Salesforce Insights

Latest Dynatrace
Extension
12-min read

Salesforce Insights enables Salesforce administrators and IT operation teams to monitor their Salesforce environment.

Setup

Learn how to set up Salesforce Insights and find out what kind of data it can capture.

Make sure to meet the following requirements to use the extension.

Salesforce account

The Salesforce extension can capture four types of Salesforce data. Select each configuration for more details.

The Event Streaming configuration allows you to monitor the usage of your Salesforce CRM account.
The EventLogFile configuration allows you to ingest log files from Salesforce into Dynatrace.
The API Queries configuration allows you to ingest Salesforce Object Query Language (SOQL) data into Dynatrace. The data is ingested into Dynatrace as log events or Business Events.
The Platform Events configuration allows you to subscribe to custom Salesforce Platform Events and ingest them as Business Events into Dynatrace.

Authentication

Choose one of the three authentication methods that best suits your needs.

In this mode the extension connects as a connected app. This is the recommended authentication mechanism.
Technically, the app implements the OAuth 2.0 JWT Bearer Flow.

Dynatrace will ask for

The Consumer Key of the connected app.
The Private Key of the connected app.
The Subject of the JWT token—this is the username of a user that is part of a Profile in the connected app.

Requirements

openssl—for generating the certificate, not needed if you already have a certificate and a private key

Note: on Windows, if you have git installed, you should also have a copy of openssl.
You should find it in a directory such as C:\Program Files\Git\mingw64\bin depending on your installation.

Certificate

The connected app must have a certificate that we later authenticate with Salesforce using this certificate's private key.

This command generates a certificate and a private key:

openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out cert.pem

The cert.pem file will be later added to the connected app.
The key.pem file will be used by Dynatrace to authenticate with Salesforce.

Create the connected app

In Salesforce Lightning

Under Setup > Apps > External Client Apps > Settings make sure that Allow creation of connected apps is On.
Select New Connected App.

Name the app and add the contact email. Under API (Enable OAuth Settings):

Check Enable OAuth Settings
If the Callback URL is not used, you can put in http://localhost
Check Use digital signatures
Upload the cert.pem file generated above under Use digital signatures.
In Selected OAuth Scopes, add these scopes:
- Manage use data via APIs (API)
- Perform requests at any time (refresh_token, offline_access)
Leave all other settings as default and select Save.

OAuth policy

Set up the OAuth Policy permitted users.
Under Apps > App Manager, Find the connected app and select Manage.
Click the Edit Policies button.
Under OAuth Policies select Admin approved users are pre-authorized.
Select Save.

Approved users

Identify users that can use the app. You can do it by adding Profiles to the Application Profile Assignment list.

On the connected app page, go to Profiles > Manage Profiles.
Add profiles that can use the connected app. Note: Later, any username from these profiles can be used as the Subject when configuring the extension.

Profiles need the following permissions for event streaming:

General user permissions
- View Real-Time Event Monitoring Data
Administrative permissions
- Customize Application
- View All Data

To check the needed permissions documentation, see how to Enable Access to Real-Time Event Monitoring.

A regular Salesforce user with the permissions for the desired configuration (Event Streaming, Event Log File or SOQL).
The password for the user.
The security token for the user.

Note that this option is not recommended as user passwords and security tokens can change, it is usually used just to test the extension.

For Client ID authentication, select Enable Client Credentials Flow in the Connected App or the External Client App settings, and provide the Consumer Key and Consumer Secret.

You will also need to select a user to run the app as. Do this under App Manager > Manage > Edit Policies > Client Credentials Flow > Run As.

Note that this is not as secure as a Connected App with a certificate.

Enable extension

To enable the Salesforce Extension, you must have an Environment ActiveGate.

Find the extension in Hub and activate it.
Select Add monitoring configuration on the Configuration page.
Select an ActiveGate group.
- One of these servers will need to access the salesforce API, which is publicly available.
- The login URLs are: https://login.salesforce.com or https://test.salesforce.com
- The Pub/Sub endpoints are: api.pubsub.salesforce.com:7443 or api.deu.pubsub.salesforce.com:7443
- A proxy can be configured later if necessary.

