1. View Setup Audit Trail
Think of auditing and monitoring a salesforce. org. One of the first things that comes to mind for me is the View Setup Audit trail, and it’s kind of oddly named, this link here view setup Audit Trail but the intention behind this is to be able to see what changes have been made in your organization. So this is helpful to show what changes have been made to your. And it may be helpful as well if, for instance, if you’re working in an environment where you have some delegated administrators that you’ve been able to do certain administrative tasks and if you want to be able to basically spy on them to see what they’ve been changing or what they’ve been up to. You can view that in the view.
Set up audit trail. So there’s 20 items listed here and you can download the past six months of activity here as well. This is also a way to keep consultants or admins or developers honest, and it’s a way of measuring their activity. You can see exactly what sort of metadata changes have been made in your, and I’ve used this often as well to remind myself of things I’ve been doing in order to know what to package up for a change set, for example. And so you may encounter a question on the exam related to the setup audit trail. And so watch for that and know that the View Set up audit trail will tell you the most recent changes to your, and you’ve can download the last six months to a CSV file.
2. Email Log
With the bullet point in the auditing and monitoring section of the exam guide. It says that given a scenario, determine the appropriate tools for monitoring and troubleshooting system activity. Now we looked at the setup audit trail previously and we’ll look at the debug log here momentarily, but I wanted to also look at another item that isn’t necessarily mentioned in the exam guide but is helpful for troubleshooting system activity. And that would be be the email log. And oftentimes you’ll be working in an environment and someone will say that they’ve not received the email notification from salesforce. And so I wanted to make you aware of the email log as a useful tool in troubleshooting system activity, as detailed or hinted at in the exam guide as well. And so the email logs describe all emails sent through salesforce and it’ll email you a log as a CSV file.
And so this is a new, we’ve not requested any email logs and so to do so, just click request an email log and you can specify the start and end time as well as filter down to only emails that are addressed to or from specific email addresses. And you can separate those email addresses with a comma as well. And so you simply submit your request and then you’ll receive that via email. Now you may not have had any emails generated from your salesforce. org, so the email may not contain much information. We will be dealing with emailing from salesforce more once we get into process automation. What you could do is you could go into a record, for example, let’s go into a lead record and pull up one of our open leads and let’s look into sending them an email. Let’s do Bertha Boxer.
If we click on the email tab and just enter in the subject line and then just send that. And so now we should at least have something in our email log. So let me go back into setup and request another log. This way you’ll at least have something to look at once you receive the email log. I just want to make sure that you get an idea of what that log looks like. So going back into setup and going into
email log, let’s go ahead and request another one and just click submit request. And so I see in my previous log that there were 24 records, so perhaps sending that email was overkill, but let me refresh and see if that one’s done as well and see if we have any additional records and it’s still pending. Let me try again. I’ll check my email as well and see what that’s looking like. All right, so I received the email and that link will take me back to the screen and I can download the log. And this is a zip file and let me see what that’s got. Let’s see if I can drag this into my browser. That’s lovely, I love it. And so there has been some email activity in my here. I’m not sure what all that was, but here’s the header from that CSV file. I could open this up in Excel and have this be a little better formatted.
But you see that it provides you the date and time, the internal message ID, the mail event and other information. And it does not give you the full content of the email. It does not reveal what the body of the email says. They’ll give you some information. So if someone says, hey, I didn’t receive your email, you can look and see if it was sent out or not. And troubleshoot from there. So the email log is another great and useful auditing tool and monitoring tool provided in salesforce.
And now it looks like my other log request is done. Let’s see if we have an additional record. Just out of curiosity here. And this one has six more records related to that email that was sent. So there’s a lot of data that goes through in the email logs. And so finally, here’s that log inside of Excel I just did tab delimited. So is just one line per row not that much better? That gray. But you can see the from and two addresses revealed here, and some IP addresses and then some other text and code as well. So that’s what the email log looks like. And so now let’s look at the next tool in our arsenal for auditing and monitoring the salesforce platform. And that would be the Debug log.
