Parsers and collectors / Collectors / Salesforce collector

Salesforce collector

Service description

Salesforce is a customer relationship management solution that brings companies and customers together. It's an integrated CRM platform that gives all the departments, including marketing, sales, commerce, and service. This Salesforce collector provides the possibility to integrate Salesforce with Devo in order to easily send data to the Devo platform or customizing it by, for example, making your own Activeboards.

This collector works only with the Enterprise, Performance, Unlimited, Developer, and Database Salesforce editions. Make sure that you have one of the listed editions if you want to use the collector.

Data source description

The Salesforce collector retrieves data from the following “Salesforce Objects“ (also known as SObjects). The collector processes the Salesforce API responses and sends them to the Devo platform, which will categorize all the information received on specific tables on your Devo domain.

Salesforce resources

Listed in the table below are the SObject names, details, and to which tables Devo sends the data:

SObject name / Service	Details	Devo data tables
Account	Represents an individual account, which is an organization or person involved with your business (such as customers, competitors, and partners).	crm.salesforceobjects.account
Case	Represents a case, which is a customer issue or problem.	crm.salesforceobjects.case
ContentVersion	Represents a specific version of a document in Salesforce CRM Content or Salesforce Files.	crm.salesforceobjects.contentversion
Dashboard	Represents a dashboard, which shows data from custom reports as visual components.	crm.salesforceobjects.dashboard
LoginHistory	Represents the login history for all successful and failed login attempts for organizations and enabled portals.	crm.salesforceobjects.loginhistory
Opportunity	Represents an opportunity, which is a sale or pending deal.	crm.salesforceobjects.opportunity
Report	Represents a report, a set of data that meets certain criteria, displayed in an organized way.	crm.salesforceobjects.report
User	Represents a user in your organization.	crm.salesforceobjects.users
EventLogFiles	Represents event log files for event monitoring.	crm.salesforceobjects.eventlogfiles If file processing is enabled: crm.salesforce crm.salesforce.<event_type> The third level of the tag (event_type) will be automatically assigned according to the type of event sent. For more information about the available EventLogFiles event_types, visit this link. The event_types in the tag will be always in lowercase and without spaces.

For more info about Salesforce SObjects, visit the Salesforce Reference.

Setup

The Salesforce collector works over the Salesforce API. You need to enable the API in your Salesforce account to allow the collector to get the data and make sure you have the required permissions.

Enable API access on the account

Log in to your Salesforce account.
Click the gear icon and select Service Setup.
Open the Users section in the left tree and select Users. In this section, search your user and click your user profile.
In the profile screen, click Edit.
Scroll down to Administrative Permissions and search for the API Enabled checkbox. Check it and save the changes.

Authentication

The Salesforce collector supports User/Password and OAuth2 authentication methods.

Getting credentials (User/Password)

This method needs a username, password, and a security token.

Usually, all come together in the same mail when the user creates a Salesforce account. However, if the security token does not come in the mail or you can not find it, follow the next steps to obtain a new one:

Log in to your Salesforce account with the user to be used.
Click the user icon at the top right of the screen and select Settings.
Open the Users section in the left tree and select Users.
In the left menu, go to the My personal information section and select Reset my security token.
On this screen, click Reset Security Token. You will receive a mail with the new security token.

Getting credentials (OAuth2)

To enable OAuth2 authentication, you need to create a Connected App and obtain the client_id, client_secret, and redirect_uri to use it.

You may implement OAuth2 in two different ways for this collector:

Using all the parameters (username, password, security_token, client_id, client_secret, and redirect_uri) to automatically authorize the OAuth2 client to access the information.
Authorizing the OAuth client manually, so you will only need the client_id, client_secret, and the access token file obtained with the following script.