The parameters for the monitoring configuration

Parameter	Description
Endpoint name	Choose a helpful name to identify the endpoint
Login URL	Choose from Production or Sandbox
Pub/Sub URL	Choose from Global Endpoint or Europe (Frankfurt) Endpoint
Reporting Mode	Business Events, Logs, OpenKit (RUM)
Custom Application ID	The Dynatrace Custom Application ID for the app you created before(only needed if a managed environment is used and OpenKit is used as reporting mode.)
Authentication type	Choose from username and password or connected app
Events filtering	Choose which real-time events you'd like to send to Dynatrace, by default all are enabled
Usernames Blocklist	Optional list of Usernames to ignore; use this to block automation/API users from reporting
Proxy	Optional proxy; in case the ActiveGate cannot connect to the Salesforce URLs

OpenKit

If you use OpenKit, we recommend starting with the Custom Application setup.

Salesforce Data Ingest

Choose one of the three data ingest methods based on your monitoring needs.

Capture real-time events from Salesforce and send them as Business Events to Dynatrace.

RUM ingest should only be used on Managed Environments.

Enable Real-time event Streaming.
In Setup > Event Manager, enable Streaming Data for the events you want to capture.
Obtain the credentials needed for the extension to connect to Salesforce.

Enable use cases such as:

Track Session Hijack, Credential Stuffing and Anomaly Events
Track important permission sets and changes
What are the slowest Lightning or Classic pages response times?
What files are being uploaded, downloaded, and by which user?
What are the most used reports, who is running them, what queries are being used?
What are the top API Queries being made?
What browsers are users using?
Where is Salesforce being accessed from?
How many users are using the platform currently, what is the user experience?

The extension uses the Salesforce Pub/Sub API to list for Event Streaming Events. These events are captured and sent as Business events, or in case of OpenKit as User Actions, with all their respective properties sent as Action Properties.

For a detailed description of every event and their properties, see the Salesforce documentation.

Currently captured events

Events	Description
ApiAnomalyEvent	Track anomalies in how users make API calls.
ApiEventStream	Track user API queries in your organization.
BulkApiResultEvent	Track when a user downloads the results of a Bulk API request.
ConcurLongRunApexErrEvent	Track when a Concurrent Long Running Apex error has occurred.
CredentialStuffingEvent	Track when a user successfully logs in to Salesforce during an identified credential stuffing attack.
FileEvent	Track file activity. For example, track when a user downloads or previews a file.
LightningUriEventStream	Track when a user creates, accesses, updates, or deletes a record in Salesforce Lightning.
ListViewEventStream	Track when a user accesses data with list views.
LoginAsEventStream	Track when an admin logs into your organization as another user.
LoginEventStream	Track when a user logs in to your organization.
LogoutEventStream	Track when a user logs out in the Salesforce UI.
PermissionSetEvent	Track when users are assigned the Modify All Data or View All Data permission through a permission set.
ReportAnomalyEvent	Track anomalies in how users run or export reports.
ReportEventStream	Track when a user accesses or exports data with reports.
SessionHijackingEvent	Track when an unauthorized user gains ownership of a Salesforce user’s session with a stolen session identifier.
UriEventStream	Track when a user creates, accesses, updates, or deletes a record in Salesforce Classic.

The extension is limited to events that Salesforce produces as Real-Time Events.

Choose your reporting mode for Event Streaming data:

Business Events

For business events, all data is ingested using the business events API.

It can be queried using DQL:

fetch bizevents
| filter event.type == "salesforce.ApiEventStream"

Visualization of a query result

img.png

Each of the events of type salesforce.NameOfTheEvent will have all properties documented by Salesforce. For instance, see the properties for an ApiEventStream.

