Splunk Salesforce Integration: 2 Easy Methods

Arsalan Mohammed • Last Modified: February 26th, 2023

Splunk Salesforce: Featured Image

Salesforce is a leading provider of cloud-based business applications, offered in a wide array of platforms. It has platforms such as Salesforce CRM, customer 360, digital 360, and other various tools. In this article, we will try Splunk Salesforce Integration that would improve the business applications.

Splunk is a software platform widely used for monitoring, searching, analyzing, and visualizing machine-generated data in real-time. It performs capturing, indexing, and correlating the real-time data in a searchable container and produces graphs, alerts, dashboards, and visualizations. Splunk provides easy to access data over the whole organization for easy diagnostics and solutions to various business problems.

This article will give a step-by-step guide to performing Splunk Salesforce Integration.

Table of Contents:

Introduction to Salesforce

Salesforce is a Cloud-Based Enterprise platform. It provides easy-to-use business applications, that can generate relevant customer experience. Salesforce is a tool that allows staying connected with Customers, Prospects, Partners, Sales, and Market Services globally.  

Salesforce offers SaaS, PaaS, and IaaS tools. It also provides its cloud services for running applications. The data is secure, upgraded, and scaled automatically. Salesforce Cloud is known to be very dependable and offers benefits like Adaptability and Multitenancy over others. It also has a CRM platform. Salesforce CRM is a product that manages a company’s relationship with Prospect Customers. For Splunk Salesforce Integration we will consider the CRM tool. 

Salesforce cloud CRM software and applications are used for Sales, Service, Finance, Marketing, Business Development, Recruiting, HR, Supply Chain Management, and other lines of business that manage external and internal relationships. It allows storing Existing Customers and Potential Customer’s information under a single platform, which would allow plotting a chart for Personalized Customer Approach. It also allows to plan and monitor Sales and Marketing Campaigns, and manage services with insightful and valuable data available. It is used by over 150,000 companies for better data management.

Learn more about Salesforce.

Simplify Data Analysis with Hevo’s No-code Data Pipeline

Hevo Data, a No-code Data Pipeline helps to load data from any data source such as Salesforce, Databases, SaaS applications, Cloud Storage, SDKs, and Streaming Services and simplifies the ETL process. It supports 150+ data sources (including 30+ free data sources like Salesforce ) and is a 3-step process by just selecting the data source, providing valid credentials, and choosing the destination. Hevo not only loads the data onto the desired Data Warehouse/destination but also enriches the data and transforms it into an analysis-ready form without having to write a single line of code.

GET STARTED WITH HEVO FOR FREE[/hevoButton]

Its completely automated pipeline offers data to be delivered in real-time without any loss from source to destination. Its fault-tolerant and scalable architecture ensure that the data is handled in a secure, consistent manner with zero data loss and supports different forms of data. The solutions provided are consistent and work with different BI tools as well.

Check out why Hevo is the Best:

  • Secure: Hevo has a fault-tolerant architecture that ensures that the data is handled in a secure, consistent manner with zero data loss.
  • Schema Management: Hevo takes away the tedious task of schema management & automatically detects the schema of incoming data and maps it to the destination schema.
  • Minimal Learning: Hevo, with its simple and interactive UI, is extremely simple for new customers to work on and perform operations.
  • Hevo Is Built To Scale: As the number of sources and the volume of your data grows, Hevo scales horizontally, handling millions of records per minute with very little latency.
  • Incremental Data Load: Hevo allows the transfer of data that has been modified in real-time. This ensures efficient utilization of bandwidth on both ends.
  • Live Support: The Hevo team is available round the clock to extend exceptional support to its customers through chat, email, and support calls.
  • Live Monitoring: Hevo allows you to monitor the data flow and check where your data is at a particular point in time.
SIGN UP HERE FOR A 14-DAY FREE TRIAL

Introduction to Splunk

Splunk Salesforce Integration: Splunk Logo
Image Source: upload.wikimedia.org

Splunk is software that is used to processes machine data and other forms of big data to gain valuable and meaningful Insights. Machine data is the data generated by the CPU running a webserver, IoT devices, logs from mobile apps, etc. This data may not necessarily have any business meaning or may not be useful to the end-user but they are extremely important to understand, monitor, and optimize the performance of the machines for the best efficiency possible.

Splunk can read many forms of data such as unstructured, semi-structured, or rarely structured data. After reading the data, Splunk enables you to search, tag, create reports and dashboards on these data. With the availability of large sources of Bigdata Splunk is now able to ingest big data from various sources, which may or may not be machine data, and run analytics on big data.