3. Debug Log
Great auditing and monitoring tool is the debug log. So if we search for debug and setup and pull up the debug log, you should see your own name listed under the user trace flags. And if it has an old date, don’t let that throw you. When I first pulled this up in my own, it was some date from 2017. But this screen is divided into two sections. The user trace flag is where you specify the user that you want to track what they’re doing and capture any sort of debug logs. And then whenever that user then performs any actions in the system, then a debug log will be listed down here. So if I edit this, since I’m the current user, we’re specifying a start and expiration date for this log file. And so this happens to be the current time. And then I can specify an end time of sometime in the future, for example. So I set this for 24 hours window so I capture debug information on myself. And so you have different debug levels, and you can create new ones as well.
And if I create a new debug level, you have these options for setting levels across the different categories. And these categories would include such as database or workflow items, validation items, call outs, Apex code, and a lot more. And you could go from info to none to finest on a lot of these. And so depending on what you’re trying to troubleshoot, let’s say you’re trying to really get into the nitty gritty of Apex code. You could get it into the finest level of that by selecting finest there. And so I’m just going to name this finest Apex and click save, and I need to have it underscore or no space. And so now my debug level that I’ve set for my debug log is the one that I just created. So I’m going to click save. And so now I’m going to go into my system and use it a little bit, and then I’ll show you my debug log. So let’s go to my asset management application and let’s select a new asset. We want to do things that will produce transactions on the salesforce servers, such as editing or saving records. For example, I’m just going to create a sample asset just to do something, to create something for my debug log. So now you see with this toast message that I have created a transaction that has hit the salesforce servers and performed a save. So I go to my debug log and refresh. And you see here that now in the debug log, there’s a few records listed, and all these have a success. Now, normally you’d be looking at this, and how this is useful is if someone calls reporting an error.
And then you could pinpoint the line item in your debug log that is an error and then view it or even download it. If you click to view that you can see the details of what exactly happened and in what order on the salesforce server. This really gives you a lot of detail on what is going on and it’s a useful troubleshooting tool whenever something throws an error in salesforce especially. And so watch for that specifically on the exam since it is mentioned on the exam guide. As far as one of the auditing and monitoring tools that is specifically mentions is that of the debug log. So the main things to know with that is that you can set a user trace flag to specify the user and then as well a few other things to mention is in addition to users or tracking user behavior, you can also trace automated processes or classes or triggers as well.
So I do encourage you to get familiar with the debug log, go through and try out some of these different traced entity types and then as well especially tracking your own behavior and work and make some changes to some records. See if you can get an error to throw. Perhaps set up some validation rule to block you from saving a record. See what that looks like in a debug log. If you need something to do on a Friday night, that would be fun. And next though, I think we’ve had enough fun for now with the debug log. Let’s keep this party going though by checking out event monitoring in the next lesson.
4. Event Monitoring
At event monitoring next. So if you search for event and setup, you should be able to pull up event monitoring. And so for the event monitoring settings, you’ll see that they’re disabled by default. Now if we enable Login Forensics, then we can see and audit your organization’s user Login activity. We just turn that on and now it’s on. We’re going to leave this other selection disabled. This would let users delete event log files and login event data. And so now that we have Login Forensics turned on, we can start to capture information around the Login activity in our. Now we’re the only user logging in and out of our. So it’s not going to be that dynamic, but that event monitoring. One of the many things you can track would include logins and also log outs.
So in addition to tracking the events related to logging in and logging out, event monitoring also tracks things such as clicks and a lot more. And so if I were to go in and click around in my asset management application, for example, and you can imagine how this would be useful if someone says all I was doing was viewing the record and then an error was thrown. Being able to really see at a greater level or detail the things that have been happening inside of Salesforce would be helpful. And so just clicking around kind of randomly, most admittedly, but let’s go ahead and create a new event and do a few activities that will hit the server, for example. And I just chose Event randomly not to be confused with Event monitoring. I’m just scheduling a meeting and just taking the defaults here and clicking Save and let’s create a new task, just trying to do some transactional things. And then we will go into a tool known as Workbench. And so I want to show you how to query these event log files. And so if you go to Workbench developerforce. com, you will see this. And this is a helpful tool that you need to know about as an advanced administrator. And you’ll want to select what sort of you’re logging into. And this is a production instance because the free developer accounts are production, those are not sandboxes. The API version usually defaults to not the most current, but the one before, in case there’s a mismatch between a sandbox and a production environment.