So we can create visualizations using all of these properties.

fetch bizevents
| filter event.type == "salesforce.ApiEventStream"
| summarize count(), by: {SourceIp}

Visualization of a query result

img.png

You can get a list of all event types with DQL:

fetch bizevents
| filter event.provider == "https://dynatrace--staging.sandbox.my.salesforce.com"
| summarize count(), by: {event.type}

Visualization of a query result

img.png

Example: Get logins by user overtime

fetch bizevents
| filter event.type == "salesforce.LoginEventStream"
| makeTimeseries logins=count(), by:{Username}, interval: 5m
| sort logins desc

Visualization of a query result

img.png

OpenKit

To create a custom application to receive the data:

In Hub, see Digital Experience Monitoring section. Then, select Generic front end > Set up.
Create your custom application—name it and choose an icon.
Select Monitor custom application.

custom-app-01

In the Custom application settings, go to Instrumentation wizard and save the Application ID for later.

custom-app-02

Now you can enable the extension. For details, go back to the #enable-extension section.

The data is sent to the Frontend application that you created, so you can access:

Sessions Details
The individual properties, by selecting User Action > Perform waterfall analysis

To use these properties in User Sessions Query Language:

In the application settings, go to Session and user action properties.
Create a property. Note: the Name must match exactly the property name, see Salesforce events.

Example: Capture the rows number

salesforce-data-04

Querying the property:

SELECT useraction.name, SUM(longProperties.rowsprocessed) FROM useraction WHERE useraction.name STARTSWITH "Report" GROUP BY useraction.name

salesforce-data-05

EventLogFile

Capture event log files from Salesforce and ingest them as logs to Dynatrace.

EventLogFile needs to be enabled in Salesforce.
The user must have set permissions to read event log files.

Details

Create a new EventLogFile configuration by selecting Configure EventLogFile.
Note that under Events to capture all the different Log Files will be disabled by default.
Select which log files you would like to ingest.

Do not expect real-time data out of this configuration. Event Log data is delayed by several hours in Salesforce.

Visualization

The events are sent as Log Events to Dynatrace, and can be queries using DQL:

fetch logs
| filter query.type == "EventLogFile"

Visualization of a query result

img.png

Every property for a certain Event Log File will be available.
To find fields details, see EventLogFile Supported Event Types.

Example

Get details about ApexExecution events:

fetch logs
| filter EVENT_TYPE == "ApexExecution"
| fields TIMESTAMP_DERIVED, ENTRY_POINT, EXEC_TIME, CPU_TIME, DB_TOTAL_TIME, NUMBER_SOQL_QUERIES

Visualization of a query result

img.png

API Queries (SOQL)

Run SOQL queries against Salesforce and ingest the data as logs or Business Events. The user must have permissions to query the Salesforce API, and read the Objects that are being queried.

Details

To ingest Salesforce Object Query Language (SOQL) data into Dynatrace,

Select Configure API queries.
Add up to 100 SOQL queries to be executed at the specified interval. Each query has the following parameters:
- Query Name—A name for the query that will help you locate this query data later in Dynatrace Logs.
- Query—The SOQL query to be executed.
  - The query must contain at least one datetime field.
  - The placeholder {last_execution_timestamp} must be used to filter the query results and deduplicate the data.
  - Example: SELECT Id, CreatedDate, Field, NewValue, OldValue FROM OpportunityFieldHistory WHERE CreatedDate > {last_execution_timestamp}
- Frequency
  - The frequency can be of type Interval or Cron.
  - Interval—The query will be every X minutes.
  - Cron—The query will be executed based on the cron expression provided, you can use crontab guru to generate the cron expression.

Visualization

Let's consider this query configuration:

Query Name: Logins
Query: SELECT UserId, COUNT(Id) from LoginHistory WHERE LoginTime > {last_execution_timestamp} GROUP BY UserId

img.png

The results can be obtained with the DQL:

fetch logs
| filter query.name == "Logins"

Visualization of a query result

img.png

And a chart could be created with:

fetch logs
| filter query.name == "Logins"
| makeTimeseries sum(toDouble(expr0)), by: {UserId}, interval: 5m

Visualization of a query result

img.png

You can also fetch all the queries and their text configured for this Salesforce instance:

fetch logs
| filter event.provider == "https://dynatrace--staging.sandbox.my.salesforce.com"
| summarize count(), by: {query.name}

Visualization of a query result

img.png

Platform Events

Subscribe to custom Salesforce Platform Events and ingest them as Business Events to Dynatrace.

