Salesforce user event monitoring

It is crucial to track every user activity in your cloud platform. Salesforce tracks and audits all user activities using its Setup Audit Trail configuration in its environment to mitigate threats, manage user permissions, and secure critical data.

Monitoring events in Salesforce with Log360

The Setup Audit Trail contains all user activity logs in huge volumes. It would be difficult to manually sift through all these logs to identify anomalies. You'd have to assign more than one security administrator to analyze these logs for anomalies, and it will likely take a while.

Log360 can help you accomplish Salesforce user activity monitoring efficiently without burning through your resources. It aggregates all the Salesforce user activity logs, interprets and analyzes them, and provides instant actionable insights in the form of reports.

With Log360 you can monitor:

Salesforce user account events

Log360 can monitor your Salesforce platforms for user account creation and deletion. Modifications made to user account permissions are also tracked and recorded to identify privilege escalation incidents in your infrastructure. Log360 audits changes made to custom objects to ensure you get information on:

  • Who made the change
  • When the change was made
  • Permissions altered
  • Reports exported

Salesforce user login events

Is it unusual for a user to log in during non-business hours? Log360 can flag this as a threat in its login activity report, and raise an alert.

Has a privileged user forgotten their password, or is someone trying to brute-force the password of this account? Log360 captures this information in its Failed Login Attempts report and alerts you in real-time about potential brute-force attacks.

Salesforce user data modification events

If a privileged user generates reports of critical Salesforce objects over night, do you want to be notified about it? If you use Log360, an alert message will be sent to your inbox the moment reports on critical objects that have been generated at an unusual time. Knowing when events like these occur can help you prevent a potential data exfiltration incident.

Imagine that a user moves records from a standard Salesforce object to a custom created object for which the user has access and report generation permissions. This event could be a potential threat, as replicating sensitive information and storing it within your infrastructure can result in massive amounts of data exfiltration. Log360 can report on this content transfer activity within the Salesforce platform and alert you via SMS and email, so you can take action to prevent any potential attack.