And just to be safe, you can always change the API version later. I’m going to agree to the terms of the service and log in with Salesforce. This will be a Login activity. And so I’m going to allow access to the workbench and this will log me in through the API. And so now I’m logged into the Workbench and I want to perform a query. A sock. Will query. That stands for Salesforce Object Query Language. Not to be confused with SQL or SQL. And for the object, we want to find an event log file. These are the different objects available inside of our Salesforce. org and there’s a lot of them.
So we’re going to be querying this event log file. And so if we wanted just to know the number of records inside of our event log file, we could just click the field count and it will form the sock will query for us. So if we click Query it returns that there’s eleven records in our instance. In my instance at least with Salesforce there may be different for you. Now you may want to add other things to this. Select statement so I could press Command or Control and click Additional Fields.
Now I want to not include count with that. That will form a malform query. So I uncheck Count and instead select ID and a few other fields. Log date, log file, log file content type. Don’t worry about getting all these exactly what I’m doing. I’m just trying to show you some of the functionality of the workbench and what this log data looks like. We’re going to query this and now this comes back in a table and it gives us the ID, the log date and the log file as well. It may be useful as well to bring in the event type. And so you can experiment with these queries and see if you get something readable or not. This just goes on forever. Not the greatest user experience. I think there’s another way that we can do this. This just goes on forever and ever and ever. Awesome. This is actually my middle name, guys. My parents decided to name me something unique.
This is obscenely, absurd. So what I’m going to do, rather than do that, I’m going to remove that log file field. Let’s query again to get rid of that long thing. All right, so this looks a little more palatable. The event type will tell you something at least. And these are different event types and the date and the interval. And so with these intervals these are all set to daily. These are the different types of events that are being monitored in our. Now I wanted to show you a more user friendly option. And this is a heroku app that Salesforce has developed and they link to this from several places. And I’ll link to this as well as a resource so that you can log in. You just need to log in using your own salesforce credentials and grant access, much like we did for the workbench.
And here are the different event types. And you can download or view these as well, for example, and you can change the date range or you can select by event type. If you wanted to see your login events, you can click Apply and see those as far as when they happen in your. So event monitoring is a powerful capability that is newer inside of Salesforce and there’s a lot of different event types that you can track and monitor in your own salesforce. org. And this will give you a lot of details that will help you to troubleshoot issues on the platform. So let me show you real quickly before we bounce out of this lesson what a Uri event type looks like. That is a URL click and let me pull up my text editor. And so this is just one example of one of these events that has been logged.
And you see here, this is the actual link that was clicked so you can really get into real specific details on your event monitoring inside of salesforce. So look for that potentially on the advanced admin exam as well. There’s a lot of other resources available related to event monitoring that go beyond the scope of the exam. But if you’re interested in event monitoring and analytics, you may want to check out this Trailhead module around the event monitoring analytics app.
And then as well this event monitoring module on Trailhead. And it’s there that you will find under the download and visualize event log files, the link to this application, this Heroku app as well, I’ll link to that app as well as these Trailhead trails also as resources in this lesson. So now we want to look at one more monitoring tool as it relates to auditing and monitoring as I get back into salesforce here and return to setup. And that final monitoring tool would be for session management and we’re going to cover that in the next lesson.
5. Session Management
Alright, so finally another great auditing and monitoring tool is the User Session management. And this will list the users that are connected to your salesforce organization and you can disconnect their session by selecting it. So for example, I don’t want to boot myself, but you could select whichever users or sessions that you want to remove by checking them and then just clicking Remove. Now as I mentioned, I’m not going to do that because I’m not sure which of these are valid. But you see how long these sessions are valid for. And this is based on the session settings. It looks like I have a two hour session window. And so with the last time that these were updated, you see that’s valid until it’s 2 hours later. It also gives you the source IP.
And so there’s been times in my own salesforce career. One time was when salesforce moved one of the orgs I was working on over to a new server and one of the apps that we had connected, its session persisted from one to the next and it really made a mess of things and we had to go through several levels of support to figure out that it was a session management thing. And we had to disconnect that old connection to the app that persisted across Orgs. None of that is going to be on the exam, but I wanted to make you aware of how this is a useful tool for troubleshooting and whenever you’re experiencing usability issues. Now this may or may not be on the exam, but it is an important tool and it’s one that you can kill specific sessions of users with as well. So it’s a good security feature also. All right, so that concludes this knowledge area. And I got something special for you in the next lesson, so be sure and chat pick that out.
