Loading
Feature Disruption - Service Cloud VoiceRead More
Feature degradation | Gmail Email delivery failureRead More
Set Up and Maintain Your Salesforce Organization
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            View Event Log Data in Analytics Apps Control

            You are here:

            1. Salesforce Help
            2. Docs
            3. Set Up and Maintain Your Salesforce Organization

            View Event Log Data in Analytics Apps Control

            Enables Event Log Files (ELFs) and real-time event data to be queried and visualized directly within Salesforce Analytics (CRM Analytics/Einstein Analytics).

            Control Name

            Event Monitoring Settings (Enable 'View event log data in analytics apps').

            Control Overview

            Enables Event Log Files (ELFs) and real-time event data to be queried and visualized directly within Salesforce Analytics (CRM Analytics/Einstein Analytics), providing native dashboards for security monitoring without external exports.

            Description

            When enabled, permitted users can create lenses, dashboards, and datasets from event data (login events, report exports, API calls) stored in Big Objects. Supports real-time streaming events for anomaly detection and historical analysis up to 1-24 months depending on retention.

            Recommended Configuration

            Enable 'View event log data in analytics apps' in Setup>Event Monitoring Settings; assign "View Event Log Files in Analytics" permission to security analysts and integrate with Shield Platform Event Log files for full coverage.

            Security Impact

            Provides centralized visibility into user behaviors, login patterns, and data access without leaving Salesforce, enabling proactive threat hunting and compliance reporting through native BI tools.

            Business Impact

            Accelerates security investigations with point-and-click analytics, reduces SIEM integration costs, and empowers analysts without deep SQL/Event Log expertise to monitor org health.

            Security Risk If Not Configured

            Disabled analytics for event log data for security monitoring leaves critical user activity data siloed in raw files, inaccessible for real-time analysis or visualization.

            Threat Scenarios

            Misconfigured or disabled event monitoring fails to capture user activity, preventing detection of suspicious behavior and security incidents like unusual data exports, privilege escalations, or brute-force login attempts.

            Estimated CVSS Score Range

            High (7.0–8.9).

            Risk Impact Considerations

            Value scales with user count and data sensitivity; storage costs for long-term retention must be balanced against monitoring needs.

            Higher Risk When

            Large user bases, external sharing enabled, frequent API integrations, or regulated industries requiring continuous user activity monitoring.

            Low Risk When

            Small internal teams, minimal external access, supplemented by native Login History and robust MFA enforcement.

            Business and Integration Considerations

            Requires CRM Analytics license and Event Monitoring add-on; test with sample datasets before production dashboards.

            Security Health Review Guidance

            Strongly recommended.

            Who Is Impacted

            SecOps analysts, compliance officers, Salesforce admins building security dashboards, and auditors requiring user activity reports.

            See Also

             
            Loading
            Salesforce Help | Article