Newer Version Available

This content describes an older version of this product. View Latest

Create a Policy with a UI or with Apex Code

In the legacy framework, the only way to create a policy was to code an Apex class. In the enhanced framework, you have two options: use Condition Builder, a point-and-click tool, or Apex. Here are some guidelines to help you decide which option is best for you.
Available in: Salesforce Classic and Lightning Experience
Available in: Enterprise, Performance, Unlimited, and Developer Editions

Requires Salesforce Shield or Salesforce Event Monitoring add-on subscriptions.


Let’s say that your legacy policy’s Apex class references event properties that are directly available as fields in the Real-Time Event Monitoring event objects. Also, the fields are available in the Condition Builder UI. Good news, you can use Condition Builder to create your enhanced policy! Examples of these fields include the source IP when a user logs in (LoginEvent.SourceIP) and the number of rows returned from a report execution (ReportEvent.RowsProcessed).

If your legacy policy’s Apex code references event properties that are not directly available in the Real-Time Event Monitoring event objects, continue to use Apex and SOQL queries. An example is a policy that checks whether the records returned by an API query or report export have fields that are Data Classified. In your enhanced policy’s Apex class, implement the TxnSecurity.EventCondition interface instead of the legacy TxnSecurity.PolicyCondition.

Follow Along with the Lead Data Export Example

The fields we chose for our two new enhanced ReportEvent and ApiEvent policies are available in the event objects and don’t require SOQL queries to get more data. These fields are also available in the Condition Builder UI. As a result, Condition Builder, the easiest way to create an enhance policy, is a good choice for our example. But if you prefer to use Apex, we also provide the code in the examples section.