| ColumnHeaders |
- Type
- string
- Properties
- Nillable
- Description
- Comma-separated values of column headers of the report. For
example, [USERNAME, ACCOUNT.NAME, TYPE, DUE_DATE, LAST_UPDATE,
ADDRESS1_STATE].
|
| DashboardId |
- Type
- reference
- Properties
- Nillable
- Description
- The ID of the dashboard that the report was part of. For example,
01ZB0000000PmoQ.
|
| DashboardName |
- Type
- string
- Properties
- Nillable
- Description
- The title of the dashboard that the report was part of.
|
| Description |
- Type
- string
- Properties
- Nillable
- Description
- The description of the report.
|
| DisplayedFieldEntities |
- Type
- string
- Properties
- Nillable
- Description
- The API values of the fields that are displayed on the report,
including the names of the entities of the grouped column fields.
For example: [ACCOUNTS,
OWNERS].
|
| EvaluationTime |
- Type
- double
- Properties
- Nillable
- Description
- The amount of time it took to evaluate the policy in
milliseconds.
|
| EventDate |
- Type
- dateTime
- Properties
- Filter, Sort
- Description
- The time when the specified report event was captured (after query
execution takes place). For example, 2020-01-20T19:12:26.965Z. Milliseconds are the most
granular setting.
|
| EventIdentifier |
- Type
- string
- Properties
- Filter, Sort
- Description
- The unique ID of the event. For example,
0a4779b0-0da1-4619-a373-0a36991dff90.
|
| EventSource |
- Type
- picklist
- Properties
- Nillable, Restricted Picklist
- Description
- The source of the event. Possible values are:
-
API—The user
generated the report from an API call.
-
Classic—The user
generated the report from the Salesforce Classic UI.
-
Lightning—The
user generated the report from Lightning Experience.
|
| ExecutionIdentifier |
- Type
- string
- Properties
- Nillable
- Description
- When report data is divided into multiple report events, use this
unique identifier to correlate the multiple data chunks. For
example, if each chunk has the same
ExecutionIdentifier of
a50a4025-84f2-425d-8af9-2c780869f3b5, enabling you to link them
together to get all the data for the report execution. The
Sequence field contains the incremental
sequence numbers that indicate the order of the multiple events.
For more information, see Sequence.
|
| ExportFileFormat |
- Type
- string
- Properties
- Nillable
- Description
- If the user exported the report, this value indicates the format
of the exported report. Possible values are:
|
| Format |
- Type
- picklist
- Properties
- Defaulted on create, Nillable, Restricted picklist
- Description
- The format of the report. Possible values are:
- Matrix
- MultiBlock
- Summary
- Tabular
|
| GroupedColumnHeaders |
- Type
- string
- Properties
- Nillable
- Description
- Comma-separated values of grouped column fields in summary,
matrix, and joined reports. For example: [USERNAME, ACCOUNT.NAME, TYPE, DUE_DATE,
LAST_UPDATE, ADDRESS1_STATE].
|
| IsScheduled |
- Type
- boolean
- Properties
- Defaulted on create
- Description
- If TRUE, the report was scheduled. If FALSE, the report wasn’t
scheduled.
|
| LoginHistoryId |
- Type
- reference
- Properties
- Nillable
- Description
- Tracks a user session so you can correlate user activity with a
particular series of report events. This field is also available on
the LoginEvent, AuthSession, and LoginHistory objects, making it
easier to trace events back to a user’s original authentication.
This value is null if the event that was generated was from a
dashboard refresh, a multi-block report, or a scheduled report. For
example, 0YaB000002knVQLKA2.
|
| LoginKey |
- Type
- string
- Properties
- Nillable
- Description
- The string that ties together all events in a given user’s
login session. The session starts with a login event and ends with either a
logout event or the user session expiring. This value is null if the event that was generated was from a
dashboard refresh, a multi-block report, or a scheduled report. For
example, lUqjLPQTWRdvRG4.
|
| Name |
- Type
- string
- Properties
- Nillable
- Description
- The display name of the report. The value is null for report
previews.
|
| NumberOfColumns |
- Type
- int
- Properties
- Nillable
- Description
- The number of columns in the report.
|
| Operation |
- Type
- picklist
- Properties
- Nillable, Restricted Picklist
- Description
- The context in which the report executed, such as from a UI
(Classic, Lightning, Mobile), through an API (synchronous,
asynchronous, Apex), or through a dashboard. Session information
contained in the fields SessionKey,
LoginKey,
SessionLevel, and
SourceIp isn’t captured in any report
resulting from an asynchronous operation. Possible values are:
-
ChartRenderedInEmbeddedAnalyticsApp: Report
executed from a rendered chart in an embedded Analytics
app.
