Skip to content

Commit 698b96a

Browse files
srikarshastrySrikar Shastry
srikarshastry
and
Srikar Shastry
authored
[SalesForceEventLogConnector] - add support for missing events and username-password oauth2 (#14144)
Co-authored-by: Srikar Shastry <Srikar.Sistla@microsoft.com>
1 parent a452904 commit 698b96a

9 files changed

Lines changed: 8521 additions & 1404 deletions

Solutions/Salesforce Service Cloud/Data Connectors/SalesforceSentinelConnector_CCP/SalesforceServiceCloud_DCR.json

Lines changed: 957 additions & 1 deletion
Large diffs are not rendered by default.

Solutions/Salesforce Service Cloud/Data Connectors/SalesforceSentinelConnector_CCP/SalesforceServiceCloud_DataConnectorDefinition.json

Lines changed: 158 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -64,49 +64,176 @@
6464
"instructionSteps": [
6565
{
6666
"title": "Connect to Salesforce Service Cloud API to start collecting event logs in Microsoft Sentinel",
67-
"description": "Be advised you must have an active [Salesforce Shield Event Monitoring](https://help.salesforce.com/s/articleView?id=sf.salesforce_shield) license in order to successfully connect this data connector. If you have this license, proceed.\n\nFollow [Create a Connected App in Salesforce for OAuth](https://help.salesforce.com/s/articleView?id=platform.ev_relay_create_connected_app.htm&type=5) and [Configure a Connected App for the OAuth 2.0 Client Credentials Flow](https://help.salesforce.com/s/articleView?id=xcloud.connected_app_client_credentials_setup.htm&type=5) to create a Connected App with access to the Salesforce Service Cloud API. Through those instructions, you should get the Consumer Key and Consumer Secret.\n For Salesforce Domain name, Go to Setup, type My Domain in the Quick Find box, and select My Domain to view your domain details. Make sure to enter the domain name without a trailing slash (e.g., https://your-domain.my.salesforce.com). Fill the form below with that information.",
67+
"description": "Follow [Create a Connected App in Salesforce for OAuth](https://help.salesforce.com/s/articleView?id=platform.ev_relay_create_connected_app.htm&type=5) and [Configure a Connected App for the OAuth 2.0 Client Credentials Flow](https://help.salesforce.com/s/articleView?id=xcloud.connected_app_client_credentials_setup.htm&type=5) to create a Connected App with access to the Salesforce Service Cloud API. Through those instructions, you should get the Consumer Key and Consumer Secret.\n For Salesforce Domain name, Go to Setup, type My Domain in the Quick Find box, and select My Domain to view your domain details. Make sure to enter the domain name without a trailing slash (e.g., https://your-domain.my.salesforce.com). Fill the form below with that information.",
6868
"instructions": [
6969
{
70-
"type": "Textbox",
70+
"type": "DataConnectorsGrid",
7171
"parameters": {
72-
"label": "Salesforce Domain Name",
73-
"placeholder": "Salesforce Domain Name",
74-
"type": "text",
75-
"name": "salesforceDomainName",
76-
"validations": {
77-
"required": true
78-
}
79-
}
80-
},
81-
{
82-
"type": "Dropdown",
83-
"parameters": {
84-
"label": "Log Collection Interval",
85-
"name": "queryType",
86-
"options": [
72+
"mapping": [
8773
{
88-
"key": "SELECT Id,EventType,LogDate,Interval,CreatedDate,LogFile,LogFileLength FROM EventLogFile WHERE Interval='Hourly' and CreatedDate>{_QueryWindowStartTime} and CreatedDate<{_QueryWindowEndTime}",
89-
"text": "Hourly"
74+
"columnName": "Salesforce Domain",
75+
"columnValue": "properties.addOnAttributes.SalesforceDomain"
9076
},
9177
{
92-
"key": "SELECT Id,EventType,LogDate,CreatedDate,LogFile,LogFileLength FROM EventLogFile WHERE CreatedDate>{_QueryWindowStartTime} and CreatedDate<{_QueryWindowEndTime}",
93-
"text": "Daily"
78+
"columnName": "Grant Type",
79+
"columnValue": "properties.addOnAttributes.GrantType"
9480
}
9581
],
96-
"placeholder": "Select an interval type",
97-
"isMultiSelect": false,
98-
"required": true
82+
"menuItems": [
83+
"DeleteConnector"
84+
]
9985
}
10086
},
10187
{
102-
"type": "OAuthForm",
88+
"type": "ContextPane",
10389
"parameters": {
104-
"clientIdLabel": "Consumer Key",
105-
"clientSecretLabel": "Consumer Secret",
106-
"clientIdPlaceholder": "Enter Connected App Consumer Key",
107-
"clientSecretPlaceholder": "Enter Connected App Consumer Secret",
108-
"connectButtonLabel": "Connect",
109-
"disconnectButtonLabel": "Disconnect"
90+
"isPrimary": true,
91+
"label": "Add Connection",
92+
"title": "Configure API Connection",
93+
"subtitle": "Connect to Salesforce to ingest event log file",
94+
"contextPaneType": "DataConnectorsContextPane",
95+
"instructionSteps": [
96+
{
97+
"instructions": [
98+
{
99+
"type": "InfoMessage",
100+
"parameters": {
101+
"text": "**Note:** For legacy or classic setup, ensure that the security token is appended to your password for the password-based grant type authentication to work. For lightning, passing just the password should work. For more information, refer to the [OAuth 2.0 Username-Password Flow for Special Scenarios](https://help.salesforce.com/s/articleView?id=xcloud.remoteaccess_oauth_username_password_flow.htm&type=5).",
102+
"visible": true,
103+
"inline": true
104+
}
105+
},
106+
{
107+
"type": "Textbox",
108+
"parameters": {
109+
"label": "Salesforce Domain Name",
110+
"placeholder": "Example: https://your-domain.my.salesforce.com",
111+
"type": "text",
112+
"name": "salesforceDomainName",
113+
"validations": {
114+
"required": true
115+
}
116+
}
117+
},
118+
{
119+
"type": "Dropdown",
120+
"parameters": {
121+
"label": "Log Collection Interval",
122+
"name": "queryType",
123+
"options": [
124+
{
125+
"key": "SELECT Id,EventType,LogDate,Interval,CreatedDate,LogFile,LogFileLength FROM EventLogFile WHERE Interval='Hourly' and CreatedDate>{_QueryWindowStartTime} and CreatedDate<{_QueryWindowEndTime}",
126+
"text": "Hourly"
127+
},
128+
{
129+
"key": "SELECT Id,EventType,LogDate,CreatedDate,LogFile,LogFileLength FROM EventLogFile WHERE CreatedDate>{_QueryWindowStartTime} and CreatedDate<{_QueryWindowEndTime}",
130+
"text": "Daily"
131+
}
132+
],
133+
"placeholder": "Select an interval type",
134+
"isMultiSelect": false,
135+
"required": true
136+
}
137+
},
138+
{
139+
"type": "Radio",
140+
"parameters": {
141+
"title": "Grant Type",
142+
"name": "salesforceGrantType",
143+
"validations": {
144+
"required": true
145+
},
146+
"options": [
147+
{
148+
"label": "Client Credentials",
149+
"value": "client_credentials",
150+
"instructions": [
151+
{
152+
"type": "Textbox",
153+
"parameters": {
154+
"label": "Consumer Key",
155+
"placeholder": "Enter Connected App Consumer Key",
156+
"type": "text",
157+
"name": "clientId",
158+
"validations": {
159+
"required": true
160+
}
161+
}
162+
},
163+
{
164+
"type": "Textbox",
165+
"parameters": {
166+
"label": "Consumer Secret",
167+
"placeholder": "Enter Connected App Consumer Secret",
168+
"type": "password",
169+
"name": "clientSecret",
170+
"validations": {
171+
"required": true
172+
}
173+
}
174+
}
175+
]
176+
},
177+
{
178+
"label": "Password",
179+
"value": "password",
180+
"instructions": [
181+
{
182+
"type": "Textbox",
183+
"parameters": {
184+
"label": "Consumer Key",
185+
"placeholder": "Enter Connected App Consumer Key",
186+
"type": "text",
187+
"name": "clientId",
188+
"validations": {
189+
"required": true
190+
}
191+
}
192+
},
193+
{
194+
"type": "Textbox",
195+
"parameters": {
196+
"label": "Consumer Secret",
197+
"placeholder": "Enter Connected App Consumer Secret",
198+
"type": "password",
199+
"name": "clientSecret",
200+
"validations": {
201+
"required": true
202+
}
203+
}
204+
},
205+
{
206+
"type": "Textbox",
207+
"parameters": {
208+
"label": "Username",
209+
"placeholder": "Enter your Salesforce username",
210+
"type": "text",
211+
"name": "username",
212+
"validations": {
213+
"required": true
214+
}
215+
}
216+
},
217+
{
218+
"type": "Textbox",
219+
"parameters": {
220+
"label": "Password",
221+
"placeholder": "Enter your Salesforce password",
222+
"type": "password",
223+
"name": "password",
224+
"validations": {
225+
"required": true
226+
}
227+
}
228+
}
229+
]
230+
}
231+
]
232+
}
233+
}
234+
]
235+
}
236+
]
110237
}
111238
}
112239
]