Platform Events provide a powerful way to send and receive custom event notifications within Salesforce and to external systems. This configuration allows you to capture real-time event data from custom platform events, standard platform events, and change data capture events.

Details

To ingest Salesforce Platform Events into Dynatrace:

Select Configure Platform Events.
Add the topics you want to subscribe to. Topics follow these formats:
- Custom Platform Events: /event/YourCustomEvent__e
- Standard Platform Events: /event/LoginEventStream, /event/LogoutEventStream
- Change Data Capture: /data/ChangeEvents, /data/AccountChangeEvent
Configure authentication using one of the supported methods (Connected App, User and Password, or Client ID).

Use Cases

Enable use cases such as:

Monitor custom business processes and workflows
Track changes to critical Salesforce objects with Change Data Capture
Integrate with external systems using custom Platform Events
Build real-time dashboards and alerts based on Salesforce events
Correlate Salesforce events with other observability data

Visualization

Platform Events are sent as Business Events to Dynatrace and can be queried using DQL:

fetch bizevents
| filter event.type == "salesforce.YourCustomEvent__e"

Example: Query all Platform Events from a Salesforce instance

fetch bizevents
| filter event.provider == "https://yourinstance.my.salesforce.com"
| summarize count(), by: {event.type}

Each Platform Event will include all custom fields defined on the event, making them available for filtering, grouping, and visualization.

Extend the retention period for Salesforce Insights data

By default, your ingested data is stored for 30 days. You can adjust the retention time by creating a custom bucket.

To create a custom bucket for a Salesforce event

In Dynatrace, go to Settings > Business Observability > Bucket assignment.
On the Business event bucket assignment page, select Add rule and name your rule.
In the Bucket field, choose your retention period.
Add a Matcher to your rule by typing or pasting your matcher-specific DQL query. Events that match your rule will be assigned to your selected bucket. If no rules match, events will be assigned to the default bucket. To assign all your Salesforce events to your bucket, you need to use the matcher containing the matchesValue function and your Salesforce URL, as in the example below.
```
matchesValue(event.provider, "https://environment.my.salesforce.com")
```
Select Save changes.

Troubleshooting

Error logs can be obtained via Dynatrace, by navigating to the Extension page, and selecting Status for each monitoring configuration.

Detailed logs can be obtained by creating an ActiveGate Diagnosis.

Salesforce Insights

Latest Dynatrace
Extension
12-min read

Salesforce Insights enables Salesforce administrators and IT operation teams to monitor their Salesforce environment.

Setup

Learn how to set up Salesforce Insights and find out what kind of data it can capture.

Make sure to meet the following requirements to use the extension.

Salesforce account

The Salesforce extension can capture four types of Salesforce data. Select each configuration for more details.

The Event Streaming configuration allows you to monitor the usage of your Salesforce CRM account.
The EventLogFile configuration allows you to ingest log files from Salesforce into Dynatrace.
The API Queries configuration allows you to ingest Salesforce Object Query Language (SOQL) data into Dynatrace. The data is ingested into Dynatrace as log events or Business Events.
The Platform Events configuration allows you to subscribe to custom Salesforce Platform Events and ingest them as Business Events into Dynatrace.

Authentication

Choose one of the three authentication methods that best suits your needs.

In this mode the extension connects as a connected app. This is the recommended authentication mechanism.
Technically, the app implements the OAuth 2.0 JWT Bearer Flow.

Dynatrace will ask for

The Consumer Key of the connected app.
The Private Key of the connected app.
The Subject of the JWT token—this is the username of a user that is part of a Profile in the connected app.

Requirements

openssl—for generating the certificate, not needed if you already have a certificate and a private key

Note: on Windows, if you have git installed, you should also have a copy of openssl.
You should find it in a directory such as C:\Program Files\Git\mingw64\bin depending on your installation.

Certificate

The connected app must have a certificate that we later authenticate with Salesforce using this certificate's private key.

This command generates a certificate and a private key:

openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out cert.pem

The cert.pem file will be later added to the connected app.
The key.pem file will be used by Dynatrace to authenticate with Salesforce.

Create the connected app

In Salesforce Lightning

Under Setup > Apps > External Client Apps > Settings make sure that Allow creation of connected apps is On.
Select New Connected App.

