + "aebdaa57-11d2-4742-b5d1-8c9359992816" + ], + "columns": { + "aebdaa57-11d2-4742-b5d1-8c9359992816": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Request count", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "c330a448-da57-4033-9575-6fc498a6a00e": { + "customLabel": true, + "dataType": "string", + "isBucketed": true, + "label": "Actions", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "aebdaa57-11d2-4742-b5d1-8c9359992816", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": false, + "parentFormat": { + "id": "terms" + }, + "size": 10 + }, + "scale": "ordinal", + "sourceField": "event.action" + }, + "de7e5b08-824f-4884-b4af-4cca15a26500": { + "dataType": "string", + "isBucketed": true, + "label": "Top 10 values of salesforce.setup_audit_trail.delegate_user", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "aebdaa57-11d2-4742-b5d1-8c9359992816", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": false, + "parentFormat": { + "id": "terms" + }, + "size": 10 + }, + "scale": "ordinal", + "sourceField": "salesforce.setup_audit_trail.delegate_user" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "accessors": [ + "aebdaa57-11d2-4742-b5d1-8c9359992816" + ], + "layerId": "d9d1a80f-da0d-4de3-b81b-915a1451dfae", + "layerType": "data", + "position": "top", + "seriesType": "bar_stacked", + "showGridlines": false, + "splitAccessor": "de7e5b08-824f-4884-b4af-4cca15a26500", + "xAccessor": "c330a448-da57-4033-9575-6fc498a6a00e" + } + ], + "legend": { + "isVisible": true, + "position": "right" + }, + "preferredSeriesType": "bar_stacked", + "title": "Empty XY chart", + "valueLabels": "hide" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsXY" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 15, + "i": "8294a8d8-497a-494e-9fc4-951066628928", + "w": 24, + "x": 0, + "y": 0 + }, + "panelIndex": "8294a8d8-497a-494e-9fc4-951066628928", + "title": "Top 10 Actions performed by delegated users [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-05728583-cb7a-4904-bf30-f70c545f1fa4", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "05728583-cb7a-4904-bf30-f70c545f1fa4": { + "columnOrder": [ + "89925259-d88b-4002-b3f3-c3112592864c", + "20311ced-e7b9-4fa5-b732-e03d621d74d3" + ], + "columns": { + "20311ced-e7b9-4fa5-b732-e03d621d74d3": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Request count", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "89925259-d88b-4002-b3f3-c3112592864c": { + "customLabel": true, + "dataType": "string", + "isBucketed": true, + "label": "Sections affected", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "20311ced-e7b9-4fa5-b732-e03d621d74d3", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": false, + "parentFormat": { + "id": "terms" + }, + "size": 10 + }, + "scale": "ordinal", + "sourceField": "salesforce.setup_audit_trail.section" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "accessors": [ + "20311ced-e7b9-4fa5-b732-e03d621d74d3" + ], + "layerId": "05728583-cb7a-4904-bf30-f70c545f1fa4", + "layerType": "data", + "position": "top", + "seriesType": "bar", + "showGridlines": false, + "xAccessor": "89925259-d88b-4002-b3f3-c3112592864c" + } + ], + "legend": { + "isVisible": true, + "position": "right" + }, + "preferredSeriesType": "bar", + "title": "Empty XY chart", + "valueLabels": "hide" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsXY" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 15, + "i": "9c6c1425-c59a-4103-93b9-1a202a3f3e5f", + "w": 24, + "x": 24, + "y": 0 + }, + "panelIndex": "9c6c1425-c59a-4103-93b9-1a202a3f3e5f", + "title": "Top 10 Sections affected [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-d6fa34de-c164-4cf2-9a9e-55550d4f5c2b", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "d6fa34de-c164-4cf2-9a9e-55550d4f5c2b": { + "columnOrder": [ + "9ab2ae83-58e0-40c1-9152-2944132777a6", + "ffd5fa44-6891-4efd-acd4-b156aabaaf75", + "a047794a-dd3e-4988-b425-f542cc15fe3a" + ], + "columns": { + "9ab2ae83-58e0-40c1-9152-2944132777a6": { + "dataType": "string", + "isBucketed": true, + "label": "Top 10 values of event.action", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "a047794a-dd3e-4988-b425-f542cc15fe3a", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": false, + "parentFormat": { + "id": "terms" + }, + "secondaryFields": [], + "size": 10 + }, + "scale": "ordinal", + "sourceField": "event.action" + }, + "a047794a-dd3e-4988-b425-f542cc15fe3a": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Actions ", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "ffd5fa44-6891-4efd-acd4-b156aabaaf75": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "dropPartials": false, + "includeEmptyRows": true, + "interval": "auto" + }, + "scale": "interval", + "sourceField": "@timestamp" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "axisTitlesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "fittingFunction": "None", + "gridlinesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "labelsOrientation": { + "x": 0, + "yLeft": 0, + "yRight": 0 + }, + "layers": [ + { + "accessors": [ + "a047794a-dd3e-4988-b425-f542cc15fe3a" + ], + "layerId": "d6fa34de-c164-4cf2-9a9e-55550d4f5c2b", + "layerType": "data", + "position": "top", + "seriesType": "bar_stacked", + "showGridlines": false, + "splitAccessor": "9ab2ae83-58e0-40c1-9152-2944132777a6", + "xAccessor": "ffd5fa44-6891-4efd-acd4-b156aabaaf75" + } + ], + "legend": { + "isVisible": true, + "position": "right" + }, + "preferredSeriesType": "bar_stacked", + "tickLabelsVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "valueLabels": "hide" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsXY" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 15, + "i": "d25763a9-75f4-4c58-b396-5b2e6a023edf", + "w": 48, + "x": 0, + "y": 15 + }, + "panelIndex": "d25763a9-75f4-4c58-b396-5b2e6a023edf", + "title": "Top 10 Actions over time [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "columns": [ + "salesforce.setup_audit_trail.section", + "event.action", + "salesforce.setup_audit_trail.display" + ], + "grid": {}, + "hideChart": false, + "isTextBasedQuery": false, + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [], + "indexRefName": "kibanaSavedObjectMeta.searchSourceJSON.index", + "query": { + "language": "kuery", + "query": "data_stream.dataset : \"salesforce.setupaudittrail\" " + } + } + }, + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "timeRestore": false + }, + "enhancements": {} + }, + "gridData": { + "h": 18, + "i": "ff202c20-2433-4002-bfa8-68a59134a946", + "w": 48, + "x": 0, + "y": 30 + }, + "panelIndex": "ff202c20-2433-4002-bfa8-68a59134a946", + "title": "Changes made in the setup [Logs Salesforce]", + "type": "search" + } + ], + "timeRestore": false, + "title": "[Logs Salesforce] SetupAuditTrail Dashboard", + "version": 2 + }, + "coreMigrationVersion": "8.8.0", + "created_at": "2024-07-11T09:10:19.429Z", + "id": "salesforce-31f56373-0faf-4bf9-8741-3c560bb69f82", + "managed": false, + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "8294a8d8-497a-494e-9fc4-951066628928:indexpattern-datasource-layer-d9d1a80f-da0d-4de3-b81b-915a1451dfae", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "9c6c1425-c59a-4103-93b9-1a202a3f3e5f:indexpattern-datasource-layer-05728583-cb7a-4904-bf30-f70c545f1fa4", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "d25763a9-75f4-4c58-b396-5b2e6a023edf:indexpattern-datasource-layer-d6fa34de-c164-4cf2-9a9e-55550d4f5c2b", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "ff202c20-2433-4002-bfa8-68a59134a946:kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "controlGroup_8949b7ee-d607-4d5e-8207-70ae1a69fac1:optionsListDataView", + "type": "index-pattern" + } + ], + "type": "dashboard", + "typeMigrationVersion": "10.2.0" +} \ No newline at end of file diff --git a/packages/salesforce/kibana/dashboard/salesforce-573a6fd6-de05-499c-bd29-4ce2146baaa8.json b/packages/salesforce/kibana/dashboard/salesforce-573a6fd6-de05-499c-bd29-4ce2146baaa8.json new file mode 100644 index 00000000000..9492d6f009d --- /dev/null +++ b/packages/salesforce/kibana/dashboard/salesforce-573a6fd6-de05-499c-bd29-4ce2146baaa8.json @@ -0,0 +1,987 @@ +{ + "attributes": { + "controlGroupInput": { + "chainingSystem": "HIERARCHICAL", + "controlStyle": "oneLine", + "ignoreParentSettingsJSON": { + "ignoreFilters": false, + "ignoreQuery": false, + "ignoreTimerange": false, + "ignoreValidations": false + }, + "panelsJSON": { + "e14106d0-6ead-470c-9268-51f62c1997ae": { + "explicitInput": { + "enhancements": {}, + "fieldName": "salesforce.instance_url", + "id": "e14106d0-6ead-470c-9268-51f62c1997ae", + "title": "Instance URL" + }, + "grow": false, + "order": 0, + "type": "optionsListControl", + "width": "large" + } + }, + "showApplySelections": false + }, + "description": "Overview of Logout logs", + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "field": "data_stream.dataset", + "indexRefName": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "key": "data_stream.dataset", + "negate": false, + "params": { + "query": "salesforce.logout" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "data_stream.dataset": "salesforce.logout" + } + } + } + ], + "query": { + "language": "kuery", + "query": "" + } + } + }, + "optionsJSON": { + "hidePanelTitles": false, + "syncColors": false, + "syncCursor": true, + "syncTooltips": false, + "useMargins": true + }, + "panelsJSON": [ + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-8a47b6d2-1dbb-4988-a641-8f88c4afa23e", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "currentIndexPatternId": "logs-*", + "layers": { + "8a47b6d2-1dbb-4988-a641-8f88c4afa23e": { + "columnOrder": [ + "3813595f-613d-448b-a776-c8c2a0030e79", + "3813595f-613d-448b-a776-c8c2a0030e79X0", + "3813595f-613d-448b-a776-c8c2a0030e79X1", + "3813595f-613d-448b-a776-c8c2a0030e79X2" + ], + "columns": { + "3813595f-613d-448b-a776-c8c2a0030e79": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "User initiated logout", + "operationType": "formula", + "params": { + "format": { + "id": "percent", + "params": { + "decimals": 2 + } + }, + "formula": "count(kql='salesforce.logout.user_initiated_logout : true ')/count()", + "isFormulaBroken": false + }, + "references": [ + "3813595f-613d-448b-a776-c8c2a0030e79X2" + ], + "scale": "ratio" + }, + "3813595f-613d-448b-a776-c8c2a0030e79X0": { + "customLabel": true, + "dataType": "number", + "filter": { + "language": "kuery", + "query": "salesforce.logout.user_initiated_logout : true " + }, + "isBucketed": false, + "label": "Part of User initiated logout", + "operationType": "count", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "3813595f-613d-448b-a776-c8c2a0030e79X1": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of User initiated logout", + "operationType": "count", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "3813595f-613d-448b-a776-c8c2a0030e79X2": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of User initiated logout", + "operationType": "math", + "params": { + "tinymathAst": { + "args": [ + "3813595f-613d-448b-a776-c8c2a0030e79X0", + "3813595f-613d-448b-a776-c8c2a0030e79X1" + ], + "location": { + "max": 68, + "min": 0 + }, + "name": "divide", + "text": "count(kql='salesforce.logout.user_initiated_logout : true ')/count()", + "type": "function" + } + }, + "references": [ + "3813595f-613d-448b-a776-c8c2a0030e79X0", + "3813595f-613d-448b-a776-c8c2a0030e79X1" + ], + "scale": "ratio" + } + }, + "incompleteColumns": {}, + "indexPatternId": "logs-*" + } + } + } + }, + "filters": [], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "accessor": "3813595f-613d-448b-a776-c8c2a0030e79", + "layerId": "8a47b6d2-1dbb-4988-a641-8f88c4afa23e", + "layerType": "data", + "size": "xl", + "textAlign": "center", + "titlePosition": "top" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsLegacyMetric" + }, + "enhancements": {}, + "hidePanelTitles": true + }, + "gridData": { + "h": 10, + "i": "cf45893e-93b8-473b-aebb-76cd3672f1ae", + "w": 24, + "x": 0, + "y": 0 + }, + "panelIndex": "cf45893e-93b8-473b-aebb-76cd3672f1ae", + "title": "Percentage of user initiated logout [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-071d449f-b93b-4b66-a79b-2ebdcc946a91", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "currentIndexPatternId": "logs-*", + "layers": { + "071d449f-b93b-4b66-a79b-2ebdcc946a91": { + "columnOrder": [ + "df7a9bba-39db-470f-a325-0b9b7aeabc35", + "9ccd37bf-1f93-4896-afc5-06ae3f6f909f" + ], + "columns": { + "9ccd37bf-1f93-4896-afc5-06ae3f6f909f": { + "customLabel": false, + "dataType": "number", + "isBucketed": false, + "label": "Count of records", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "df7a9bba-39db-470f-a325-0b9b7aeabc35": { + "customLabel": true, + "dataType": "string", + "isBucketed": true, + "label": "Top 5 values of session-levels used while logging out", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "9ccd37bf-1f93-4896-afc5-06ae3f6f909f", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": true, + "parentFormat": { + "id": "terms" + }, + "size": 5 + }, + "scale": "ordinal", + "sourceField": "salesforce.logout.session.level" + } + }, + "incompleteColumns": {}, + "indexPatternId": "logs-*" + } + } + } + }, + "filters": [], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "categoryDisplay": "default", + "layerId": "071d449f-b93b-4b66-a79b-2ebdcc946a91", + "layerType": "data", + "legendDisplay": "default", + "metrics": [ + "9ccd37bf-1f93-4896-afc5-06ae3f6f909f" + ], + "nestedLegend": false, + "numberDisplay": "value", + "primaryGroups": [ + "df7a9bba-39db-470f-a325-0b9b7aeabc35" + ] + } + ], + "shape": "pie" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsPie" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 10, + "i": "397fdc40-594c-469f-8a2d-132308e9abd4", + "w": 24, + "x": 24, + "y": 0 + }, + "panelIndex": "397fdc40-594c-469f-8a2d-132308e9abd4", + "title": "Session levels used while logging out [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-c9c3c8ad-43ed-4058-ad02-3ad64efc5e8f", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "c9c3c8ad-43ed-4058-ad02-3ad64efc5e8f": { + "columnOrder": [ + "1046a81f-b268-4875-99c0-4130514d6828", + "92cb6b38-00c1-4c8b-b59f-0dbf9a1f760e" + ], + "columns": { + "1046a81f-b268-4875-99c0-4130514d6828": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "dropPartials": false, + "includeEmptyRows": true, + "interval": "auto" + }, + "scale": "interval", + "sourceField": "@timestamp" + }, + "92cb6b38-00c1-4c8b-b59f-0dbf9a1f760e": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Count", + "operationType": "count", + "params": { + "emptyAsNull": true, + "format": { + "id": "number", + "params": { + "decimals": 