Platform Events Developer Guide

Platform Events Developer Guide
Delivering Custom Notifications with Platform Events
Defining Your Custom Platform Event
Publishing Platform Events
Subscribing to Platform Events
Testing Your Platform Event in Apex
Encrypting Platform Event Messages at Rest in the Event Bus
Monitor Platform Event Publishing and Delivery Usage
Considerations
Examples
Reference
Platform Event Allocations
Platform Event Error Status Codes
Standard Platform Event Objects
Change Data Capture Events
Standard Platform Event Object List
AcademicTermGpaCalcEvent
AcadRgstrApplnEvent
AcadRgstrEligCritRunEvent
AiJobRunStatusEvent
AIPredictionEvent
AIUpdateRecordEvent
AppointmentSchedulingEvent
AssetCancelInitiatedEvent
AssetAmendInitiatedEvent
AssetRenewInitiatedEvent
AssetTokenEvent
AppvlWorkItemNtfcnEvent
BatchApexErrorEvent
BillingScheduleCreatedEvent
BulkApi2JobEvent (Beta)
CallCoachConfigModifyEvent
CartToOrderCompletedEvent
CommerceDiagnosticEvent
ConsentEvent
ConsentUnsubscribeAllEvent
ConversationInsightEvent
CreateAssetOrderEvent
CreditInvoiceProcessedEvent
CreditMemoProcessedEvent
DataObjectDataChgEvent
DataObjectMetadataChgEvent
DatasetExportEvent
DiscoveryPredictionEvent
EmailCapturedMatchEvent
ExtlRecShrEvent
ExtlRecShrResultEvent
FirstBillPaymentSetupEvent
FlowDebugRefreshEvent
FlowExecutionErrorEvent
FlowOrchestrationEvent
FOStatusChangedEvent
FulfillOrdItemQtyChgEvent
InsPlcyEndrStatusEvent
InsPolicyRnwlQuoteStatusEvent
InsPolicyRnwlStatusEvent
InteropTopicSubcrEvent
InvoiceProcessedEvent
InvoiceProcPymtExclEvent
NegInvcLineProcessedEvent
OmniTrackingEvent
OrderStatusChangedEvent
OrderSummaryCreatedEvent
OrderSumStatusChangedEvent
PaymentCreationEvent
PendingOrdSumProcEvent
PlaceOrderCompletedEvent
PlatformStatusAlertEvent
ProcessExceptionEvent
QuoteSaveEvent
QuoteToOrderCompletedEvent
RealtimeAlertEvent
RemoteKeyCalloutEvent
SrcPredJobStatusChgEvent
SearchIndexJobStatusEvent
ServiceAppointmentEvent
VoidInvoiceProcessedEvent
WebCartAbandonedEvent
WebStoreUserCreatedEvent
Real-Time Event Monitoring Objects
ApiAnomalyEvent
ApiAnomalyEventStore
ApiEvent
ApiEventStream
BulkApiResultEvent
BulkApiResultEventStore
ConcurLongRunApexErrEvent
CredentialStuffingEvent
CredentialStuffingEventStore
CreditInvoiceProcessedEvent
CreditMemoProcessedEvent
CrMemoProcessErrDtlEvent
GuestUserAnomalyEvent
GuestUserAnomalyEventStore
PaymentCreationEvent
VoidInvoiceProcessedEvent
FileEvent
FileEventStore
IdentityProviderEventStore
IdentityVerificationEvent
LightningUriEvent
LightningUriEventStream
ListViewEvent
ListViewEventStream
LoginAnomalyEvent
LoginAnomalyEventStore
LoginAsEvent
LoginAsEventStream
LoginEvent
LoginEventStream
LogoutEvent
LogoutEventStream
MobileEmailEvent
MobileEnforcedPolicyEvent
MobileScreenshotEvent
MobileTelephonyEvent
PermissionSetEvent
PermissionSetEventStore
ReportAnomalyEvent
ReportAnomalyEventStore
ReportEvent
ReportEventStream
SessionHijackingEvent
SessionHijackingEventStore
UriEvent
UriEventStream
PDF

LoginAnomalyEvent

This entity detects data access anomalies that are caused by potentially malicious login actions. This object is available in API version 64.0 and later.

Supported Calls

describeSObjects()

Special Access Rules

Accessing this object requires either the Salesforce Shield or Event Monitoring add-on subscription and the View Real-Time Event Monitoring Data user permission.

The Machine Learning (ML) models that power Threat Detection analyze data to ensure accurate identification, which requires a brief processing time. This results in an expected time difference between the Event Detection Date and the Event Creation Date.

Note

Supported Subscribers

Subscriber Supported?
Apex Triggers
Flows Yes
Processes
Pub/Sub API Yes
Streaming API (CometD) Yes

Event Delivery Allocation Enforced

No

Fields

Field Details
EvaluationTime
Type
double
Properties
Nillable
Description
A date value that represents aggregated timeframe of when Login Anomaly Actions occured
EventDate
Type
dateTime
Properties
Nillable
Description
A date value (no time portion) that represents aggregate timeframe when the login anomaly actions occurred.
EventIdentifier
Type
string
Properties
Nillable
Description
The unique ID of the event, which is shared with the corresponding storage object
EventUuid
Type
string
Properties
Nillable
Description
A universally unique identifier (UUID) that identifies a platform event message.
LoginKey
Type
string
Properties
Nillable
Description
The string that ties together all events in a given user’s login session.
PolicyId
Type
reference
Properties
Nillable
Description
The ID of the transaction policy associated with this event. This field isn’t populated until all transaction security policies are processed for the real-time event.
PolicyOutcome
Type
picklist
Properties
Nillable, Restricted picklist
Description
The result of the transaction policy.
ReplayId
Type
string
Properties
Nillable
Description
Represents an ID value that is populated by the system and refers to the position of the event in the event stream. Replay ID values aren’t guaranteed to be contiguous for consecutive events. A subscriber can store a replay ID value and use it on resubscription to retrieve missed events that are within the retention window.
Score
Type
double
Properties
Nillable
Description
A number from 0 through 1 that represents the anomaly score for the report execution or export tracked by this event. The anomaly score shows how the user's current report activity is different from their typical activity. A low score indicates that the user's current report activity is similar to their usual activity, a high score indicates that it's different.
SecurityEventData
Type
textarea
Properties
Nillable
Description
The set of features about the report activity that triggered this anomaly event.
SessionKey
Type
string
Properties
Nillable
Description
The user’s unique session ID. Use this value to identify all user events within a session.
SourceIp
Type
string
Properties
Nillable
Description
The source IP address of the client that logged in
Summary
Type
textarea
Properties
Nillable
Description
A text summary of the threat that caused this event to be created. The summary lists the browser fingerprint features that most contributed to the threat detection along with their contribution to the total score.
UserId
Type
reference
Properties
Nillable
Description
The origin user’s unique ID. For example, 005000000000123.
Username
Type
string
Properties
Nillable
Description
The origin username in the format of user@company.com at the time the event was created.