Name the app and add the contact email. Under API (Enable OAuth Settings):

Check Enable OAuth Settings
If the Callback URL is not used, you can put in http://localhost
Check Use digital signatures
Upload the cert.pem file generated above under Use digital signatures.
In Selected OAuth Scopes, add these scopes:
- Manage use data via APIs (API)
- Perform requests at any time (refresh_token, offline_access)
Leave all other settings as default and select Save.

OAuth policy

Set up the OAuth Policy permitted users.
Under Apps > App Manager, Find the connected app and select Manage.
Click the Edit Policies button.
Under OAuth Policies select Admin approved users are pre-authorized.
Select Save.

Approved users

Identify users that can use the app. You can do it by adding Profiles to the Application Profile Assignment list.

On the connected app page, go to Profiles > Manage Profiles.
Add profiles that can use the connected app. Note: Later, any username from these profiles can be used as the Subject when configuring the extension.

Profiles need the following permissions for event streaming:

General user permissions
- View Real-Time Event Monitoring Data
Administrative permissions
- Customize Application
- View All Data

To check the needed permissions documentation, see how to Enable Access to Real-Time Event Monitoring.

A regular Salesforce user with the permissions for the desired configuration (Event Streaming, Event Log File or SOQL).
The password for the user.
The security token for the user.

Note that this option is not recommended as user passwords and security tokens can change, it is usually used just to test the extension.

For Client ID authentication, select Enable Client Credentials Flow in the Connected App or the External Client App settings, and provide the Consumer Key and Consumer Secret.

You will also need to select a user to run the app as. Do this under App Manager > Manage > Edit Policies > Client Credentials Flow > Run As.

Note that this is not as secure as a Connected App with a certificate.

Enable extension

To enable the Salesforce Extension, you must have an Environment ActiveGate.

Find the extension in Hub and activate it.
Select Add monitoring configuration on the Configuration page.
Select an ActiveGate group.
- One of these servers will need to access the salesforce API, which is publicly available.
- The login URLs are: https://login.salesforce.com or https://test.salesforce.com
- The Pub/Sub endpoints are: api.pubsub.salesforce.com:7443 or api.deu.pubsub.salesforce.com:7443
- A proxy can be configured later if necessary.

The parameters for the monitoring configuration

Parameter	Description
Endpoint name	Choose a helpful name to identify the endpoint
Login URL	Choose from Production or Sandbox
Pub/Sub URL	Choose from Global Endpoint or Europe (Frankfurt) Endpoint
Reporting Mode	Business Events, Logs, OpenKit (RUM)
Custom Application ID	The Dynatrace Custom Application ID for the app you created before(only needed if a managed environment is used and OpenKit is used as reporting mode.)
Authentication type	Choose from username and password or connected app
Events filtering	Choose which real-time events you'd like to send to Dynatrace, by default all are enabled
Usernames Blocklist	Optional list of Usernames to ignore; use this to block automation/API users from reporting
Proxy	Optional proxy; in case the ActiveGate cannot connect to the Salesforce URLs

OpenKit

If you use OpenKit, we recommend starting with the Custom Application setup.

Salesforce Data Ingest

Choose one of the three data ingest methods based on your monitoring needs.

Capture real-time events from Salesforce and send them as Business Events to Dynatrace.

RUM ingest should only be used on Managed Environments.

Enable Real-time event Streaming.
In Setup > Event Manager, enable Streaming Data for the events you want to capture.
Obtain the credentials needed for the extension to connect to Salesforce.

Enable use cases such as:

Track Session Hijack, Credential Stuffing and Anomaly Events
Track important permission sets and changes
What are the slowest Lightning or Classic pages response times?
What files are being uploaded, downloaded, and by which user?
What are the most used reports, who is running them, what queries are being used?
What are the top API Queries being made?
What browsers are users using?
Where is Salesforce being accessed from?
How many users are using the platform currently, what is the user experience?

For a detailed description of every event and their properties, see the Salesforce documentation.