0 + } + } + }, + "scale": "ratio", + "sourceField": "___records___" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "axisTitlesVisibilitySettings": { + "x": true, + "yLeft": false, + "yRight": true + }, + "fillOpacity": 0.5, + "fittingFunction": "None", + "gridlinesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "labelsOrientation": { + "x": 0, + "yLeft": 0, + "yRight": 0 + }, + "layers": [ + { + "accessors": [ + "92cb6b38-00c1-4c8b-b59f-0dbf9a1f760e" + ], + "layerId": "c9c3c8ad-43ed-4058-ad02-3ad64efc5e8f", + "layerType": "data", + "palette": { + "name": "default", + "type": "palette" + }, + "seriesType": "line", + "xAccessor": "1046a81f-b268-4875-99c0-4130514d6828", + "yConfig": [ + { + "axisMode": "left", + "color": "#68BC00", + "forAccessor": "92cb6b38-00c1-4c8b-b59f-0dbf9a1f760e" + } + ] + } + ], + "legend": { + "isVisible": true, + "maxLines": 1, + "position": "right", + "shouldTruncate": true, + "showSingleSeries": true + }, + "preferredSeriesType": "line", + "tickLabelsVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "valueLabels": "hide", + "valuesInLegend": true, + "yLeftExtent": { + "mode": "full" + }, + "yRightExtent": { + "mode": "full" + }, + "yTitle": "" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsXY" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 13, + "i": "42cbb14e-2e10-4f0b-a0a3-44caa65f6250", + "w": 48, + "x": 0, + "y": 10 + }, + "panelIndex": "42cbb14e-2e10-4f0b-a0a3-44caa65f6250", + "title": "Logout over time [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-53b4bc18-a6f2-4d8b-bf4b-24f553673f92", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "53b4bc18-a6f2-4d8b-bf4b-24f553673f92": { + "columnOrder": [ + "cccd83a1-7155-4483-a770-f84c41825e42", + "19b9fe7e-d3f1-40b7-a9b8-762233a8ba30" + ], + "columns": { + "19b9fe7e-d3f1-40b7-a9b8-762233a8ba30": { + "dataType": "number", + "isBucketed": false, + "label": "Count of records", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "cccd83a1-7155-4483-a770-f84c41825e42": { + "dataType": "string", + "isBucketed": true, + "label": "Top 10 values of salesforce.logout.session.type", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "19b9fe7e-d3f1-40b7-a9b8-762233a8ba30", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": true, + "parentFormat": { + "id": "terms" + }, + "size": 10 + }, + "scale": "ordinal", + "sourceField": "salesforce.logout.session.type" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "categoryDisplay": "default", + "layerId": "53b4bc18-a6f2-4d8b-bf4b-24f553673f92", + "layerType": "data", + "legendDisplay": "default", + "metrics": [ + "19b9fe7e-d3f1-40b7-a9b8-762233a8ba30" + ], + "nestedLegend": false, + "numberDisplay": "percent", + "primaryGroups": [ + "cccd83a1-7155-4483-a770-f84c41825e42" + ] + } + ], + "shape": "treemap" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsPie" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 15, + "i": "5ebba020-94f8-4d2c-81ae-d0d1b1135458", + "w": 24, + "x": 0, + "y": 23 + }, + "panelIndex": "5ebba020-94f8-4d2c-81ae-d0d1b1135458", + "title": "Distribution of session types [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-b6f7f9e3-33f9-40c4-8b8b-4196caa3e8db", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "currentIndexPatternId": "logs-*", + "layers": { + "b6f7f9e3-33f9-40c4-8b8b-4196caa3e8db": { + "columnOrder": [ + "d114db82-acd6-425c-b1fb-de8156d1cfc7", + "770749c7-20ab-47fd-b783-0b8d41bcf2f1", + "770749c7-20ab-47fd-b783-0b8d41bcf2f1X0" + ], + "columns": { + "770749c7-20ab-47fd-b783-0b8d41bcf2f1": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Request count", + "operationType": "formula", + "params": { + "formula": "count()", + "isFormulaBroken": false + }, + "references": [ + "770749c7-20ab-47fd-b783-0b8d41bcf2f1X0" + ], + "scale": "ratio" + }, + "770749c7-20ab-47fd-b783-0b8d41bcf2f1X0": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of Request count", + "operationType": "count", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "d114db82-acd6-425c-b1fb-de8156d1cfc7": { + "customLabel": true, + "dataType": "ip", + "isBucketed": true, + "label": "IP addresses", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "fallback": true, + "type": "alphabetical" + }, + "orderDirection": "asc", + "otherBucket": false, + "parentFormat": { + "id": "terms" + }, + "secondaryFields": [], + "size": 10 + }, + "scale": "ordinal", + "sourceField": "source.ip" + } + }, + "incompleteColumns": {}, + "indexPatternId": "logs-*" + } + } + } + }, + "filters": [], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "axisTitlesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "fittingFunction": "None", + "gridlinesVisibilitySettings": { + "x": true, + "yLeft": false, + "yRight": true + }, + "labelsOrientation": { + "x": 0, + "yLeft": 0, + "yRight": 0 + }, + "layers": [ + { + "accessors": [ + "770749c7-20ab-47fd-b783-0b8d41bcf2f1" + ], + "layerId": "b6f7f9e3-33f9-40c4-8b8b-4196caa3e8db", + "layerType": "data", + "seriesType": "bar_horizontal", + "xAccessor": "d114db82-acd6-425c-b1fb-de8156d1cfc7" + } + ], + "legend": { + "isVisible": true, + "position": "right" + }, + "preferredSeriesType": "bar_horizontal", + "tickLabelsVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "valueLabels": "show", + "yLeftExtent": { + "mode": "full", + "niceValues": true + }, + "yLeftScale": "linear" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsXY" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 15, + "i": "79ed218e-f4cb-415d-8772-c7fbd7ab029e", + "w": 24, + "x": 24, + "y": 23 + }, + "panelIndex": "79ed218e-f4cb-415d-8772-c7fbd7ab029e", + "title": "Top 10 IP addresses by Logout request count [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "description": "", + "layerListJSON": [ + { + "alpha": 1, + "id": "3de98652-8d42-4415-91ca-d64b26bb6972", + "includeInFitToBounds": true, + "label": null, + "locale": "autoselect", + "maxZoom": 24, + "minZoom": 0, + "sourceDescriptor": { + "isAutoSelect": true, + "lightModeDefault": "road_map_desaturated", + "type": "EMS_TMS" + }, + "style": { + "color": "", + "type": "EMS_VECTOR_TILE" + }, + "type": "EMS_VECTOR_TILE", + "visible": true + }, + { + "alpha": 0.75, + "id": "546e11d2-db52-457b-8733-e1ee75c51fd8", + "includeInFitToBounds": true, + "joins": [], + "label": "Logout Activity", + "maxZoom": 24, + "minZoom": 0, + "sourceDescriptor": { + "applyForceRefresh": true, + "applyGlobalQuery": true, + "applyGlobalTime": true, + "filterByMapBounds": true, + "geoField": "source.geo.location", + "id": "6d0ed8a8-d5de-4d2e-9e05-0fd4b7dc2384", + "indexPatternRefName": "layer_1_source_index_pattern", + "scalingType": "MVT", + "sortField": "", + "sortOrder": "desc", + "tooltipProperties": [], + "topHitsSize": 1, + "topHitsSplitField": "", + "type": "ES_SEARCH" + }, + "style": { + "isTimeAware": true, + "properties": { + "fillColor": { + "options": { + "color": "#54B399" + }, + "type": "STATIC" + }, + "icon": { + "options": { + "value": "marker" + }, + "type": "STATIC" + }, + "iconOrientation": { + "options": { + "orientation": 