Monitoring & Auditing Tools in Salesforce

Monitoring & Auditing Tools in Salesforce

In this post, we will talk about a different way to Monitor and audit your Salesforce org. We will cover some important Monitoring & Auditing tools In Salesforce that diagnose issues in your Salesforce org. Those tools scan your instance of Salesforce and compare your security settings.

Monitoring & Auditing Tools in Salesforce

There are different Monitoring & Auditing Tools are available in Salesforce. Here are some of them

  1. Salesforce Health Checker
  2. Portal Health Check
  3. Salesforce Optimizer
  4. Salesforce Accelerator
  5. Manual Org Assessment
  6. Security Center
  7. Login History
  8. View Setup Audit Trail
  9. System Overview
  10. Field History Tracking
  11. Lightning Usage App
  12. Apex Exception Emails
  13. Debug Logs
  14. Event Monitoring
  15. Transaction Security Policy
  16. API Usage Notification
  17. Force.com Code Scanner
  18. Apex PMD
  19. Custom Error Handling framework

Security Troubleshooting Tools in Salesforce

There are different types of Monitoring and auditing Tools in Salesforce org. Let’s start the with Security Troubleshooting Tools in Salesforce

1. Salesforce Health Checker

We can use the Salesforce health checker tool to analyze vulnerabilities in your Salesforce Org on a single page. The Health Check tool is available in the Setup menu. Health Check gives you visibility into all of your org’s security settings and allows you to identify and fix security issues in one place.

Salesforce Health Checker tools

The health check tool compares and calculates the total health check score for your org base on the Salesforce Baseline standard. It determines all below issue

  1. High-Risk Security Setting.
  2. Medium-Risk Security Setting.
  3. Low-Risk Security Setting.
  4. Informational Security Setting.

Salesforce Health Checker Tool is a Free tool. Provides a detailed report on your Salesforce org issues. Easily set medium to high-risk settings to Salesforce Baseline standard with a few clicks.

2. Portal Health Check

Portal Health Check reports show how much access your portal users have to the data in your organization.

Portal Health Check Tool

Portal Health Check Reports

Portal health check reports show sensitive user permissions, object permissions, and field permissions granted through profiles, as well as organization-wide sharing settings and sharing rules

Portal Health Check Reports

3. Salesforce Optimizer

Salesforce Optimizer gives you detailed data for more than 50 metrics covering from storage, fields, custom code, custom layouts for objects, reports, dashboards, etc. Run Salesforce Optimizer in sandbox or production to get recommendations for feature improvement, clean up customizations, reduce complexity, and drive feature adoption..

Salesforce Optimizer Report

Salesforce Optimizer Report gives you a personalized report with advice and recommendations about how you can improve your implementation. Salesforce Optimizer analyzes your implementation to find ways to simplify customizations and drive feature adoption.

Consider running Salesforce Optimizer as part of your monthly maintenance, before installing a new app, before each Salesforce release, or at least once a quarter. Learn more here.

4. Salesforce Accelerator

The Salesforce Accelerator tool is available on demand. It allows users who face technical issues in their Salesforce instance to get individualized technical support on demand. This expert guidance will then help you figure out your Salesforce org issues and solve them. Once you run a health check using a Salesforce Accelerator, you will get a list of issues and recommendations on possible ways of fixing them.

The Salesforce Accelerator tool is available to organizations that are part of a Salesforce Premier Success Plan. You need to submit a request for a Salesforce Accelerator on the Help and Training portal you will get in touch with certified specialists.

5. Manual Org Assessment

If you don’t prefer tools, you can always conduct a manual org assessment to analyze the health of your Salesforce Org. But be mindful that there needs to be a method to your madness. You cannot directly go into the Salesforce system, hunt down specific issues and start resolving them right away. It’s best to follow a pattern while doing so.

Manual Org Assessment Report

You can start preparing your org assessment report with the like below:

  • Point to consider for Assessment:
    • Data Storage considerations
    • License Usages 
    • Workflows v/s Triggers Implementation
    • Batch Classes and Scheduler per object
    • Custom setting/ Metadata configuration for controlling Triggers.
    • Standard vs Custom Development
    • Record and ownership skews
  • Categorizing the issue based on Priority and Complexity
    • Quick Fixes
    • Workarounds.
  • Providing Recommendation for Customers.
    • Configuration changes
    • Usage Guidelines
    • System Limitations

6. Security Center

The Security Center gives you a single view of your security, privacy, and governance posture across all of your Salesforce org and tenants. Use the app to review up-to-date health check scores, access settings, and user and login metrics in one easy-to-read interface.

Security Center helps to easily manage securities within Salesforce. It can help to trace any security or policy violation done by internal actors. Its Pillars are:

  • Simplify Security Management: Simplify multi-org security management and boost admin productivity by managing all your security controls in a single view.
  • Gain Visibility for Better Insights: View Critical metrics across all Orgs together and make better decisions.
  • Threat and Anomalies detection: Helps to identify and surface unknown threats using AI and ML with Threat Detection.

Salesforce Security Center Overview Video

Security Center Dashboard

The Salesforce Security Center dashboard provides a Summary and category dashboards provide high-level snapshots of your data for simplified auditing. You can see up to 6 months’ worth of data in easy-to-read dashboards and graphs. It presents data in below category:

  • Authentication
  • Configuration
  • Permissions
  • User

Learn more about the Salesforce Security Center tool here.