-
ChartRenderedOnHomePage: Report executed from a
rendered chart on the home page.
-
ChartRenderedOnVisualforcePage: Report executed
from a rendered chart on a VisualForce Page.
-
DashboardComponentPreviewed: Report executed
from a Lightning dashboard component preview.
-
DashboardComponentUpdated: Report executed when
a user refreshed a dashboard component.
-
ProbeQuery: Report
executed from a probe query.
-
ReportAddedToCampaign:
Report was added from an Add to Campaign action.
-
ReportExported: Report
executed from a printable view or report export that wasn’t
asynchronous nor an API export.
-
ReportExportedAsynchronously: Report was
exported asynchronously.
-
ReportExportedUsingExcelConnector: Report was
exported using the Excel connector.
-
ReportOpenedFromMobileDashboard: Report executed
when a user clicked a dashboard component on a mobile device
and drilled down to a report.
-
ReportPreviewed: Report
executed when a user got preview results while using the
report builder.
-
ReportResultsAddedToEinsteinDiscovery: Report
executed synchronously from Einstein Discovery.
-
ReportResultsAddedToWaveTrending: Report
executed when a user trended a report in Einstein Analytics.
-
ReportRunAndNotificationSent: Report executed
through the notifications API.
-
ReportRunFromClassic:
Report executed from the Run Report option of Salesforce
Classic.
-
ReportRunFromLightning:
Report executed from the Run option in Lightning Experience
from a non-mobile browser.
-
ReportRunFromMobile:
Report executed from the Run Report option of the mobile
Salesforce app.
-
ReportRunFromReportingSnapshot: Report executed
through Snapshot Analytics.
-
ReportRunFromRestApi:
Report executed from REST API.
-
ReportRunUsingApexAsynchronousApi: Report
executed from the asynchronous Apex API.
-
ReportRunUsingApexSynchronousApi: Report
executed from the synchronous Apex API.
-
ReportRunUsingAsynchronousApi: Report executed
from an asynchronous API.
-
ReportRunUsingSynchronousApi: Report executed
from a synchronous API.
-
ReportScheduled: Report
was scheduled.
-
Test: Report execution
resulted from a test.
-
Unknown: Report
execution origin is unknown.
|
| OwnerId |
- Type
- reference
- Properties
- Nillable
- Description
- The ID of the folder, organization, or user who owns the report.
If the report wasn’t saved, this value is the same as
UserId. For example, 005B0000001vURv.
|
| PolicyId |
- Type
- reference
- Properties
- Nillable
- Description
- The ID of the transaction policy associated with this event. For
example, 0NIB000000000KOOAY.
|
| PolicyOutcome |
- Type
- picklist
- Properties
- Nillable, Restricted picklist
- Description
- The result of the transaction policy. Possible values are:
-
Block - The user was
blocked from performing the operation that triggered the
policy.
-
Error - The policy
caused an undefined error when it executed.
-
FailedInvalidPassword -
The user entered an invalid password.
-
FailedPasswordLockout -
The user entered an invalid password too many times.
-
NoAction - The policy
didn't trigger.
-
Notified - A
notification was sent to the recipient.
-
TwoFAAutomatedSuccess -
Salesforce Authenticator approved the request for access
because the request came from a trusted location. After users
enable location services in Salesforce Authenticator, they
can designate trusted locations. When a user trusts a
location for a particular activity, that activity is
approved from the trusted location for as long as the
location is trusted. Logging in from a recognized device is
an example.
-
TwoFADenied - The user
denied the approval request in the authenticator app, such as
Salesforce Authenticator.
-
TwoFAFailedGeneralError
- An error caused by something other than an invalid
verification code, too many verification attempts, or
authenticator app connectivity.
-
TwoFAFailedInvalidCode
- The user provided an invalid verification code.
-
TwoFAFailedTooManyAttempts - The user attempted
to verify identity too many times. For example, the user
entered an invalid verification code repeatedly.
-
TwoFAInitiated -
Salesforce initiated identity verification but hasn’t yet
challenged the user.
-
TwoFAInProgress -
Salesforce challenged the user to verify identity and is
waiting for the user to respond or for Salesforce
Authenticator to send an automated response.
-
TwoFANoAction - The
policy specifies multi-factor authentication (formerly called
two-factor authentication) as an action, but the user is
already in a high-assurance session.
-
TwoFARecoverableError -
Salesforce can’t reach the authenticator app to verify
identity, but retries.
-
TwoFAReportedDenied -
The user denied the approval request in the authenticator
app, such as Salesforce Authenticator, and also flagged the
approval request to report to an administrator.