0 + }, + "type": "STATIC" + }, + "iconSize": { + "options": { + "size": 6 + }, + "type": "STATIC" + }, + "labelBorderColor": { + "options": { + "color": "#FFFFFF" + }, + "type": "STATIC" + }, + "labelBorderSize": { + "options": { + "size": "SMALL" + } + }, + "labelColor": { + "options": { + "color": "#000000" + }, + "type": "STATIC" + }, + "labelSize": { + "options": { + "size": 14 + }, + "type": "STATIC" + }, + "labelText": { + "options": { + "value": "" + }, + "type": "STATIC" + }, + "labelZoomRange": { + "options": { + "maxZoom": 24, + "minZoom": 0, + "useLayerZoomRange": true + } + }, + "lineColor": { + "options": { + "color": "#41937c" + }, + "type": "STATIC" + }, + "lineWidth": { + "options": { + "size": 1 + }, + "type": "STATIC" + }, + "symbolizeAs": { + "options": { + "value": "circle" + } + } + }, + "type": "VECTOR" + }, + "type": "MVT_VECTOR", + "visible": true + } + ], + "mapStateJSON": { + "adHocDataViews": [], + "center": { + "lat": 10.83331, + "lon": -42.96266 + }, + "filters": [], + "query": { + "language": "kuery", + "query": "" + }, + "refreshConfig": { + "interval": 900000, + "isPaused": false + }, + "settings": { + "autoFitToDataBounds": false, + "backgroundColor": "#ffffff", + "browserLocation": { + "zoom": 2 + }, + "customIcons": [], + "disableInteractive": false, + "disableTooltipControl": false, + "fixedLocation": { + "lat": 0, + "lon": 0, + "zoom": 2 + }, + "hideLayerControl": false, + "hideToolbarOverlay": false, + "hideViewControl": false, + "initialLocation": "LAST_SAVED_LOCATION", + "keydownScrollZoom": false, + "maxZoom": 24, + "minZoom": 0, + "showScaleControl": false, + "showSpatialFilters": true, + "showTimesliderToggleButton": true, + "spatialFiltersAlpa": 0.3, + "spatialFiltersFillColor": "#DA8B45", + "spatialFiltersLineColor": "#DA8B45" + }, + "timeFilters": { + "from": "now-7d/d", + "to": "now" + }, + "zoom": 0 + }, + "title": "", + "uiStateJSON": { + "isLayerTOCOpen": true, + "openTOCDetails": [] + } + }, + "enhancements": {}, + "hiddenLayers": [], + "hidePanelTitles": false, + "isLayerTOCOpen": true, + "mapBuffer": { + "maxLat": 89.99075, + "maxLon": 900, + "minLat": -85.05113, + "minLon": -900 + }, + "mapCenter": { + "lat": 39.90974, + "lon": -42.96266, + "zoom": 0 + }, + "openTOCDetails": [] + }, + "gridData": { + "h": 15, + "i": "305596c4-9960-494c-9150-a786f15b1224", + "w": 48, + "x": 0, + "y": 38 + }, + "panelIndex": "305596c4-9960-494c-9150-a786f15b1224", + "title": "Logout activity by region [Logs Salesforce]", + "type": "map" + } + ], + "timeRestore": false, + "title": "[Logs Salesforce] Logout Dashboard", + "version": 2 + }, + "coreMigrationVersion": "8.8.0", + "created_at": "2024-07-05T11:04:05.545Z", + "id": "salesforce-573a6fd6-de05-499c-bd29-4ce2146baaa8", + "managed": false, + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "cf45893e-93b8-473b-aebb-76cd3672f1ae:indexpattern-datasource-layer-8a47b6d2-1dbb-4988-a641-8f88c4afa23e", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "397fdc40-594c-469f-8a2d-132308e9abd4:indexpattern-datasource-layer-071d449f-b93b-4b66-a79b-2ebdcc946a91", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "42cbb14e-2e10-4f0b-a0a3-44caa65f6250:indexpattern-datasource-layer-c9c3c8ad-43ed-4058-ad02-3ad64efc5e8f", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "5ebba020-94f8-4d2c-81ae-d0d1b1135458:indexpattern-datasource-layer-53b4bc18-a6f2-4d8b-bf4b-24f553673f92", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "79ed218e-f4cb-415d-8772-c7fbd7ab029e:indexpattern-datasource-layer-b6f7f9e3-33f9-40c4-8b8b-4196caa3e8db", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "305596c4-9960-494c-9150-a786f15b1224:layer_1_source_index_pattern", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "controlGroup_e14106d0-6ead-470c-9268-51f62c1997ae:optionsListDataView", + "type": "index-pattern" + } + ], + "type": "dashboard", + "typeMigrationVersion": "10.2.0" +} \ No newline at end of file diff --git a/packages/salesforce/kibana/dashboard/salesforce-77a8a241-5605-46ae-815a-6dd689de2f09.json b/packages/salesforce/kibana/dashboard/salesforce-77a8a241-5605-46ae-815a-6dd689de2f09.json new file mode 100644 index 00000000000..14537438384 --- /dev/null +++ b/packages/salesforce/kibana/dashboard/salesforce-77a8a241-5605-46ae-815a-6dd689de2f09.json @@ -0,0 +1,1811 @@ +{ + "attributes": { + "controlGroupInput": { + "chainingSystem": "HIERARCHICAL", + "controlStyle": "oneLine", + "ignoreParentSettingsJSON": { + "ignoreFilters": false, + "ignoreQuery": false, + "ignoreTimerange": false, + "ignoreValidations": false + }, + "panelsJSON": { + "fdf99e88-d7ea-48de-9656-557ec6420db2": { + "explicitInput": { + "enhancements": {}, + "fieldName": "salesforce.instance_url", + "id": "fdf99e88-d7ea-48de-9656-557ec6420db2", + "searchTechnique": "wildcard", + "selectedOptions": [], + "singleSelect": false, + "title": "Instance URL" + }, + "grow": false, + "order": 0, + "type": "optionsListControl", + "width": "large" + } + }, + "showApplySelections": false + }, + "description": "Overview of Login logs", + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "field": "data_stream.dataset", + "indexRefName": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "key": "data_stream.dataset", + "negate": false, + "params": { + "query": "salesforce.login" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "data_stream.dataset": "salesforce.login" + } + } + } + ], + "query": { + "language": "kuery", + "query": "" + } + } + }, + "optionsJSON": { + "hidePanelTitles": false, + "syncColors": false, + "syncCursor": true, + "syncTooltips": false, + "useMargins": true + }, + "panelsJSON": [ + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-e1b2bc2f-ba01-4998-8cf8-a20d5e2f4da5", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "3c3fbd2d-e792-4de4-bd66-f8afe14d56b6", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "e1b2bc2f-ba01-4998-8cf8-a20d5e2f4da5": { + "columnOrder": [ + "22579769-dcb6-457e-82b4-76eacc56deb8", + "22579769-dcb6-457e-82b4-76eacc56deb8X0", + "22579769-dcb6-457e-82b4-76eacc56deb8X1", + "22579769-dcb6-457e-82b4-76eacc56deb8X2" + ], + "columns": { + "22579769-dcb6-457e-82b4-76eacc56deb8": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Login success rate", + "operationType": "formula", + "params": { + "format": { + "id": "percent", + "params": { + "decimals": 2 + } + }, + "formula": "(count(kql='event.outcome : \"success\"')/count())", + "isFormulaBroken": false + }, + "references": [ + "22579769-dcb6-457e-82b4-76eacc56deb8X2" + ], + "scale": "ratio" + }, + "22579769-dcb6-457e-82b4-76eacc56deb8X0": { + "customLabel": true, + "dataType": "number", + "filter": { + "language": "kuery", + "query": "event.outcome : \"success\"" + }, + "isBucketed": false, + "label": "Part of ", + "operationType": "count", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "22579769-dcb6-457e-82b4-76eacc56deb8X1": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of ", + "operationType": "count", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "22579769-dcb6-457e-82b4-76eacc56deb8X2": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of ", + "operationType": "math", + "params": { + "tinymathAst": { + "args": [ + "22579769-dcb6-457e-82b4-76eacc56deb8X0", + "22579769-dcb6-457e-82b4-76eacc56deb8X1" + ], + "location": { + "max": 48, + "min": 0 + }, + "name": "divide", + "text": "(count(kql='event.outcome : \"success\"')/count())", + "type": "function" + } + }, + "references": [ + "22579769-dcb6-457e-82b4-76eacc56deb8X0", + "22579769-dcb6-457e-82b4-76eacc56deb8X1" + ], + "scale": "ratio" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "3c3fbd2d-e792-4de4-bd66-f8afe14d56b6", + "key": "event.action", + "negate": false, + "params": { + "query": "login-attempt" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.action": "login-attempt" + } + } + } + ], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "accessor": "22579769-dcb6-457e-82b4-76eacc56deb8", + "layerId": "e1b2bc2f-ba01-4998-8cf8-a20d5e2f4da5", + "layerType": "data", + "size": "l", + "textAlign": "center", + "titlePosition": "bottom" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsLegacyMetric" + }, + "enhancements": {}, + "hidePanelTitles": true + }, + "gridData": { + "h": 9, + "i": "e5639889-a699-417c-8312-6ccdaaa2a09a", + "w": 24, + "x": 0, + "y": 0 + }, + "panelIndex": "e5639889-a699-417c-8312-6ccdaaa2a09a", + "title": "Login success rate [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-e1b2bc2f-ba01-4998-8cf8-a20d5e2f4da5", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "42e2aea2-2274-4ab7-ae0b-246f113d2eca", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "630318e9-f910-4f9b-9b2e-e65a569db71c", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "e1b2bc2f-ba01-4998-8cf8-a20d5e2f4da5": { + "columnOrder": [ + "22579769-dcb6-457e-82b4-76eacc56deb8", + "22579769-dcb6-457e-82b4-76eacc56deb8X0" + ], + "columns": { + "22579769-dcb6-457e-82b4-76eacc56deb8": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Failed login attempts", + "operationType": "formula", + "params": { + "formula": "count()", + "isFormulaBroken": false + }, + "references": [ + "22579769-dcb6-457e-82b4-76eacc56deb8X0" + ], + "scale": "ratio" + }, + "22579769-dcb6-457e-82b4-76eacc56deb8X0": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of Failed login attempts", + "operationType": "count", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "___records___" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "42e2aea2-2274-4ab7-ae0b-246f113d2eca", + "key": "event.action", + "negate": false, + "params": { + "query": "login-attempt" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.action": "login-attempt" + } + } + }, + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "630318e9-f910-4f9b-9b2e-e65a569db71c", + "key": "event.outcome", + "negate": false, + "params": { + "query": "failure" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.outcome": "failure" + } + } + } + ], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "accessor": "22579769-dcb6-457e-82b4-76eacc56deb8", + "layerId": "e1b2bc2f-ba01-4998-8cf8-a20d5e2f4da5", + "layerType": "data", + "size": "l", + "textAlign": "center", + "titlePosition": "bottom" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsLegacyMetric" + }, + "enhancements": {}, + "hidePanelTitles": true + }, + "gridData": { + "h": 9, + "i": "30df0ca4-e0ec-43f5-a679-517f8948fec9", + "w": 24, + "x": 24, + "y": 0 + }, + "panelIndex": "30df0ca4-e0ec-43f5-a679-517f8948fec9", + "title": "Failed login attempts [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-440fc980-229c-428f-b87b-78b25eeb6155", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "9f4ccb52-c59f-46e2-a174-ad5df23a79d2", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "440fc980-229c-428f-b87b-78b25eeb6155": { + "columnOrder": [ + "f352fcbd-0e4a-4370-9e73-48616c476653", + "c1ff1268-7525-4784-b979-c05c5f137e75", + "24d3e40d-dba5-477a-9c98-85d41d66c0f6" + ], + "columns": { + "24d3e40d-dba5-477a-9c98-85d41d66c0f6": { + "customLabel": true, + "dataType": "number", + "filter": { + "language": "kuery", + "query": "event.outcome : \"failure\" " + }, + "isBucketed": false, + "label": "Failure", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "c1ff1268-7525-4784-b979-c05c5f137e75": { + "customLabel": true, + "dataType": "number", + "filter": { + "language": "kuery", + "query": "event.outcome : \"success\" " + }, + "isBucketed": false, + "label": "Success", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "f352fcbd-0e4a-4370-9e73-48616c476653": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "dropPartials": false, + "includeEmptyRows": true, + "interval": "auto" + }, + "scale": "interval", + "sourceField": "@timestamp" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "9f4ccb52-c59f-46e2-a174-ad5df23a79d2", + "key": "event.action", + "negate": false, + "params": { + "query": "login-attempt" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.action": "login-attempt" + } + } + } + ], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "axisTitlesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "fillOpacity": 0, + "fittingFunction": "None", + "gridlinesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "labelsOrientation": { + "x": 0, + "yLeft": 0, + "yRight": 0 + }, + "layers": [ + { + "accessors": [ + "c1ff1268-7525-4784-b979-c05c5f137e75", + "24d3e40d-dba5-477a-9c98-85d41d66c0f6" + ], + "layerId": "440fc980-229c-428f-b87b-78b25eeb6155", + "layerType": "data", + "palette": { + "name": "default", + "type": "palette" + }, + "seriesType": "line", + "xAccessor": "f352fcbd-0e4a-4370-9e73-48616c476653", + "yConfig": [ + { + "axisMode": "left", + "color": "#68BC00", + "forAccessor": "c1ff1268-7525-4784-b979-c05c5f137e75" + }, + { + "color": "#e7664c", + "forAccessor": "24d3e40d-dba5-477a-9c98-85d41d66c0f6" + } + ] + } + ], + "legend": { + "isVisible": true, + "maxLines": 1, + "position": "right", + "shouldTruncate": true, + "showSingleSeries": true + }, + "preferredSeriesType": "bar_stacked", + "tickLabelsVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "valueLabels": "hide", + "valuesInLegend": true, + "yLeftExtent": { + "mode": "full" + }, + "yRightExtent": { + "mode": "full" + }, + "yTitle": "Requests" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsXY" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 15, + "i": "568998b8-78f5-4787-a327-ce76944e7b01", + "w": 48, + "x": 0, + "y": 9 + }, + "panelIndex": "568998b8-78f5-4787-a327-ce76944e7b01", + "title": "Login over time [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-9c7705b7-2344-40b4-a257-d8ced3dd0740", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "89632233-9486-4da7-9b4c-3c27dad1c8ed", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "9c7705b7-2344-40b4-a257-d8ced3dd0740": { + "columnOrder": [ + "8f42c063-bb66-4b3b-8f52-83103613cd09", + "68fb2e14-2d3c-49b3-a3d1-dadbf2e3d950" + ], + "columns": { + "68fb2e14-2d3c-49b3-a3d1-dadbf2e3d950": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Login Events", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "8f42c063-bb66-4b3b-8f52-83103613cd09": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "dropPartials": false, + "includeEmptyRows": true, + "interval": "auto" + }, + "scale": "interval", + "sourceField": "@timestamp" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "89632233-9486-4da7-9b4c-3c27dad1c8ed", + "key": "event.action", + "negate": false, + "params": { + "query": "login-attempt" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.action": "login-attempt" + } + } + } + ], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "axisTitlesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "gridlinesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "layers": [ + { + "accessors": [ + "68fb2e14-2d3c-49b3-a3d1-dadbf2e3d950" + ], + "layerId": "9c7705b7-2344-40b4-a257-d8ced3dd0740", + "layerType": "data", + "position": "top", + "seriesType": "bar", + "showGridlines": false, + "xAccessor": "8f42c063-bb66-4b3b-8f52-83103613cd09" + } + ], + "legend": { + "isVisible": true, + "position": "right" + }, + "preferredSeriesType": "bar", + "tickLabelsVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "title": "Empty XY chart", + "valueLabels": "hide", + "yTitle": "" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsXY" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 17, + "i": "2755d509-cd98-4386-9b44-2cda86b2fdd3", + "w": 48, + "x": 0, + "y": 24 + }, + "panelIndex": "2755d509-cd98-4386-9b44-2cda86b2fdd3", + "title": "Total login events over time [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-c99534c3-c26a-4456-837b-3a71c0c9423e", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "4558e21f-e7cc-4614-8729-22ff74d1ef4f", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "c99534c3-c26a-4456-837b-3a71c0c9423e": { + "columnOrder": [ + "424fcd8e-fd11-4d5b-8eec-6a20473e1134", + "9478baac-1153-4cda-a4b4-08db8af7580a" + ], + "columns": { + "424fcd8e-fd11-4d5b-8eec-6a20473e1134": { + "dataType": "string", + "isBucketed": true, + "label": "Top 10 values of user.roles", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "9478baac-1153-4cda-a4b4-08db8af7580a", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": true, + "parentFormat": { + "id": "terms" + }, + "secondaryFields": [], + "size": 10 + }, + "scale": "ordinal", + "sourceField": "user.roles" + }, + "9478baac-1153-4cda-a4b4-08db8af7580a": { + "dataType": "number", + "isBucketed": false, + "label": "Count of records", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "4558e21f-e7cc-4614-8729-22ff74d1ef4f", + "key": "event.action", + "negate": false, + "params": { + "query": "login-attempt" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.action": "login-attempt" + } + } + } + ], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "categoryDisplay": "default", + "layerId": "c99534c3-c26a-4456-837b-3a71c0c9423e", + "layerType": "data", + "legendDisplay": "default", + "metrics": [ + "9478baac-1153-4cda-a4b4-08db8af7580a" + ], + "nestedLegend": false, + "numberDisplay": "percent", + "primaryGroups": [ + "424fcd8e-fd11-4d5b-8eec-6a20473e1134" + ] + } + ], + "shape": "pie" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsPie" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 15, + "i": "03b4a60c-54e3-4bd8-b693-94e1ffffb662", + "w": 24, + "x": 0, + "y": 41 + }, + "panelIndex": "03b4a60c-54e3-4bd8-b693-94e1ffffb662", + "title": "Distribution of type of users [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-fe97c656-f063-45c6-8d2c-f681b01b9c25", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "a739c3da-8335-4818-ae05-77815677253f", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "fe97c656-f063-45c6-8d2c-f681b01b9c25": { + "columnOrder": [ + "429bdef4-3ab3-4826-aa68-2c13f0dc2557", + "a1b52fa9-f635-4caf-be9a-4b9cbdaf3a4d" + ], + "columns": { + "429bdef4-3ab3-4826-aa68-2c13f0dc2557": { + "customLabel": true, + "dataType": "string", + "isBucketed": true, + "label": "User Agent", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "a1b52fa9-f635-4caf-be9a-4b9cbdaf3a4d", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": false, + "parentFormat": { + "id": "terms" + }, + "size": 5 + }, + "scale": "ordinal", + "sourceField": "user_agent.name" + }, + "a1b52fa9-f635-4caf-be9a-4b9cbdaf3a4d": { + "customLabel": false, + "dataType": "number", + "isBucketed": false, + "label": "Count of records", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "a739c3da-8335-4818-ae05-77815677253f", + "key": "event.action", + "negate": false, + "params": { + "query": "login-attempt" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.action": "login-attempt" + } + } + } + ], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "categoryDisplay": "default", + "layerId": "fe97c656-f063-45c6-8d2c-f681b01b9c25", + "layerType": "data", + "legendDisplay": "default", + "metrics": [ + "a1b52fa9-f635-4caf-be9a-4b9cbdaf3a4d" + ], + "nestedLegend": false, + "numberDisplay": "percent", + "primaryGroups": [ + "429bdef4-3ab3-4826-aa68-2c13f0dc2557" + ] + } + ], + "shape": "donut" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsPie" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 15, + "i": "617bada7-69d7-4dab-bb28-40a77cfcca3b", + "w": 24, + "x": 24, + "y": 41 + }, + "panelIndex": "617bada7-69d7-4dab-bb28-40a77cfcca3b", + "title": "Activity by browser/client [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-75cb4ead-3ea9-4a50-b9e3-93a364e95f02", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "4d7ffb93-6198-4e63-9f1b-a024f74cfa6d", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "75cb4ead-3ea9-4a50-b9e3-93a364e95f02": { + "columnOrder": [ + "f21fe70c-96b7-452f-9bdd-d0066baba7de", + "5a25315e-fd94-4e86-ba45-423bd31ab8bc" + ], + "columns": { + "5a25315e-fd94-4e86-ba45-423bd31ab8bc": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "User count", + "operationType": "unique_count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "user.email" + }, + "f21fe70c-96b7-452f-9bdd-d0066baba7de": { + "customLabel": true, + "dataType": "string", + "isBucketed": true, + "label": "Postal code", + "operationType": "terms", + "params": { + "exclude": [], + "excludeIsRegex": false, + "include": [], + "includeIsRegex": false, + "missingBucket": false, + "orderBy": { + "columnId": "5a25315e-fd94-4e86-ba45-423bd31ab8bc", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": true, + "parentFormat": { + "id": "terms" + }, + "size": 10 + }, + "scale": "ordinal", + "sourceField": "source.geo.postal_code" + } + }, + "incompleteColumns": {}, + "sampling": 1 + } + } + }, + "textBased": { + "layers": {} + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "4d7ffb93-6198-4e63-9f1b-a024f74cfa6d", + "key": "event.action", + "negate": false, + "params": { + "query": "login-attempt" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.action": "login-attempt" + } + } + } + ], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "accessors": [ + "5a25315e-fd94-4e86-ba45-423bd31ab8bc" + ], + "layerId": "75cb4ead-3ea9-4a50-b9e3-93a364e95f02", + "layerType": "data", + "position": "top", + "seriesType": "bar_horizontal", + "showGridlines": false, + "xAccessor": "f21fe70c-96b7-452f-9bdd-d0066baba7de" + } + ], + "legend": { + "isVisible": true, + "position": "right" + }, + "preferredSeriesType": "bar_horizontal", + "title": "Empty XY chart", + "valueLabels": "hide" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsXY" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 15, + "i": "652a1b75-99ec-4843-a350-0dcd60615aa2", + "w": 24, + "x": 0, + "y": 56 + }, + "panelIndex": "652a1b75-99ec-4843-a350-0dcd60615aa2", + "title": "Top 