Monitoring & Auditing Tools in Salesforce

In this post, we will talk about a different way to Monitor and audit your Salesforce org. We will cover some important Monitoring and auditing tools In Salesforce that diagnose issues in your Salesforce org. Those tools scan your instance of Salesforce and compare your security settings.

Monitoring & Auditing Tools in Salesforce

There are different Monitoring and auditing Tools available in Salesforce. Here are some of them

  1. Salesforce Health Checker
  2. Portal Health Check
  3. Salesforce Optimizer
  4. Salesforce Accelerator
  5. Manual Org Assessment
  6. Security Center
  7. Login History
  8. View Setup Audit Trail
  9. System Overview
  10. Field History Tracking
  11. Lightning Usage App
  12. Apex Exception Emails
  13. Debug Logs
  14. Event Monitoring
  15. Transaction Security Policy
  16. API Usage Notification
  17. Force.com Code Scanner
  18. Apex PMD
  19. Custom Error Handling Framework
  20. Apex Guru.

Security Troubleshooting Tools in Salesforce

There are different types of Monitoring and auditing Tools in Salesforce org. Let’s start with Security Troubleshooting Tools in Salesforce

1. Salesforce Health Checker

We can use the Salesforce health checker tool to analyze vulnerabilities in your Salesforce Org on a single page. The Health Check tool is available in the Setup menu. Health Check gives you visibility into all of your org’s security settings and allows you to identify and fix security issues in one place.

Salesforce Health Checker tools

The health check tool compares and calculates your org’s total health check score based on the Salesforce Baseline standard. It determines all the below issue

  1. High-Risk Security Setting.
  2. Medium-Risk Security Setting.
  3. Low-Risk Security Setting.
  4. Informational Security Setting.

Salesforce Health Checker Tool is a Free tool. Provides a detailed report on your Salesforce org issues. Easily set medium to high-risk settings to Salesforce Baseline standard with a few clicks.

2. Portal Health Check

The Portal Health Check reports show how much access your portal users have to the data in your organization.

Portal Health Check Tool

Portal Health Check Reports

Health check reports show sensitive user permissions, object permissions, and field permissions granted through profiles, as well as organization-wide sharing settings and sharing rules

Portal Health Check Reports

3. Salesforce Optimizer

Salesforce Optimizer gives you detailed data for over 50 metrics covering storage, fields, custom code, custom layouts for objects, reports, dashboards, etc. Run Optimizer in sandbox or production to get recommendations for feature improvement, clean up customizations, reduce complexity, and drive feature adoption.

Salesforce Optimizer Report

The Salesforce Optimizer Report gives you a personalized report with advice and recommendations about improving your implementation. Optimizer analyzes your implementation to find ways to simplify customizations and drive feature adoption.

Consider running Salesforce Optimizer as part of your monthly maintenance before installing a new app, before each Salesforce release, or at least once a quarter. Learn more here.

4. Salesforce Accelerator

The Salesforce Accelerator tool is available on demand. It allows users who face technical issues in their Salesforce instance to get individualized technical support on demand. This expert guidance will then help you figure out your Salesforce org issues and solve them. Once you run a health check using a Salesforce Accelerator, you will get a list of issues and recommendations for fixing them.

The Salesforce Accelerator tool is available to organizations as part of a Salesforce Premier Success Plan. You need to submit a request for a Salesforce Accelerator on the Help and Training portal, and you will get in touch with certified specialists.

5. Manual Org Assessment

If you don’t prefer tools, you can always conduct a manual org assessment to analyze the health of your Salesforce Org. But be mindful that there needs to be a method to your madness. You cannot directly go into the Salesforce system, hunt down specific issues, and resolve them immediately. It’s best to follow a pattern while doing so.

Manual Org Assessment Report

You can start preparing your org assessment report with the link below:

  • Points to consider for Assessment:
    • Data Storage considerations
    • License Usages 
    • Workflows v/s Triggers Implementation
    • Batch Classes and Scheduler per object
    • Custom setting/ Metadata configuration for controlling Triggers.
    • Standard vs Custom Development
    • Record and ownership skews
  • Categorizing the issue based on Priority and Complexity
    • Quick Fixes
    • Workarounds.
  • Providing Recommendations for Customers.
    • Configuration changes
    • Usage Guidelines
    • System Limitations

6. Security Center

The Security Center gives you a single view of your security, privacy, and governance posture across your Salesforce org and tenants. Use the app to review up-to-date health check scores, access settings, and user and login metrics in one easy-to-read interface.

Security Center helps to manage securities within Salesforce easily. It can help to trace any security or policy violations done by internal actors. Its Pillars are:

  • Simplify Security Management: Simplify multi-org security management and boost admin productivity by managing all your security controls in a single view.
  • Gain Visibility for Better Insights: View Critical metrics across all Organizations together and make better decisions.
  • Threat and Anomalies detection: Helps to identify and surface unknown threats using AI and ML with Threat Detection.

Salesforce Security Center Overview Video

YouTube video

Security Center Dashboard

The Salesforce Security Center dashboard provides a Summary, and category dashboards provide high-level snapshots of your data for simplified auditing. You can see up to 6 months’ data in easy-to-read dashboards and graphs. It presents data in the below category:

  • Authentication
  • Configuration
  • Permissions
  • User

Learn more about the Salesforce Security Center tool here.

Auditing Tools in Salesforce

Let’s talk about Auditing tools available in Salesforce.

