You are here: Clients > Web Query Client > How To > Salesforce Monitoring > Review Salesforce Events in SecurityCenter CV

Review Salesforce events in SecurityCenter CV

Steps

  1. Navigate to SecurityCenter and log on with a user account that has permission to view logs for the organization.

    A dashboard that corresponds to the user role appears.

  2. In the top navigation bar, click Analysis, and then click the Events link.

    The Event Analysis page appears, displaying the Type Summary section.

  3. Click the Type Summary button, and then select Normalized Event Summary.

    The Normalized Event Summary section appears.

  4. In the upper-left corner of the page, click .

    The Filters pane appears.

  5. Click the Select Filters button, and then, in the Add Filter popout, select Normalized Event.

  6. Click the Apply button.

  7. Click the Normalized Event box, and then, in the Normalized Event popout, type Salesforce-*.

  8. Click OK.

  9. In the Filters pane, click the Apply All button.

    In the Normalized Event Summary section, the list of events is filtered and displays only events that start with Salesforce-.

    For Salesforce, the Web Query Client monitors login successes and failures, and the creation and modification of user accounts. For a list of specific events, click a Salesforce event type (e. g., Salesforce-Remote_Access_Login) listed in the Normalized Event Summary section. You can also click the Jump to Raw Syslog Events link to directly view the log data.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.