Auditing Tools in Salesforce

Let’s talk about Auditing tools available in Salesforce.

7. Login History

When we talk about auditing then login history comes to mind every first time. With the Login History tool, you can see all login attempts to your Salesforce org and Experience Cloud sites. The Login History report page shows up to 20,000 records of user logins for the past 6 months.

Login History tool

8. View Setup Audit Trail

With the help of  View Setup Audit Trail, we can check any metadata change performed by Users in our org.

View Setup Audit Trail

9. System Overview

If you want to see the high-level System details then the System overview is the best tool for you. System Overview provides you a summary of key usage data for your org. The system overview page shows usage data and limits for your organization and displays messages when you reach 95% of your limit.

System Overview in Salesforce

To access the system overview page, from Setup, enter System Overview in the Quick Find box, then select System Overview.

10. Field History Tracking

So far we learn about how to audit login, configuration changes, and over all system limits. But what about data? If you want to audit when the data changed and who changed the data and what was the old value then Field history tracking is your best friend.

Field History Tracking

You can select certain fields to track and display the field history in the History related list of an object. Field history tracking data doesn’t count against your data storage limits.

11. Lightning Usage App

The Lightning Usage App allows you to monitor adoption metrics, such as daily active users and the most visited pages in Lightning Experience. You can also track the number of your active licenses. These insights help you understand your users’ needs so that you can focus on the issues that really matter.

Lightning Usage App

12. Apex Exception Emails

Set the email addresses that receive notifications when your Apex code encounters unhandled exceptions. Emails can be sent to your Salesforce org’s users and to external email addresses

When unhandled Apex exceptions occur, emails are sent that includes the Apex stack trace, exception message, and the customer’s org and user ID. No other data is returned with the report. Unhandled exception emails are sent by default to the developer specified in the LastModifiedBy field on the failing class or trigger.

13. Debug Logs

A debug log records database operations, system processes, and errors that occur when executing a transaction or while running unit tests. The system generates a debug log for a user every time that user executes a transaction and the user has a trace flag with start and expiration dates that contain the transaction’s start time. You can monitor and retain debug logs for the users specified below

Debug Logs Tool

Monitoring Tools in Salesforce

Let see which all monitoring tools we have in Slesforce

14. Event Monitoring

Use event monitoring to discover insights into your Salesforce org to help keep your data secure. It lets you see the granular details of user activity in your organization. You can view information about individual events or track trends in events to Swifty identify abnormal behavior and safeguard your company’s data.

Learn about Shield Platform Encryption from our session.

15. Transaction Security Policy

Using the Transaction Security Policy, you can define events to monitor and take action when that event happens. You can use Real-Time Events in Transaction Security to enforce policies in near real time. When a policy is triggered, notifications are sent through email or in-app notifications

What we can do with Transaction Security?

  • Alert that notifies when someone runs reports containing sensitive data
  • Alert for exporting reports with more than a thousand records
  • make sure no one is using an unsupported browser

NOTE: To use Transaction Security, you have to first purchase a Salesforce Shield or Salesforce Shield Event Monitoring add-on subscription.

16. API Usage Notification

With the API Usage Notification tool, we can define the API usage threshold and get notified when it is exceeded. When you create a request usage notification, you specify a user to receive an email notification whenever your org exceeds a specified limit for the number of API requests made in a specified span of time.

API Usage Notification

Code Scanning Tools in Salesforce

What about custom code? Let see which all tools are available for code scanning.

17. Force.com Code Scanner

Checkmark Apex Code Scanner is a tool which is powered by Salesforce. It runs a security scan on your Salesforce org and gives a detailed report on risks based on your code quality and security. It figures out every loophole present in your apex code and checks if it aligns with Salesforce best practices.

Advantages

  • Free with limitation but paid version is also there.
  • Scans through each and every line of your code in your Salesforce org.
  • Reduces the chance of an array of bugs before next upgrade

18. Apex PMD

PMD is very well known source code analyzer for Java and many more languages. Salesforce joined hands with open source developers to create this powerful tool Apex PMD which supports the Apex language. It finds common programming flaws like unused variables, empty catch blocks. It will allow us to have a better quality and avoid maintenance, performance and bug problems in our Apex code.

Advantages

  • It’s free and open source
  • You can define your own custom rules

19. Custom Error Handling and logging framework

Debugging in Salesforce has its challenges. Sometimes, there might be an Apex error email with a stack trace, but this typically just points at a location without telling the support person anything about the context of the error. What were the arguments passed into this method? What did those queries return? Nobody knows.

Build a custom error handling and logging framework to monitor the apex class code.

Summary

I hope this list of Monitoring & Auditing Tools in Salesforce will help you to keep your Salesforce org healthy. Let us know which tool you like alot and using in your project.

Amit Chaudhary

Amit Chaudhary

Amit Chaudhary is Salesforce Application & System Architect and working on Salesforce Platform since 2010. He is Salesforce MVP since 2017 and have 17 Salesforce Certificates. He is a active blogger and founder of Apex Hours.

Share this article

Leave a reply

Subscribe for Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 3,541 other subscribers

Our Supporter

RECENT POSTS

Apex Hours

Apex Hours is one stop platform to learn Salesforce skills and technology

Join our Newsletter and get tips and tricks how to explore the salesforce for free!