Salesforce User Sessions Test
Salesforce users often use session types to access a Salesforce organization. These session types can be persistent or temporary. Typically, persistent session types can be accessed using the user interface, API, or other methods, such as an OAuth authentication process. The following are persistent session types:
| Session Type | Description |
| API | Created when accessing an org through the API. |
| APIOnlyUser | Created to enable a password reset in the user interface for API-only users. |
| Aura | Created for access to Lightning Experience functionality. |
| ChatterNetworks | Created when using Chatter Networks or Chatter Sites. |
| ChatterNetworksAPIOnly | Created when using the Chatter Networks or Chatter Sites API. |
| Content | Created when serving user-uploaded content. |
| DataDownloadOnly | A session that can only be used to download data. |
|
LightningContainerComponent C |
Created for use with Lightning container components. |
|
LivePreview |
Created to use the live preview functionality in Experience Builder. |
|
Node |
Created for NodeJS access. |
|
OauthApprovalUI |
A session that allows access only to the OAuth approval page. |
|
Oauth2 |
Created using OAuth flows. For example, if you use OAuth authentication for a connected app, this type of session is created. |
|
SamlOauthApprovalUi |
Created when approving OAuth access during a SAML flow. |
|
SiteStudio |
Created when using the Experience Builder user interface. |
|
SitePreview |
Initiated when an internal canvas app is invoked. |
|
STREAMING_API |
Created for use by the streaming API. |
|
SubstituteUser |
Created when one user logs in as another user. For example, if an administrator logs in as another user, a SubstituteUser session is created. |
|
UI |
Created for access to the Salesforce Classic UI. Represents the core session for a login to the user interface. |
|
UnspecifiedType |
Created by an unknown source. |
|
UserSite |
Initiated when a canvas application is invoked. |
|
Visualforce |
Created to access Visualforce pages. |
|
WDC_API |
A session using the WDC API. |
Temporary session types are used during the process of switching domains. For example, when you access Lightning Experience, a temporary session is created as part of that flow. Refer to the table below for a comprehensive list of temporary session types:
| Session Type | Description |
| TempAuraExchange | Created to switch to the Lightning domain. |
| TempChatterNetworks | Created to switch to Chatter Networks or Chatter Sites. |
| TempContentExchange | Created to switch to the content domain, such as the user interface into which users enter their credentials. |
| TempLccExchange | Created to switch to the LCC domain. |
| TempLivepreviewExchange | Created to switch to using the live preview functionality in Experience Builder. |
| TempNodeExchange | Created to switch to NodeJS. |
| TempOauthAccessTokenFrontdoor | Created for a user attempting to grant access to an application using the OAuth protocol. |
|
TempSitepreviewExchange |
Created to switch to using an internal canvas app. |
|
TempSitestudioExchange |
Created to switch to using the Experience Builder user interface. |
|
TempVisualforceExchange |
Created to switch to the Visualforce domain. |
|
TempUIFrontdoor |
Created to switch to the Salesforce UI. |
Continuous monitoring of user sessions to a Salesforce organization can warn administrators of potential overload conditions and the type of session that could be contributing to it. Session monitoring also leads administrators to session expiry that may have been caused by poor session configuration. It is also important for users to study session disconnects closely, and figure out if sessions of a specific type are disconnecting more frequently than the rest. To proactively detect and address such session-related anomalies, you can use the Salesforce User Sessions test.
For each type of session, this test reports the count of active sessions. By observing variations to the active session count over time, administrators can be alerted to a session overload, with pointers to the precise session type that could be causing the overload. In the process, administrators will also understand the type of activities Salesforce users often engaged in. In addition, the test also reports the count of sessions that are about to expire, thereby revealing whether/not session timeout has been correctly configured for all types of sessions. The number of disconnected sessions is also reported per session type, thus revealing session types that are disconnecting frequently. This could turn administrator attention to the type of activities that are probably unstable. Furthermore, the test also tracks the addition of sessions from time to time, thus leading administrators to suspicious session activity.
Target of the test : A Salesforce organization
Agent deploying the test : A remote agent.
Outputs of the test : One set of results for each session type using which users accessed the Salesforce organization being monitored
| Parameters | Description |
|---|---|
|
Test Period |
How often should the test be executed. |
|
Host |
The host for which the test is to be configured. |
|
|
This test needs to login to the target Salesforce organization as a user with Administrative rights, in order to run API commands on it and pull metrics. To facilitate this connection, specify the email ID of the Administrator of the Salesforce organization here. |
|
Password |
Specify the password of the Administrator here. |
|
Confirm Password |
Confirm the administrator password by retyping here. |
|
Show Active Session DD |
In the real world, numerous users may be actively using Salesforce. Storing the details of each active user session may therefore increase the strain on the eG database. To conserve database space, this test does not collect and store detailed diagnostics for the Active sessions measure. This is why, the Show Active Session DD flag is set to No by default. If you have a well-sized, well-tuned eG database, you may want to turn this flag on, so that detailed analytics are available for the Active sessions measure. |
|
Active Session DD Limit |
This parameter is applicable only if the Show Active Session DD flag is set to Yes. In this case, the detailed diagnosis of the Active sessions measure will report the details of the top-10 sessions of a type, starting with the most recent. Accordingly, this flag is set to 10 by default. If you want more or less number of session records to be available as part of detailed statistics, then increase or decrease the value of this parameter. |
|
Detailed Diagnosis |
To make diagnosis more efficient and accurate, the eG Enterprise embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test for a particular server, choose the On option. To disable the capability, click on the Off option. The option to selectively enable/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled:
|
| Measurement | Description | Measurement Unit | Interpretation |
|---|---|---|---|
|
Active sessions |
Indicates the number of sessions of this type that are currently active on the Salesforce organization. |
Number |
Tracking the value of this measure over time will provide you with early pointers to overload conditions. In the event of an overload, you can compare the value of this measure across session types to know which type of sessions is contributing to the abnormal load. The detailed diagnosis of this measure, if enabled, reveals the users who initiated the active sessions. |
|
Sessions that are about to expire |
Indicates the number of sessions of this type that are about to expire. |
Number |
Sessions expire after a configured period of inactivity. If this 'period of inactivity' is set too low, then sessions may expire quickly, thus causing many sessions to expire within a short time window. If the value of this measure is abnormally high for any session type, you can use the detailed diagnosis of this measure to know which sessions of that type are about to expire, who initiated them, and how long each session will be valid. You may then want to check the timeout setting for these sessions to see if it is improperly set. |
|
Disconnected sessions |
Indicates the number of disconnected sessions of this type. |
Number |
If the value of this measure is unusually high for any session type, then use the detailed diagnosis of this measure to know which sessions disconnected and who initiated these sessions. |
|
Session added |
Indicates the number of sessions of this type that were recently added. |
Number |
If the value of this measure suddenly spikes for any session type, it is right to be suspicious about those sessions. In this case therefore, use the detailed diagnosis of the measure to verify whether/not Salesforce was accessed only by legitimate users. |