Solutions/Salesforce Service Cloud/Data Connectors/SalesforceSentinelConnector_CCP/SalesforceServiceCloud_PollingConfig.json

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,9 @@
99
"type": "OAuth2",
1010
"ClientId": "[[parameters('clientId')]",
1111
"ClientSecret": "[[parameters('clientSecret')]",
12-
"GrantType": "client_credentials",
12+
"UserName": "[[if(equals(parameters('salesforceGrantType'), 'password'), parameters('username'), '')]",
13+
"Password": "[[if(equals(parameters('salesforceGrantType'), 'password'), parameters('password'), '')]",
14+
"GrantType": "[[parameters('salesforceGrantType')]",
1315
"TokenEndpoint": "[[concat(parameters('salesforceDomainName'),'/services/oauth2/token')]",
1416
"TokenEndpointHeaders": {
1517
"Accept": "application/json",
@@ -18,7 +20,7 @@
1820
"TokenEndpointQueryParameters": {}
1921
},
2022
"request": {
21-
"apiEndpoint": "[[concat(parameters('salesforceDomainName'),'/services/data/v65.0/query')]",
23+
"apiEndpoint": "[[concat(parameters('salesforceDomainName'),'/services/data/v66.0/query')]",
2224
"httpMethod": "GET",
2325
"rateLimitQPS": 10,
2426
"queryWindowInMin": 10,
@@ -81,6 +83,10 @@
8183
"streamName": "Custom-SalesforceServiceCloudV2_CL",
8284
"dataCollectionEndpoint": "{{dataCollectionEndpoint}}",
8385
"dataCollectionRuleImmutableId": "{{dataCollectionRuleImmutableId}}"
86+
},
87+
"addOnAttributes": {
88+
"SalesforceDomain": "[[parameters('salesforceDomainName')]",
89+
"GrantType": "[[if(equals(parameters('salesforceGrantType'), 'client_credentials'), 'Client Credentials', 'Password')]"
8490
}
8591
}
8692
}

0 commit comments

Comments
 (0)