So, from a simple tool for log analysis, Splunk has come a long way to become a general analytical tool for unstructured machine data and various forms of big data. Performing Splunk Salesforce Integration further improves the analytical efficiency of Splunk.

Product Categories offered by Splunk

  • Splunk Enterprise: It is used by companies that have large IT infrastructure and IT-driven businesses. It helps in gathering and analyzing the data from websites, applications, devices, and sensors, etc.
  • Splunk Cloud: It is a cloud-hosted platform with the same features as the enterprise version. It can be availed from Splunk itself or through the AWS cloud platform.
  • Splunk Light: It allows search, report, and alert on all the log data in real-time from one place. It has limited functionalities and features as compared to the other two versions.

Features offered by Splunk

Important features of enterprise edition −

  • Data Ingestion: Splunk can ingest a variety of data formats like JSON, XML, and unstructured machine data like web and application logs. The unstructured data can be modeled into a data structure as needed by the user.
  • Data Indexing: The ingested data is indexed by Splunk for faster searching and querying on different conditions.
  • Data Searching: Searching in Splunk involves using the indexed data for the purpose of creating metrics, predicting future trends, and identifying patterns in the data.
  • Using Alerts: Splunk alerts can be used to trigger emails or RSS feeds when some specific criteria are found in the data being analyzed.
  • Dashboards: Splunk Dashboards can show the search results in the form of charts, reports, and pivots, etc.
  • Data Model: The indexed data can be modeled into one or more data sets that are based on specialized domain knowledge. This leads to easier navigation by the end-users who analyze the business cases without learning the technicalities of the search processing language used by Splunk.

Splunk Salesforce Integration

Now that you have a brief overview of Salesforce and Splunk, in this section, we will discuss the Splunk Salesforce Integration using the Splunk Add-on for Splunk Salesforce Integration.

Set up the Splunk Add-on for Splunk Salesforce Integration

The Splunk Add-on for Splunk Salesforce Integration provides two ways for authenticating accounts: basic authentication, and OAuth 2.0 authentication.

For basic authentication, you can configure the Splunk Add-on for Splunk Salesforce Integration either through Splunk Web or by making changes directly in configuration files. Due to the complexity of the setup, configuring the add-on through Splunk Web is a best practice. For OAuth, you must configure the add-on through Splunk Web.

Set up basic authentication using Splunk Web

To set up the Splunk Add-on for Splunk Salesforce using Splunk Web, complete the following steps:

  • Go to the Splunk Add-on for Splunk Salesforce Integration either by clicking the name of this add-on on the left navigation banner on the Splunk Web home page or by going to Manage Apps, then clicking Launch App in the row for the Splunk Add-on for Salesforce.
  • Click the Configuration tab to set up Salesforce credentials, as well as an optional proxy and logging level.
  • Go to the Account tab.
  • Click Add.
  • Add a unique Account Name.
  • Select a Salesforce environment value: Production, Sandbox, or Other. Other is for adding a custom endpoint that is different than the default endpoint. Here is an example: my-dev-ed.my.salesforce.com.
  • Select the Salesforce API Version to configure your account with. Default API Version is 51.0.
  • Select Basic Authentication for the Auth Type.
  • Enter your Salesforce Username, Password, and Security Token. You do not need to add a token if your instance is in the trusted IP range.

Set up OAuth authentication using Splunk Web for Splunk Salesforce Integration

  • Go to the Splunk Add-on for Salesforce either by clicking the name of this add-on on the left navigation banner on the Splunk Web home page or by going to Manage Apps, then clicking Launch App in the row for the Splunk Add-on for Salesforce. See the Setup OAuth App in the Salesforce in this manual for more information.
  • Click the Configuration tab to set up Salesforce credentials, as well as an optional proxy and logging level.
  • Go to the Account tab.
  • Click Add.
  • Add a unique Account Name.
  • Select a Salesforce environment value: Production, Sandbox, or Other. Other is for adding a custom endpoint that is different than the default endpoint. Here is an example: my-dev-ed.my.salesforce.com.
  • Select the Salesforce API Version to configure your account with. Default API Version is 51.0.
  • Select OAuth 2.0 Authentication as the Auth Type.
  • Enter your Salesforce Client Id and Client Secret. The Client ID is called “Consumer Key” in your Salesforce managed app. Client Secret is called “Consumer Secret” in your Salesforce managed app.
  • Copy and paste the Redirect URL you see on the screen in your Salesforce instance. After pasting it, it can take about 10 minutes for the changes to take effect.
  • Click Add.
  • A popup opens for authorization consent from your Salesforce instance. Enter your authorization credentials.
  • Click Grant access.
  • (Optional) To configure multiple accounts, in the Splunk Add-on for Splunk Salesforce Integration, make sure that you are logged in to the Salesforce account that you want to configure. To verify which account you have logged-in in the Salesforce for the same browser, perform the following steps:
    • In a compatible web browser, navigate to your Salesforce account and log out of your account.
    • In the same browser, navigate to your Splunk platform instance and open Splunk Web.
    • In Splunk Web, navigate to the Splunk Add-on for Splunk Salesforce Integration, and click on the Configuration page.
    • Enter the client ID and client secret of your Salesforce account.
    • Click the “Save” button. A pop-up will ask you to log in to the Salesforce account.
    • Enter the credentials of your Salesforce account.
    • Click Grant Access.
    • Once the save is successful, navigate to your Salesforce account, and repeat the process to configure any additional Salesforce accounts.