Currently captured events

Events	Description
ApiAnomalyEvent	Track anomalies in how users make API calls.
ApiEventStream	Track user API queries in your organization.
BulkApiResultEvent	Track when a user downloads the results of a Bulk API request.
ConcurLongRunApexErrEvent	Track when a Concurrent Long Running Apex error has occurred.
CredentialStuffingEvent	Track when a user successfully logs in to Salesforce during an identified credential stuffing attack.
FileEvent	Track file activity. For example, track when a user downloads or previews a file.
LightningUriEventStream	Track when a user creates, accesses, updates, or deletes a record in Salesforce Lightning.
ListViewEventStream	Track when a user accesses data with list views.
LoginAsEventStream	Track when an admin logs into your organization as another user.
LoginEventStream	Track when a user logs in to your organization.
LogoutEventStream	Track when a user logs out in the Salesforce UI.
PermissionSetEvent	Track when users are assigned the Modify All Data or View All Data permission through a permission set.
ReportAnomalyEvent	Track anomalies in how users run or export reports.
ReportEventStream	Track when a user accesses or exports data with reports.
SessionHijackingEvent	Track when an unauthorized user gains ownership of a Salesforce user’s session with a stolen session identifier.
UriEventStream	Track when a user creates, accesses, updates, or deletes a record in Salesforce Classic.

The extension is limited to events that Salesforce produces as Real-Time Events.

Choose your reporting mode for Event Streaming data:

Business Events

For business events, all data is ingested using the business events API.

It can be queried using DQL:

fetch bizevents
| filter event.type == "salesforce.ApiEventStream"

Visualization of a query result

img.png

Each of the events of type salesforce.NameOfTheEvent will have all properties documented by Salesforce. For instance, see the properties for an ApiEventStream.

So we can create visualizations using all of these properties.

fetch bizevents
| filter event.type == "salesforce.ApiEventStream"
| summarize count(), by: {SourceIp}

Visualization of a query result

img.png

You can get a list of all event types with DQL:

fetch bizevents
| filter event.provider == "https://dynatrace--staging.sandbox.my.salesforce.com"
| summarize count(), by: {event.type}

Visualization of a query result

img.png

Example: Get logins by user overtime

fetch bizevents
| filter event.type == "salesforce.LoginEventStream"
| makeTimeseries logins=count(), by:{Username}, interval: 5m
| sort logins desc

Visualization of a query result

img.png

OpenKit

To create a custom application to receive the data:

In Hub, see Digital Experience Monitoring section. Then, select Generic front end > Set up.
Create your custom application—name it and choose an icon.
Select Monitor custom application.

custom-app-01

In the Custom application settings, go to Instrumentation wizard and save the Application ID for later.

custom-app-02

Now you can enable the extension. For details, go back to the #enable-extension section.

The data is sent to the Frontend application that you created, so you can access:

Sessions Details
The individual properties, by selecting User Action > Perform waterfall analysis

To use these properties in User Sessions Query Language:

In the application settings, go to Session and user action properties.
Create a property. Note: the Name must match exactly the property name, see Salesforce events.

Example: Capture the rows number

salesforce-data-04

Querying the property:

SELECT useraction.name, SUM(longProperties.rowsprocessed) FROM useraction WHERE useraction.name STARTSWITH "Report" GROUP BY useraction.name

salesforce-data-05

EventLogFile

Capture event log files from Salesforce and ingest them as logs to Dynatrace.

EventLogFile needs to be enabled in Salesforce.
The user must have set permissions to read event log files.

Details

Create a new EventLogFile configuration by selecting Configure EventLogFile.
Note that under Events to capture all the different Log Files will be disabled by default.
Select which log files you would like to ingest.

Do not expect real-time data out of this configuration. Event Log data is delayed by several hours in Salesforce.

Visualization

The events are sent as Log Events to Dynatrace, and can be queries using DQL:

fetch logs
| filter query.type == "EventLogFile"

Visualization of a query result

img.png

Every property for a certain Event Log File will be available.
To find fields details, see EventLogFile Supported Event Types.

