Laserfiche WebLink
SOLICITATION # CH16012 <br />organization's applications and data, which in turn can be a critical tool in diagnosing potential or <br />real security issues. Auditing features include: <br />Record Modification Fields - All objects include fields to store the name of the user who created <br />the record and who last modified the record. This provides some basic auditing information. <br />Login History - You can review a list of successful and failed login attempts to your organization for <br />the past six months within Salesforce. <br />Field History Tracking - You can also enable auditing for individual fields, which will automatically <br />track any changes in the values of selected fields. Although auditing is available for all custom <br />objects, only some standard objects allow field -level auditing. <br />Setup Audit Trail - Administrators can also view a Setup Audit Trail for the past six months within <br />Salesforce, which logs when modifications are made to your organization's configuration. This trail <br />can be downloaded into Excel or as a csv file. <br />While the Login History and Setup Audit Trail are available for six months within Salesforce, audit <br />trails can be downloaded and stored locally to meet longer audit log retention requirements. <br />Detailed application logs can be used for forensics investigations by customers. These logs are <br />stored for 12 months and are available for a fee. <br />Event Monitoring (Additional License Option) <br />In addition to Salesforce's core auditing capabilities, Salesforce also offers Event Monitoring as an <br />additional license option. Your Agency can use event monitoring to discover how often and at what <br />times your users are logging in to and out of your organization. This includes insight into what <br />Salesforce applications are being adopted by users, who is logging in and from where, what pages <br />users are viewing, what reports users are running and exporting and other aspects of application <br />usage. This capability helps you discriminate between valid and invalid login requests and also <br />track user login patterns for future reference. Not only can your Agency now better understand <br />how your apps are being utilized, you can also monitor if users download large amounts of data <br />that might put your agency at risk. In addition, your Agency can also determine if an employee is <br />unnecessarily downloading sensitive customer/citizen information, pinpointing the exact time and <br />location of that event. Event Monitoring is delivered as an API -first feature and there are <br />Salesforce partners with visualization tools available. <br />Use the SOAP API and REST API resources to retrieve event log files that contain information <br />useful for assessing organizational usage trends and user behavior. Because event log files are <br />accessed through the Force.com SOAP API and REST API, you can integrate log data with your <br />own back -end storage and data marts so that you can correlate data from multiple organizations <br />and across disparate systems easily. When using event monitoring, keep the following in mind: <br />- In the unlikely case where no log files are generated for 24 hours, contact Salesforce. <br />- Log data is read-only. You can't insert, update, or delete log data. <br />- Use the EventType field to determine which files were generated for your organization <br />- LogDate tracks usage activity for a 24-hour period, from 12:00 a.m. to 11:59 p.m. UTC time. <br />- An event generates log data in real time. However, log files are generated the day after an event <br />takes place, during nonpeak hours. Therefore, log file data is unavailable for at least one day after <br />an event. <br />- CreatedDate tracks when the log file was generated. <br />carahsoft 73 carahsoft <br />