Log in to your Salesforce account.
Click the gear icon and select Service Setup.
Type Apps in the left search bar, then click App Manager and create a new Connected App.
Fill all the mandatory fields, check the Enable OAuth settings option and fill the new fields as shown in the following capture:
Save the changes and note down the client_id (Consumer Key), client_secret (Consumer Secret), and redirect_uri (Callback URL)

To get the access token file, we need to execute this script and follow these steps.

In order to execute the access_token file generation script, you need the following Python 3.6 (or above) dependencies installed:

click 7.1.2 (or above)
requests 2.25.1 (or above)
JSON (normally comes by default in the python standard library)
urllib (normally comes by default in the python standard library)
webbrowser (normally comes by default in the python standard library)

Execute the script using the following command:
```
python salesforce_access_token_generator.py --client_id <salesforce_client_id> --client_secret <salesforce_client_secret> --redirect_uri <salesforce_client_uri>
```
This script will open your predefined browser to log in to Salesforce and authorize the client in your Salesforce domain, and will redirect to other URL like in the following image:
.
Now, copy the URL and paste it in the terminal where you have executed the script. Press ENTER and the script will finalize the token file creation. Then, you should see an access_token.json file in the same directory as the script.
Finally, paste the access token file in the credentials folder of the collector structure.

Minimum permissions

In order to get the required data, your user must have some minimal permissions. The user must be under a Salesforce user license and we need to provide the standard user profile for almost all services/SObjects (with some exceptions) after enabling the API access.

The special permissions required for each SObject are specified below:

LoginHistory and Users	We can use a profile inherited from the standard user. To add the missing permissions, we just need to enable the Manage Users permission in the user’s profile.
EventLogFiles	We can use a profile inherited from the standard user. To add the missing permissions, we just need to enable the View Event Log Files permission in the user’s profile.

Run the collector

This data collector can be run in any machine that has the Docker service available because it should be executed as a docker container. The following sections explain how to prepare all the required setup for having the data collector running.

Structure

The following directory structure should be created for being used when running the Salesforce collector:

<any_directory>
└── devo-collectors/
    └── salesforce/
        ├── certs/
        │   ├── chain.crt
        │   ├── <your_domain>.key
        │   └── <your_domain>.crt
        ├── credentials/
        │ └── access_token.json
        └── config/ 
            └── config-salesforce.yaml

Devo credentials

In Devo, go to Administration → Credentials → X.509 Certificates, download the Certificate, Private key and Chain CA and save them in <any directory>/devo-collectors/salesforce/certs. Learn more about security credentials in Devo here.

Editing the config-salesforce.yaml file

In the config-salesforce.yaml file, replace the <username>, <password>, and <security_token> values and enter the ones that you got in the previous steps. In the <short_unique_identifier> placeholder, enter the value that you choose.