Example

Get details about ApexExecution events:

fetch logs
| filter EVENT_TYPE == "ApexExecution"
| fields TIMESTAMP_DERIVED, ENTRY_POINT, EXEC_TIME, CPU_TIME, DB_TOTAL_TIME, NUMBER_SOQL_QUERIES

Visualization of a query result

img.png

API Queries (SOQL)

Run SOQL queries against Salesforce and ingest the data as logs or Business Events. The user must have permissions to query the Salesforce API, and read the Objects that are being queried.

Details

To ingest Salesforce Object Query Language (SOQL) data into Dynatrace,

Select Configure API queries.
Add up to 100 SOQL queries to be executed at the specified interval. Each query has the following parameters:
- Query Name—A name for the query that will help you locate this query data later in Dynatrace Logs.
- Query—The SOQL query to be executed.
  - The query must contain at least one datetime field.
  - The placeholder {last_execution_timestamp} must be used to filter the query results and deduplicate the data.
  - Example: SELECT Id, CreatedDate, Field, NewValue, OldValue FROM OpportunityFieldHistory WHERE CreatedDate > {last_execution_timestamp}
- Frequency
  - The frequency can be of type Interval or Cron.
  - Interval—The query will be every X minutes.
  - Cron—The query will be executed based on the cron expression provided, you can use crontab guru to generate the cron expression.

Visualization

Let's consider this query configuration:

Query Name: Logins
Query: SELECT UserId, COUNT(Id) from LoginHistory WHERE LoginTime > {last_execution_timestamp} GROUP BY UserId

img.png

The results can be obtained with the DQL:

fetch logs
| filter query.name == "Logins"

Visualization of a query result

img.png

And a chart could be created with:

fetch logs
| filter query.name == "Logins"
| makeTimeseries sum(toDouble(expr0)), by: {UserId}, interval: 5m

Visualization of a query result

img.png

You can also fetch all the queries and their text configured for this Salesforce instance:

fetch logs
| filter event.provider == "https://dynatrace--staging.sandbox.my.salesforce.com"
| summarize count(), by: {query.name}

Visualization of a query result

img.png

Platform Events

Subscribe to custom Salesforce Platform Events and ingest them as Business Events to Dynatrace.

Details

To ingest Salesforce Platform Events into Dynatrace:

Select Configure Platform Events.
Add the topics you want to subscribe to. Topics follow these formats:
- Custom Platform Events: /event/YourCustomEvent__e
- Standard Platform Events: /event/LoginEventStream, /event/LogoutEventStream
- Change Data Capture: /data/ChangeEvents, /data/AccountChangeEvent
Configure authentication using one of the supported methods (Connected App, User and Password, or Client ID).

Use Cases

Enable use cases such as:

Monitor custom business processes and workflows
Track changes to critical Salesforce objects with Change Data Capture
Integrate with external systems using custom Platform Events
Build real-time dashboards and alerts based on Salesforce events
Correlate Salesforce events with other observability data

Visualization

Platform Events are sent as Business Events to Dynatrace and can be queried using DQL:

fetch bizevents
| filter event.type == "salesforce.YourCustomEvent__e"

Example: Query all Platform Events from a Salesforce instance

fetch bizevents
| filter event.provider == "https://yourinstance.my.salesforce.com"
| summarize count(), by: {event.type}

Each Platform Event will include all custom fields defined on the event, making them available for filtering, grouping, and visualization.

Extend the retention period for Salesforce Insights data

By default, your ingested data is stored for 30 days. You can adjust the retention time by creating a custom bucket.

To create a custom bucket for a Salesforce event

In Dynatrace, go to Settings > Business Observability > Bucket assignment.
On the Business event bucket assignment page, select Add rule and name your rule.
In the Bucket field, choose your retention period.
Add a Matcher to your rule by typing or pasting your matcher-specific DQL query. Events that match your rule will be assigned to your selected bucket. If no rules match, events will be assigned to the default bucket. To assign all your Salesforce events to your bucket, you need to use the matcher containing the matchesValue function and your Salesforce URL, as in the example below.
```
matchesValue(event.provider, "https://environment.my.salesforce.com")
```
Select Save changes.

Troubleshooting

Error logs can be obtained via Dynatrace, by navigating to the Extension page, and selecting Status for each monitoring configuration.

Detailed logs can be obtained by creating an ActiveGate Diagnosis.