"Users: WE KNOW THEM" – The ELF at Salesforce

Transcript

1. 1 Abhishek Sreenivasa Software Engineer Users: WE KNOW THEM' -

   The ELF @ Salesforce Adam Torman Product Manager @atorman http://www.salesforcehacker.com

2. 2 What we’re going to cover •  Who we are

   •  Why we built Event Monitoring •  What problem we ran into that required Elastic Stack •  The history of the project •  A demonstration of the kibana dashboards •  A demonstration of the docker setup •  A lower level drill down into key code aspects - blockers people would encounter if they didn't know salesforce •  Roadmap and Conclusion Who does what and when

3. 3 Forward Looking Statement Statement under the Private Securities Litigation

   Reform Act of 1995: This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results expressed or implied by the forward-looking statements we make. All statements other than statements of historical fact could be deemed forward- looking, including any projections of subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services. The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for our service, our new business model, our past operating losses, possible fluctuations in our operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the immature market in which we operate, our relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, our limited history reselling non-salesforce.com products, and utilization and selling to larger enterprise customers. Further information on potential factors that could affect the financial results of salesforce.com, inc. is included in our annual report on Form 10-K for the fiscal year ended January 31, 2009 and our other filings. These documents are available on the SEC Filings section of the Investor Information section of our Web site. Any unreleased services or features referenced in this or other press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently available. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements.

4. 4 4 Who are we?

5. 2013 • 2014 • 2015 2008 • 2009 • 2010

   2011 • 2012 • 2013 2014 • 2015 2011 • 2012 2013 • 2014 2015 Most innovative companies in the world $1.6B Q2 FY16 revenue 17K Employees 6th Largest Software Company in the World Today

6. 6 The Connected Customer Everything and everyone is connected IoT

   Data Science Social Mobile Cloud LAN/WAN Client Server SNA Mainframe Terminal Millions Thousands Billions connected things of customer interactions Trillions

7. 7 Why Salesforce We  are  focused  on  our  customers’  

   success,  helping  them  be7er   connect  to  and  serve  their   customers   37% increase in customer revenue growth

8. 8 8 Why we built Event Monitoring

9. 9 App Cloud: A Whole New Way to Connect Connect

   every customer, employee, and partner with apps •  Clicks and Code •  Build once run everywhere •  Trusted Enterprise Cloud •  Proven Success and Scale AppExchange Trailhead Shared Data, Networks, and Identity Across Services FORCE HEROKU ENTERPRISE THUNDER LIGHTNING Ø 5.5M apps Ø 2.4M developers Ø 3.5B daily transactions

10. 10 The Customer Success Platform Connects Everything Share data and

    take action across all apps AppExchange  Apps   Pre-built apps that run on App Cloud Service   Sales   Marke?ng   Community   Analy?cs   Salesforce  Apps   Apps we build and maintain Your  Apps   Apps you build on App Cloud Shared Identity, Network, and Data API

11. 11 Gartner Named Salesforce as a Magic Quadrant Leader Enterprise

    and Mobile App Development Platforms Magic Quadrant for Enterprise Application Platform as a Service, Worldwide March 24, 2015 Analysts:  Yefim  Na?s,  Massino  Pezzini,  Kimihiko  Iijima,  Anne  Thomas,  Rob  Dunie   Analysts:  Richard  Marshall,  Van  L.  Baker,  Ray  Valdes,  Jason  Wong,  Adrian  Leow   Magic Quadrant for Mobile Application Development Platforms, Worldwide July 23, 2015 This  graphic  was  published  by  Gartner,  Inc.  as  part  of  a  larger  research  document  and  should  be  evaluated  in  the  context  of  the  en?re  document.  The  Gartner  document  is  available  upon  request  from  Salesforce.    Gartner  does  not  endorse  any  vendor,   product  or  service  depicted  in  its  research  publica?ons,  and  does  not  advise  technology  users  to  select  only  those  vendors  with  the  highest  ra?ngs  or  other  designa?on.  Gartner  research  publica?ons  consist  of  the  opinions  of  Gartner's  research   organiza?on  and  should  not  be  construed  as  statements  of  fact.  Gartner  disclaims  all  warran?es,  expressed  or  implied,  with  respect  to  this  research,  including  any  warran?es  of  merchantability  or  fitness  for  a  par?cular  purpose.  

12. 12 Salesforce Trust Platform Sixteen years of innovation on the

    world’s most trusted cloud Infrastructure Services Analytics Community Marketing Service Sales Apps Network Services Application Services Secure Data Centers Backup and Disaster Recovery 47 Major Releases HTTPS Encryption Penetration Testing Advanced Threat Detection Audit Fields Setup Audit Trail Field History Tracking Security Health Check Secure Firewalls Real-time replication Login History Third Party Certifications IP Login Restrictions Customer Audits 220,000+ customers 5,000,000+ apps

13. 13 Companies bring more data into Salesforce than ever before

    Financial Social Health Web Location ✓  PII ✓  PHI ✓  Trade Secrets ✓  Regulated Data ✓  Strategic Accounts ✓  VIP Lists ✓  Intellectual Property Opportunities to create a new kind of customer success

14. 14 Top 3 security challenges growth brings to CISOs Hard

    to balance security vs experience Lack of useful, actionable insights Poor governance and compliance More apps More users More data