-
TwoFASucceeded - The
user’s identity was verified.
|
| QueriedEntities |
- Type
- string
- Properties
- Nillable
- Description
- The entities in the SOQL query. For example, Opportunity, Lead,
Account, or Case. Can also include custom objects. For relationship
queries, the value of this field contains all entities involved in
the query. If the query returns 0 records, then the value of this
field is null.
- Examples
-
- For SELECT Contact.FirstName,
Contact.Account.Name from Contact, the value of
QueriedEntities is
Account, Contact.
- For SELECT Account.Name, (SELECT
Contact.FirstName, Contact.LastName FROM Account.Contacts)
FROM Account, the value of
QueriedEntities is
Account, Contact.
- For SELECT Id, Name,
Account.Name FROM Contact WHERE Account.Industry =
'media', the value of
QueriedEntities is
Account, Contact.
|
| Records |
- Type
- json
- Properties
- Nillable
- Description
- A JSON string that represents the report’s data. For example,
{"totalSize":1,"rows":[{"datacells":["005B0000001vURv","001B000000fewai"]}]}.
|
| RelatedEventIdentifier |
- Type
- string
- Properties
- Nillable
- Description
- Represents the EventIdentifier of the related
event. For example, bd76f3e7-9ee5-4400-9e7f-54de57ecd79c.
This
field is populated only when the activity that this event
monitors requires extra authentication, such as multi-factor
authentication. In this case, Salesforce generates more events
and sets the RelatedEventIdentifier field
of the new events to the value of the
EventIdentifier field of the original
event. Use this field with the
EventIdentifier field to correlate all
the related events. If no extra authentication is required, this
field is blank.
|
| ReportId |
- Type
- reference
- Properties
- Nillable
- Description
- The ID of the report associated with this event. For example,
00OB00000032FHdMAM.
|
| RowsProcessed |
- Type
- double
- Properties
- Nillable
- Description
- The total number of rows returned in the report. When report data
is divided into multiple report events, this value is the same for
all data chunks. For more information, see
ExecutionIdentifier.
|
| Scope |
- Type
- string
- Properties
- Nillable
- Description
- Defines the scope of the data on which the user ran the report.
For example, users can run the report against all opportunities,
opportunities they own, or opportunities their team owns. Possible
values are:
-
user - User owns the
objects the report was run against.
-
team - Team owns the
objects the report was run against.
-
organization - Report
was run against all applicable objects.
|
| Sequence |
- Type
- int
- Properties
- Nillable
- Description
- Incremental sequence number that indicates the order of multiple
events that result from a given report execution.
When a report
execution returns many records, Salesforce splits this data into
chunks based on the size of the records, and then creates
separate multiple ReportEventStreams. The field values in each
of these correlated ReportEventStreams are the same, except for
Records and
Sequence. Records
contains the different data chunks.
Sequence identifies each chunk in order.
Every report execution has a unique
ExecutionIdentifier value to
differentiate it from other report executions. To view all the
data chunks from a single report execution, use the
Sequence and
ExecutionIdentifier fields in
combination.
When a report executes, we provide the
first 1000 events with data in the
Records field. Use the
ReportId field to view the full
report.
For more information, see ExecutionIdentifier.
|
| SessionKey |
- Type
- string
- Properties
- Nillable
- Description
- The user’s unique session ID. Use this value to identify
all user events within a session. When a user logs out and logs in again, a new
session is started. This value is null if the event that was generated was from a
dashboard refresh, a multi-block report, or a scheduled report. For
example, vMASKIU6AxEr+Op5.
|
| SessionLevel |
- Type
- picklist
- Properties
- Nillable, Restricted picklist
- Description
- Session-level security controls user access to features that
support it, such as connected apps and reporting. Possible values are:
-
HIGH_ASSURANCE - A high
assurance session was used for resource access. For example,
when the user tries to access a resource such as a connected
app, report, or dashboard that requires a high-assurance
session level.
-
LOW - The user’s
security level for the current session meets the lowest
requirements.
This low level isn’t available, nor
used, in the Salesforce UI. User sessions through the UI
are either standard or high assurance. You can set this
level using the API, but users assigned this level
experience unpredictable and reduced functionality in
their Salesforce org.
-
STANDARD - The user’s
security level for the current session meets the Standard
requirements set in the org’s Session Security Levels.
This value is null if the event that was generated was from a
dashboard refresh, a multi-block report, or a scheduled
report.
|
| SourceIp |
- Type
- string
- Properties
- Nillable
- Description
- The source IP address of the client that logged in. For example,
126.7.4.2.
|
| UserId |
- Type
- reference
- Properties
- Filter, Sort
- Description
- The origin user’s unique ID. For example,
005B0000001vURv.
|
| Username |
- Type
- string
- Properties
- Nillable
- Description
- The origin username in the format of
user@company.com at the time the event was
created.
|
j