7. Login History

When we talk about auditing, login history comes to mind every first time. The Login History tool shows all login attempts to your Salesforce org and Experience Cloud sites. The Login History report page shows up to 20,000 records of user logins for the past six months.

Login History tool

8. View Setup Audit Trail

With the help of  View Setup Audit Trail, we can check any metadata change performed by Users in our org.

View Setup Audit Trail

9. System Overview

If you want to see the high-level System details, then the System overview is the best tool for you. System Overview provides you with a summary of key usage data for your org. The system overview page shows usage data and limits for your organization and displays messages when you reach 95% of your limit.

System Overview in Salesforce

To access the system overview page, enter System Overview in the Quick Find box from Setup, then select System Overview.

10. Field History Tracking

So far, we have learned how to audit login, configuration changes, and overall system limits. But what about data? If you want to audit when the data changed, who changed the data, and what the old value was, then Field history tracking is your best friend.

Field History Tracking

You can select certain fields to track and display the field history in the History-related list of an object. Field history tracking data doesn’t count against your data storage limits.

11. Lightning Usage App

The Lightning Usage App allows you to monitor adoption metrics, such as daily active users and the most visited pages in Lightning Experience. You can also track the number of your active licenses. These insights help you understand your users’ needs so that you can focus on the issues that really matter.

Lightning Usage App

12. Apex Exception Emails

Set the email addresses that receive notifications when your Apex code encounters unhandled exceptions. Emails can be sent to your Salesforce org’s users and to external email addresses

When unhandled Apex exceptions occur, emails are sent that includes the Apex stack trace, exception message, and the customer’s org and user ID. No other data is returned with the report. Unhandled exception emails are sent by default to the developer specified in the LastModifiedBy field on the failing class or trigger.

13. Debug Logs

A debug log records database operations, system processes, and errors occurring when executing a transaction or running unit tests. The system generates a debug log for a user every time that user executes a transaction and the user has a trace flag with start and expiration dates that contain the transaction’s start time. You can monitor and retain debug logs for the users specified below

Debug Logs Tool

Monitoring Tools in Salesforce

Let’s see which all monitoring tools we have in Salesforce

14. Event Monitoring

Use event monitoring to discover insights into your Salesforce org to help keep your data secure. It lets you see the granular details of user activity in your organization. You can view information about individual events or track trends in events to Swifty identify abnormal behavior and safeguard your company’s data.

Learn about Shield Platform Encryption from our session.

YouTube video

15. Transaction Security Policy

Using the Transaction Security Policy, you can define events to monitor and take action when that event happens. You can use Real-Time Events in Transaction Security to enforce policies in near real-time. When a policy is triggered, notifications are sent through email or in-app notifications.

What can we do with Transaction Security?

  • Alert that notifies when someone runs reports containing sensitive data
  • Alert for exporting reports with more than a thousand records
  • make sure no one is using an unsupported browser

NOTE: To use Transaction Security, you have first to purchase a Salesforce Shield or Salesforce Shield Event Monitoring add-on subscription.

16. API Usage Notification

With the API Usage Notification tool, we can define the API usage threshold and get notified when it is exceeded. When you create a request usage notification, you specify a user to receive an email notification whenever your org exceeds a specified limit for the number of API requests made in a specified span of time.

API Usage Notification

Code Scanning Tools in Salesforce

What about custom code? Let’s see which tools are available for code scanning.

17. Force.com Code Scanner

Checkmark Apex Code Scanner is a tool that Salesforce powers. It runs a security scan on your Salesforce org and gives a detailed risk report based on your code quality and security. It identifies every loophole in your apex code and checks if it aligns with Salesforce best practices.

Advantages

  • Free with limitations but paid version is also there.
  • Scans through each and every line of your code in your Salesforce org.
  • Reduces the chance of an array of bugs before the next upgrade

18. Apex PMD

PMD is a well-known source code analyzer for Java and many more languages. Salesforce joined with open-source developers to create this powerful tool, Apex PMD, which supports the Apex language. It finds common programming flaws like unused variables and empty catch blocks. It will allow us better quality and avoid maintenance, performance, and bug problems in our Apex code.

Advantages

  • It’s free and open source
  • You can define your own custom rules

Learn more about Apex PMD.

19. Custom Error Handling and logging framework

Debugging in Salesforce has its challenges. Sometimes, there might be an Apex error email with a stack trace, but this typically just points at a location without telling the support person anything about the context of the error. What were the arguments passed into this method? What did those queries return? Nobody knows.

Build a custom error handling and logging framework to monitor the apex class code.

20. Apex Guru

ApexGuru automates the detection of critical anti-patterns and performance hotspots in your apex code (runtime profiles) and provides customers with AI-driven insights and prescriptive code recommendations. It’s powered by Generative Artificial Intelligence (CodeT5 Model). Learn more.

Summary

I hope this list of Monitoring and auditing Tools in Salesforce will help you keep your sales org healthy. Let us know which tool you like and use in your project.

Amit Chaudhary
Amit Chaudhary

Amit Chaudhary is Salesforce Application & System Architect and working on Salesforce Platform since 2010. He is Salesforce MVP since 2017 and have 17 Salesforce Certificates.

He is a active blogger and founder of Apex Hours.

Articles: 469

4 Comments

  1. Nice article as always!
    One thing I’d like to add to this whole list is the recently launched Scale Center to cover the org performance and the Apex Guru Insights as well.
    I’ve started using it and I’m leveraging good information from it.
    Thanks Amit!
    Always a pleasure to learn from you guys!

Leave a Reply

Your email address will not be published. Required fields are marked *