10 Postal code by user count [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-75cb4ead-3ea9-4a50-b9e3-93a364e95f02", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "f408159b-2876-49c4-ac98-74dac6f4f5db", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "75cb4ead-3ea9-4a50-b9e3-93a364e95f02": { + "columnOrder": [ + "8e5c4236-26b7-402d-b1ef-0af6d7028ebd", + "5a25315e-fd94-4e86-ba45-423bd31ab8bc" + ], + "columns": { + "5a25315e-fd94-4e86-ba45-423bd31ab8bc": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "User count", + "operationType": "unique_count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "user.email" + }, + "8e5c4236-26b7-402d-b1ef-0af6d7028ebd": { + "customLabel": true, + "dataType": "string", + "isBucketed": true, + "label": "Application type", + "operationType": "terms", + "params": { + "exclude": [], + "excludeIsRegex": false, + "include": [], + "includeIsRegex": false, + "missingBucket": false, + "orderBy": { + "columnId": "5a25315e-fd94-4e86-ba45-423bd31ab8bc", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": true, + "parentFormat": { + "id": "terms" + }, + "secondaryFields": [], + "size": 10 + }, + "scale": "ordinal", + "sourceField": "salesforce.login.application" + } + }, + "incompleteColumns": {}, + "sampling": 1 + } + } + }, + "textBased": { + "layers": {} + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "f408159b-2876-49c4-ac98-74dac6f4f5db", + "key": "event.action", + "negate": false, + "params": { + "query": "login-attempt" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.action": "login-attempt" + } + } + } + ], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "accessors": [ + "5a25315e-fd94-4e86-ba45-423bd31ab8bc" + ], + "layerId": "75cb4ead-3ea9-4a50-b9e3-93a364e95f02", + "layerType": "data", + "position": "top", + "seriesType": "bar_horizontal", + "showGridlines": false, + "xAccessor": "8e5c4236-26b7-402d-b1ef-0af6d7028ebd" + } + ], + "legend": { + "isVisible": true, + "position": "right" + }, + "preferredSeriesType": "bar_horizontal", + "title": "Empty XY chart", + "valueLabels": "hide" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsXY" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 15, + "i": "a40d8503-7c56-4fc9-b882-79a555ad7e5e", + "w": 24, + "x": 24, + "y": 56 + }, + "panelIndex": "a40d8503-7c56-4fc9-b882-79a555ad7e5e", + "title": "Top 10 Application type by user count [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "columns": [ + "salesforce.login.db_total_time", + "salesforce.login.run_time", + "salesforce.login.request.status" + ], + "grid": {}, + "hideChart": false, + "isTextBasedQuery": false, + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [], + "indexRefName": "kibanaSavedObjectMeta.searchSourceJSON.index", + "query": { + "language": "kuery", + "query": "data_stream.dataset : \"salesforce.login\" " + } + } + }, + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "timeRestore": false + }, + "enhancements": {} + }, + "gridData": { + "h": 17, + "i": "57940935-d5d6-436a-a9a7-016be25590f5", + "w": 24, + "x": 0, + "y": 71 + }, + "panelIndex": "57940935-d5d6-436a-a9a7-016be25590f5", + "title": "Login Events Table [Logs Salesforce]", + "type": "search" + }, + { + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-21816ba6-c606-4532-9362-64890b01b81c", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "472db042-6b37-49b7-9325-ba80e209e2a4", + "type": "index-pattern" + } + ], + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "21816ba6-c606-4532-9362-64890b01b81c": { + "columnOrder": [ + "20cea7a4-2d2b-4a01-8591-e8aa9a80d6c3", + "9ab68795-f5bc-485c-b0db-9e8f87d5b992" + ], + "columns": { + "20cea7a4-2d2b-4a01-8591-e8aa9a80d6c3": { + "customLabel": true, + "dataType": "ip", + "isBucketed": true, + "label": "IP Addresses", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "9ab68795-f5bc-485c-b0db-9e8f87d5b992", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": false, + "parentFormat": { + "id": "terms" + }, + "size": 10 + }, + "scale": "ordinal", + "sourceField": "source.ip" + }, + "9ab68795-f5bc-485c-b0db-9e8f87d5b992": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Request count", + "operationType": "count", + "params": { + "emptyAsNull": true + }, + "scale": "ratio", + "sourceField": "___records___" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "472db042-6b37-49b7-9325-ba80e209e2a4", + "key": "event.action", + "negate": false, + "params": { + "query": "login-attempt" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.action": "login-attempt" + } + } + } + ], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "axisTitlesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "fittingFunction": "None", + "gridlinesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "labelsOrientation": { + "x": 0, + "yLeft": 0, + "yRight": 0 + }, + "layers": [ + { + "accessors": [ + "9ab68795-f5bc-485c-b0db-9e8f87d5b992" + ], + "layerId": "21816ba6-c606-4532-9362-64890b01b81c", + "layerType": "data", + "seriesType": "bar_horizontal", + "xAccessor": "20cea7a4-2d2b-4a01-8591-e8aa9a80d6c3" + } + ], + "legend": { + "isVisible": true, + "position": "right" + }, + "preferredSeriesType": "bar_horizontal", + "tickLabelsVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "valueLabels": "hide" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsXY" + }, + "enhancements": {}, + "hidePanelTitles": false + }, + "gridData": { + "h": 17, + "i": "9f74769e-b072-48a2-b653-ba68b62f08f1", + "w": 24, + "x": 24, + "y": 71 + }, + "panelIndex": "9f74769e-b072-48a2-b653-ba68b62f08f1", + "title": "Top 10 IP addresses by request count [Logs Salesforce]", + "type": "lens" + }, + { + "embeddableConfig": { + "attributes": { + "description": "", + "layerListJSON": [ + { + "alpha": 1, + "id": "3de98652-8d42-4415-91ca-d64b26bb6972", + "includeInFitToBounds": true, + "label": null, + "locale": "autoselect", + "maxZoom": 24, + "minZoom": 0, + "sourceDescriptor": { + "isAutoSelect": true, + "lightModeDefault": "road_map_desaturated", + "type": "EMS_TMS" + }, + "style": { + "color": "", + "type": "EMS_VECTOR_TILE" + }, + "type": "EMS_VECTOR_TILE", + "visible": true + }, + { + "alpha": 0.75, + "id": "546e11d2-db52-457b-8733-e1ee75c51fd8", + "includeInFitToBounds": true, + "joins": [], + "label": "Login Activity", + "maxZoom": 24, + "minZoom": 0, + "sourceDescriptor": { + "applyForceRefresh": true, + "applyGlobalQuery": true, + "applyGlobalTime": true, + "filterByMapBounds": true, + "geoField": "source.geo.location", + "id": "6d0ed8a8-d5de-4d2e-9e05-0fd4b7dc2384", + "indexPatternRefName": "layer_1_source_index_pattern", + "scalingType": "MVT", + "sortField": "", + "sortOrder": "desc", + "tooltipProperties": [], + "topHitsSize": 1, + "topHitsSplitField": "", + "type": "ES_SEARCH" + }, + "style": { + "isTimeAware": true, + "properties": { + "fillColor": { + "options": { + "color": "#54B399" + }, + "type": "STATIC" + }, + "icon": { + "options": { + "value": "marker" + }, + "type": "STATIC" + }, + "iconOrientation": { + "options": { + "orientation": 0 + }, + "type": "STATIC" + }, + "iconSize": { + "options": { + "size": 6 + }, + "type": "STATIC" + }, + "labelBorderColor": { + "options": { + "color": "#FFFFFF" + }, + "type": "STATIC" + }, + "labelBorderSize": { + "options": { + "size": "SMALL" + } + }, + "labelColor": { + "options": { + "color": "#000000" + }, + "type": "STATIC" + }, + "labelSize": { + "options": { + "size": 14 + }, + "type": "STATIC" + }, + "labelText": { + "options": { + "value": "" + }, + "type": "STATIC" + }, + "labelZoomRange": { + "options": { + "maxZoom": 24, + "minZoom": 0, + "useLayerZoomRange": true + } + }, + "lineColor": { + "options": { + "color": "#41937c" + }, + "type": "STATIC" + }, + "lineWidth": { + "options": { + "size": 1 + }, + "type": "STATIC" + }, + "symbolizeAs": { + "options": { + "value": "circle" + } + } + }, + "type": "VECTOR" + }, + "type": "MVT_VECTOR", + "visible": true + } + ], + "mapStateJSON": { + "adHocDataViews": [], + "center": { + "lat": 51.51456, + "lon": -0.10849 + }, + "filters": [], + "query": { + "language": "kuery", + "query": "" + }, + "refreshConfig": { + "interval": 900000, + "isPaused": false + }, + "settings": { + "autoFitToDataBounds": false, + "backgroundColor": "#ffffff", + "browserLocation": { + "zoom": 2 + }, + "customIcons": [], + "disableInteractive": false, + "disableTooltipControl": false, + "fixedLocation": { + "lat": 0, + "lon": 0, + "zoom": 2 + }, + "hideLayerControl": false, + "hideToolbarOverlay": false, + "hideViewControl": false, + "initialLocation": "LAST_SAVED_LOCATION", + "keydownScrollZoom": false, + "maxZoom": 24, + "minZoom": 0, + "showScaleControl": false, + "showSpatialFilters": true, + "showTimesliderToggleButton": true, + "spatialFiltersAlpa": 0.3, + "spatialFiltersFillColor": "#DA8B45", + "spatialFiltersLineColor": "#DA8B45" + }, + "timeFilters": { + "from": "now-7d/d", + "to": "now" + }, + "zoom": 13.27 + }, + "title": "", + "uiStateJSON": { + "isLayerTOCOpen": true, + "openTOCDetails": [] + } + }, + "enhancements": {}, + "hiddenLayers": [], + "hidePanelTitles": false, + "isLayerTOCOpen": true, + "mapBuffer": { + "maxLat": 27.05913, + "maxLon": 90, + "minLat": 16.63619, + "minLon": 61.875 + }, + "mapCenter": { + "lat": 21.07011, + "lon": 75.7941, + "zoom": 5.61 + }, + "openTOCDetails": [] + }, + "gridData": { + "h": 15, + "i": "73da648e-ad65-4b5f-8782-fc295b82e2c3", + "w": 48, + "x": 0, + "y": 88 + }, + "panelIndex": "73da648e-ad65-4b5f-8782-fc295b82e2c3", + "title": "Login activity by region [Logs Salesforce]", + "type": "map" + } + ], + "timeRestore": false, + "title": "[Logs Salesforce] Login Dashboard", + "version": 2 + }, + "coreMigrationVersion": "8.8.0", + "created_at": "2024-07-05T11:04:04.534Z", + "id": "salesforce-77a8a241-5605-46ae-815a-6dd689de2f09", + "managed": false, + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "e5639889-a699-417c-8312-6ccdaaa2a09a:indexpattern-datasource-layer-e1b2bc2f-ba01-4998-8cf8-a20d5e2f4da5", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "e5639889-a699-417c-8312-6ccdaaa2a09a:3c3fbd2d-e792-4de4-bd66-f8afe14d56b6", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "30df0ca4-e0ec-43f5-a679-517f8948fec9:indexpattern-datasource-layer-e1b2bc2f-ba01-4998-8cf8-a20d5e2f4da5", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "30df0ca4-e0ec-43f5-a679-517f8948fec9:42e2aea2-2274-4ab7-ae0b-246f113d2eca", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "30df0ca4-e0ec-43f5-a679-517f8948fec9:630318e9-f910-4f9b-9b2e-e65a569db71c", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "568998b8-78f5-4787-a327-ce76944e7b01:indexpattern-datasource-layer-440fc980-229c-428f-b87b-78b25eeb6155", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "568998b8-78f5-4787-a327-ce76944e7b01:9f4ccb52-c59f-46e2-a174-ad5df23a79d2", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "2755d509-cd98-4386-9b44-2cda86b2fdd3:indexpattern-datasource-layer-9c7705b7-2344-40b4-a257-d8ced3dd0740", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "2755d509-cd98-4386-9b44-2cda86b2fdd3:89632233-9486-4da7-9b4c-3c27dad1c8ed", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "03b4a60c-54e3-4bd8-b693-94e1ffffb662:indexpattern-datasource-layer-c99534c3-c26a-4456-837b-3a71c0c9423e", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "03b4a60c-54e3-4bd8-b693-94e1ffffb662:4558e21f-e7cc-4614-8729-22ff74d1ef4f", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "617bada7-69d7-4dab-bb28-40a77cfcca3b:indexpattern-datasource-layer-fe97c656-f063-45c6-8d2c-f681b01b9c25", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "617bada7-69d7-4dab-bb28-40a77cfcca3b:a739c3da-8335-4818-ae05-77815677253f", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "652a1b75-99ec-4843-a350-0dcd60615aa2:indexpattern-datasource-layer-75cb4ead-3ea9-4a50-b9e3-93a364e95f02", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "652a1b75-99ec-4843-a350-0dcd60615aa2:4d7ffb93-6198-4e63-9f1b-a024f74cfa6d", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "a40d8503-7c56-4fc9-b882-79a555ad7e5e:indexpattern-datasource-layer-75cb4ead-3ea9-4a50-b9e3-93a364e95f02", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "a40d8503-7c56-4fc9-b882-79a555ad7e5e:f408159b-2876-49c4-ac98-74dac6f4f5db", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "57940935-d5d6-436a-a9a7-016be25590f5:kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "9f74769e-b072-48a2-b653-ba68b62f08f1:indexpattern-datasource-layer-21816ba6-c606-4532-9362-64890b01b81c", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "9f74769e-b072-48a2-b653-ba68b62f08f1:472db042-6b37-49b7-9325-ba80e209e2a4", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "73da648e-ad65-4b5f-8782-fc295b82e2c3:layer_1_source_index_pattern", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "controlGroup_fdf99e88-d7ea-48de-9656-557ec6420db2:optionsListDataView", + "type": "index-pattern" + } + ], + "type": "dashboard", + "typeMigrationVersion": "10.2.0" +} \ No newline at end of file diff --git a/packages/salesforce/manifest.yml b/packages/salesforce/manifest.yml index 8226181f2f8..762cf8ed7bd 100644 --- a/packages/salesforce/manifest.yml +++ b/packages/salesforce/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.2 name: salesforce title: Salesforce -version: "0.14.0" +version: "0.15.0" description: | Collect logs from Salesforce instances using the Elastic Agent. This integration allows you to monitor and analyze various Salesforce logs, including Login, Logout, Setup Audit Trail, and Apex logs. type: integration @@ -17,6 +17,23 @@ icons: title: Salesforce size: 32x32 type: image/svg+xml +screenshots: + - src: /img/salesforce-apex-dashboard.png + title: Salesforce Apex Dashboard + size: 600x600 + type: image/png + - src: /img/salesforce-login-dashboard.png + title: Salesforce Login Dashboard + size: 600x600 + type: image/png + - src: /img/salesforce-logout-dashboard.png + title: Salesforce Logout Dashboard + size: 600x600 + type: image/png + - src: /img/salesforce-setupaudittrail-dashboard.png + title: Salesforce SetupAuditTrail Dashboard + size: 600x600 + type: image/png vars: - name: instance_url type: text diff --git a/packages/salesforce/validation.yml b/packages/salesforce/validation.yml deleted file mode 100644 index dbc9a7b8fd5..00000000000 --- a/packages/salesforce/validation.yml +++ /dev/null @@ -1,3 +0,0 @@ -errors: - exclude_checks: - - SVR00002 # expected filter in dashboard: no filter found