15. 15 Introducing: Salesforce Shield New services to help you build

    trusted apps fast Infrastructure Services Analytics Community Marketing Service Sales Apps Network Services Application Services Secure Data Centers Backup and Disaster Recovery 47 Major Releases HTTPS Encryption Penetration Testing Advanced Threat Detection Audit Fields Setup Audit Trail Field History Tracking Security Health Check Secure Firewalls Real-time replication Login History Third Party Certifications IP Login Restrictions Customer Audits 220,000+ customers 2,000,000+ apps Salesforce Shield Platform Encryption Event Monitoring Field Audit Trail

16. 16 Event Monitoring : Gain Visibility into User Actions • 

    Easy API Access to User Behavior via App Logs to: ‒ Audit security ‒ Optimize performance ‒ Track app usage • Event Monitoring = Event Log Files (aka. ELF) Analyze patterns for better insights

17. What’s included Event Monitoring File Types APEX CALLOUT APEX EXECUTION

    APEX SOAP APEX TRIGGER API ASYNC REPORT BULK API CHANGE SET OPERATION CONTENT DISTRIBUTION CONTENT DOCUMENT LINK CONTENT TRANSFER DASHBOARD DOCUMENT ATTACHMENT DOWNLOADS LOGIN LOGIN AS LOGOUT MDAPI OPERATION MULTI BLOCK REPORT PACKAGE INSTALL QUEUED EXECUTION REPORT REPORT EXPORT REST API SANDBOX SITES UI TRACKING (S1 Adoption) URI TIMED BASED WORKFLOW VISUALFORCE WAVE CHANGE WAVE INTERACTION WAVE PERFORMANCE

18. How does it work? ​  Capture Data •  32 event

    types captured •  30 days of events retained •  One day lag from event occurrence to when it is available in the API ​  Analyze the data •  Use any analytics tool •  Leverage pre-built integrations with AppExchange partners •  Option to export to CSV file ​  Take Action •  Improve app performance •  Initiatives to increase adoption •  Modify governance policies •  Automation using triggers and workflow

19. 19 19 Event Monitoring API DEMO

20. 20 20 Why Elastic Stack

21. 21 Why Elastic Stack How to make it easy for

    everyday people to report on User Behavior logs User Behavior ELF Logs via API Business  Analyst   •  It’s open source •  It’s scalable •  It’s flexible •  Customer’s asked for it

22. 22 22 The back story

23. 23 History of the Project FEB OCT 2015 SEP MAY

    JUL Elastic Stack Presentation at Hadoop Strata `15 Proof of Concept ELF on Elastic Stack Summer Intern `15 Mohammed Islam Joins Logstash Plugin logstash-input-sfdc_elf Docker Image for ELF on Elastic Stack Launched Event Monitoring Started hearing about ‘ELK’ - now Elastic Stack NOV 2014

24. 24 24 Event Monitoring Dashboard DEMO

25. 25 Architectural Overview ELF sObject Hadoop App Server > >

    > > Force.com Elastic Stack

26. 26 26 ELF on Elastic Stack on Docker Setup

27. 27 Running ELF on Elastic Stack on Docker Download Code

    From Github 1 2 3 Setup Logstash Config File Run Docker Container

28. 28 ELF on Elastic Stack (ELK) on Docker Download from

    Github Repo https://github.com/developerforce/ elf_elk_docker Instructions Logstash Configuration

29. 29 ELF on Elastic Stack on Docker sfdc_elf.config: User Credentials

    input { sfdc_elf { username => "[email protected]" password => "mypasswd" # Optional. Enter if your org requires one. security_token => "nYuirUiiTe3xwTrlnGGkHPxu5" ... } ...

30. 30 ELF on Elastic Stack on Docker sfdc_elf.config: Client ID

    and Secret input { sfdc_elf { ... # Salesforce Connected App # OAuth with Access and manage your data (api) client_id => "really_long_string" client_secret => "bunch_of_numbers" ... } ...

31. 31 ELF on Elastic Stack on Docker Connected App Consumer

    Key and Secret Source: Gray Arial 10pt

32. 32 ELF on Elastic Stack on Docker sfdc_elf.config: Geo IP

    Filter filter { geoip { source => "CLIENT_IP" target => "client_ip" } geoip { source => "SOURCE_IP" target => "source_ip" } } Preconfigured! No input needed

33. 33 ELF on Elastic Stack on Docker sfdc_elf.config: Output to

    Elasticsearch output { elasticsearch { protocol => "http" host => ["0.0.0.0:9200"] } } Preconfigured! No input needed

34. 34 ELF on Elastic Stack on Docker Running and Managing

    Docker Container # Run container make run # Resume a stopped container make resume # Delete a stopped container make remove

35. 35 35 ELF on Elastic Stack on Docker Setup Demo

36. 36 36 The future

37. 37 Roadmap •  Packaged Dashboards in Kibana •  sObject connector

    for strongly typed Salesforce BigObjects (Login Forensics, Data Forensics, Apex Limits, etc…) •  Docker on Heroku for cloud offering What the future may hold for our plug-in Image Source: http://dryicons.com/terms/#free-license

38. 38 38 Q & A

39. 39 39 Thanks!

40. 40 Except where otherwise noted, this work is licensed under

    http://creativecommons.org/licenses/by-nd/4.0/ Creative Commons and the double C in a circle are registered trademarks of Creative Commons in the United States and other countries. Third party marks and brands are the property of their respective holders.