Set up a proxy and logging level

If you are using a proxy, provide the following information on the Configuration tab:

  1. Check Enable Proxy.
  2. Specify the Host, Port, Username, and Password values.
  3. Check the DNS resolution box if you want to perform DNS resolution through your proxy.
  4. Select the type of proxy to use in the Proxy Type field.
  5. If you want to change the Logging level, select a new one.
  6. Click Save.

Checkpoint management

If the Splunk Add-on for Splunk Salesforce versions 2.0.0 and above find an existing checkpoint for a given input, a Use existing data input prompt appears. If you select Yes, then the add-on continues collecting data from that checkpoint. If you select No, then the add-on resets data collection, and data collection commences from your specified query start date. If you select No and there is not a specified start date, data collection commences from the default start date.

Set up basic authentication using configuration files for Splunk Salesforce Integration

You can configure your add-on by providing the settings in the local splunk_ta_salesforce_settings.conf and splunk_ta_salesforce_account.conf file.

  • splunk_ta_salesforce_settings.conf includes the proxy settings, logging level settings of the Splunk Add-on for Splunk Salesforce Integration.
  • splunk_ta_salesforce_account.conf includes Salesforce account settings of the Splunk Add-on for Splunk Salesforce Integration.

To configure the Splunk Add-on for Splunk Salesforce Integration using configuration files, complete the following steps:

1. Create a file named splunk_ta_salesforce_settings.conf in the local folder of the add-on $SPLUNK_HOME/etc/apps/Splunk_TA_salesforce/local .

2. Copy the following stanzas and provide the necessary values in the local splunk_ta_salesforce_settings.conf file:

[proxy]
proxy_enabled =  [0|1]
proxy_type = [http|socks4|socks5]
proxy_url = <string>
proxy_port = <integer>
proxy_username = <string>
proxy_password = <string>
proxy_rdns = [0|1]

[logging]
loglevel = [DEBUG|INFO|WARNING|ERROR|CRITICAL] 

3. Create a file named splunk_ta_salesforce_account.conf in the local folder of the add-on $SPLUNK_HOME/etc/apps/Splunk_TA_salesforce/local .

4. Copy the following stanza and provide the necessary values in the local splunk_ta_salesforce_account.conf file:

[account_name] // The account name you create in this add-on
endpoint = <string> // URL of the Salesforce endpoint without http or https scheme. For example, my-dev-ed.my.salesforce.com
auth_type = basic
username = <string> // The Salesforce username you want to use
password = <string> // The password of the Salesforce username
token = <string> // (Optional) The security token is needed if your Splunk instance is outside the Salesforce trusted IP range

5. After updating the local splunk_ta_salesforce_settings.conf, restart the Splunk platform for the changes to take effect. The username and password are encrypted after you configure the Salesforce input for the first time.

 Conclusion

This article gave a comprehensive overview of Salesforce and Splunk. It also provided a step-by-step guide on Splunk Salesforce Integration.

While using them Splunk Salesforce Integration is insightful, it is a hectic task to Set Up the proper environment. To make things easier, Hevo comes into the picture. Hevo Data is a No-code Data Pipeline and has awesome 150+ pre-built Integrations that you can choose from.

visit our website to explore hevo[/hevoButton]

Hevo can help you Integrate your data from numerous sources like Salesforce for free and load them into a destination to Analyze real-time data with a BI tool such as Tableau. It will make your life easier and data migration hassle-free. It is user-friendly, reliable, and secure.

SIGN UP for a 14-day free trial and see the difference!

Share your experience of learning about the Splunk Salesforce Integration in the comments section below

No-code Data Pipeline For Salesforce