UTMStack Datasources SalesForce

In this chapter, we will discuss a useful tool whose primary function is extracting logs from Salesforce and sending them to UTMStack's correlation endpoint. In this well-explained tutorial, you will learn how to configure and use this tool to take full advantage of its capabilities and improve your Salesforce environment's event monitoring and correlation process.


The first step to ensure communication between the tool and the Salesforce platform is the configuration of some environment variables. Please see below for a list of these variables and their descriptions:

Required Variables

  • clientID: Represents the customer key from the connected app configuration. The default value is "not set."
  • clientSecret: Represents the customer secret from the corresponding app configuration. The default value is "not set."
  • username: Represents the username used to connect to the Salesforce platform. The default value is "not set."
  • password: Represents the user's password to connect to the Salesforce platform. The default value is "not set."
  • security token: Represents the security token associated with the user above. The default value is "not set."
  • instanceUrl: Represents the instance URL provided by Salesforce. The default value is "not set."

Optional Variables

OAuthService: Represents the Salesforce base login URL.
The default value is "https://login.salesforce.com."
  • LoginEndpoint: Represents the Salesforce endpoint to retrieve the session token. The default value is "/services/oauth2/token".
  • EventsEndPoint: Represents the Salesforce endpoint of the event log files to get the data by Id. The default value is "/services/data/v57.0/objects/EventLogFile".
  • QueryEndPoint: Represents the Salesforce endpoint to query and return all the event log files endpoints. The default value is "/services/data/v57.0/query".
  • SIEMURL: Represents the log destination after extracted and transformed from Salesforce. The default value is "http://correlation:8080/v1/newlog".
So that you know, variables marked as (Required) must be defined even if they have a default value. (Optional) variables can be omitted, in which case the default value will be used.
For more information about how to get some variable values from Salesforce, please check Here.

Building with Docker

To build the application for you, you must build the corresponding one based on the Dockerfile located at the root of the application files. To do this, run the docker build command with the appropriate options.
For example:
Docker build -t forces:latest -f Dockerfile
After the image is built, you can run it using the docker run command and pass all the required variables using the -e varValue option.
That's it! You can now run your Salesforce application with Docker.

Using Docker in production for UTMStack Datasource for Salesforce

Using a Docker container when running the stable version of UTMStack Datasource for Salesforce in a production environment is recommended. Follow these steps:
Download the Docker image with the following command:
docker pull ghcr.io/atlasinsidecorp/sforceds:latest
This command will download the latest stable version of the tool.
Please ensure you have set up the necessary environment variables described in the tutorial.
To avoid processing the duplicate records repeatedly, create a Docker volume and point it to the /local_storage folder with read and write permissions.
To do this, create a folder on your machine to map the volume with the following command:
Bash Copy code
mkdir -p /utmstack/sforceds/
Add the volume to your Docker Compose configuration file by including the following code:

Python Copy code

- /utmstack/sforceds/:/local_storage 
Start the Docker Compose by running the corresponding command. If you are not using Docker Compose, create the volume using the docker volume create order and associate it with the container before running the tool.
Following these steps, you can quickly and effectively run the UTMStack Datasource for Salesforce in a production environment.

Salesforce Documentation Reference

If you're new to Salesforce and need help with how to retrieve values for environment variables related to the Salesforce platform, don't worry. We've got you covered with some helpful information.

Step 1: Click on Your Profile

To find your instance URL, you can start by clicking on your profile icon in the top right corner of the screen.

Step 2: Locate the Instance URL

After clicking on your profile icon, a dropdown menu displaying your user information will appear. Below your user information, I have for you here the instance URL.

Step 3: Search for the My Domain URL

To find the current My Domain URL, type "My Domain" in the quick search bar at the top left of the screen Setup.

Step 4: Find the Current My Domain URL

Select "My Domain Details" from the search results to view the current My Domain URL.

Ensure that you add the HTTP protocol to the environment variable

value -> https://myproj-dev-ed.develop.my.salesforce.com.

User information

The user information and credentials are provided by Salesforce when you create the account, but in case you've lost the email, click on your profile icon at the top right of the screen, and go to settings; you will be redirected to your "Personal Information":
Username: You should see your username and more in the "Personal Information" option of the left menu.
Password: You can change your password with the "Change My Password" option on the menu at the left, but be aware when you change user information like password, a new security token is generated.
Security Token: With the "Reset My Security Token" option on the menu at the left, you can get a new security token.

Customer key and secret

Customer Key and Secret for OAuth authentication to the Salesforce API from external applications require that you have a "Connected App" configured. Here's how to do it:
You can log in to your Salesforce instance.
Go to "Setup" and select the "Setup for the current app" option at the top right of the screen.
Type "App Manager" in the quick search box and select the "App Manager" option.
On the "Lightning Experience App Manager" screen, click the "New Connected App" button and fill in the fields.
In the "API (Enable OAuth Settings)" section, check "Enable OAuth Settings" and use https://login.salesforce.com/services/oauth2/success as the "Callback URL" value.
In the same section, be sure to select "Access Connect REST API resources (chatter_api)" in the "Selected OAuth Scopes" field.
Save your changes and select "Continue" on the next screen.
You will be redirected to a page with details of the Connected App you created. In the "API (Enable OAuth Settings)" section, click the "Manage Consumer Details" button next to "Consumer Key and Secret."
You will be prompted to verify your identity by a code sent to your email. Once you verify your identity, you should see your customer key and secret in the "Consumer Details" section.
Save your customer key and secret safely using the "Copy" button.