config-salesforce.yaml

globals:
  debug: false
  id: not_used
  name: salesforce
  persistence:
    type: filesystem                                               # File system persistence ON
    config:
      directory_name: state                                        # Directory where the persistence will be saved in case of using filesystem
outputs:
  devo_1:                                                          # Cloud Devo config EU (for US use us.elb.relay.logtrust.net)
    type: devo_platform
    config: 
      address: eu.elb.relay.logtrust.net
      port: 443
      type: SSL
      chain: chain.crt
      cert: <your_domain>.crt
      key: <your_domain>.key
inputs:
  salesforce:
    id: <short_unique_identifier>                                 # The value of this field will be used internally for having independent persistence areas
    enabled: true
    requests_per_second: 5                                        # Setup how many request API por second
    credentials:                                                  # Check the credentials section in the documentation to know which fields are necessary for your authentication method
      username: <salesforce_user_value>                           # Salesforce User
      password: <salesforce_password_value>                       # Salesforce Password
      security_token: <salesforce_security_token_value>           # Salesforce user's security token
      client_id: <oauth_client_id>                                # Salesforce OAuth client id
      client_secret: <oauth_client_secret>                        # Salesforce OAuth client secret
      redirect_uri: <oauth_redirect_uri>                          # Salesforce OAuth client redirect uri
      access_token_filename: access_token.json                    # Salesforce OAuth access token file. Default value "access_token.json". If not present, uses access_token.json too
      salesforce_domain: login                                    # OPTIONAL. Salesforce domain field. Default value "login". If not present, uses login too
    services:                                                     # Services available for this collector
      custom_1:
        request_period_in_seconds: 86400                          # Setting up time interval between API requests. 300 sec is recommended. With snapshot mode enabled is recommended a high request period, as in the sample.
        sobject_name: User # Samples: Account, User, Case, ...
        key: LastModifiedDate                                     # Field used to filter data, must be datetime field
        fields:                                                   # SObject fields to retrieve. All default fields will be retrieved in supported SObjects
          - Id
          - LastModifiedById
          - LastModifiedDate
          - Name
        tag: my.app.salesforce.sample                             # Custom tag if want to retrieve data to not common tables
        snapshot_mode: true                                       # This field has priority over start_time. Retrieve ALL existing data in each iteration
      Account:
        request_period_in_seconds: 300
        key: LastModifiedDate
        custom_fields:
          - Id
          - LastModifiedById
          - LastModifiedDate
          - Name
        start_time: '2020-07-14T00:00:00Z'                        # As str Year-Month-DayTHour-Min-Sec. Unnecessary field if snapshot_mode is true
      EventLogFile:                                               # Special SObject, if used as others, only retrieve generig data from the EventLogFile SObjects
        process_results:                                          # OPTIONAL. Field used to process all received files in the crm.salesforce.<event_types> tables
          enabled: true
          compress: false                                         # OPTIONAL. Request compressed files to reduce the bandwith usage. Frequently this field is not needed
        start_time: '2020-07-14T00:00:00Z'

The start_time fields are optional if you would like to establish any value, follow the format 9999-12-30T00:00:00Z
The key field must be a timestamp field type (it will be used for internal comparations).
The tag field is optional, if the field does not exist, the collector will use the default tagging target.
Make sure that the added values in fields and custom fields are correctly written, otherwise, the collector will return an error.

If you need to use a custom tag for generated messages, it can be done using the property tag inside any of the available services. For example tag: my.app.salesforce.{service_name}

Download the Docker image

The collector should be deployed as a Docker container. Click here to download the Docker image of the collector as a .tgz file.

Use the following command to add the Docker image to the system:

gunzip -c collector-salesforce-docker-image-<version>.tgz | docker load

Once the Docker image is imported, it will show the real name of the Docker image (including version info). Replace "<version>" with a proper value.

The Docker image can be deployed on the following services:

Docker
Docker Compose

Docker

Execute the following command on the root directory <any_directory>/devo-collectors/salesforce/

docker run \
--name collector-salesforce \
--volume $PWD/certs:/devo-collector/certs \
--volume $PWD/config:/devo-collector/config \
--volume $PWD/state:/devo-collector/state \
--env CONFIG_FILE=config-salesforce.yaml \
--rm -it docker.devo.internal/collector/salesforce:<version>

Replace <version> with a proper value.

Docker Compose

The following Docker Compose file can be used to execute the Docker container. It must be created in the <any_directory>/devo-collectors/salesforce/ directory.

docker-compose.yaml

version: '3'
services:
  collector-salesforce:
    build:
      context: .
      dockerfile: Dockerfile
    image: docker.devo.internal/collector/salesforce:${IMAGE_VERSION:-latest}
    container_name: collector-salesforce
    volumes:
      - ./certs:/devo-collector/certs
      - ./config:/devo-collector/config
      - ./state:/devo-collector/state
    environment:
      - CONFIG_FILE=${CONFIG_FILE:-config-salesforce.yaml}

To run the container using docker-compose, execute the following command from the <any_directory>/devo-collectors/salesforce/ directory:

IMAGE_VERSION=<version> docker-compose up -d

Labels

latest

Download as PDF