The BlueApp for Salesforce streamlines incident response activities by automatically opening Salesforce cases in response to threats detected by USM Anywhere. Upon execution of the action, USM Anywhere generates the Salesforce case and populates the case fields with details from an alarm, event or vulnerability.Documentation Index
Fetch the complete documentation index at: https://docs.levelblue.com/llms.txt
Use this file to discover all available pages before exploring further.
The BlueApp for Salesforce uses the Salesforce hourly event log API to pull events from your Salesforce instance on an hourly basis to minimize the latency of your important security event data. This is a paid feature and not enabled in a production Salesforce instance by default. Please ask your Salesforce Account Executive to enable it in your account if you have not done so already. The hourly event log feature is not required to use the case creation actions. USM Anywhere does not currently support importing events from the Salesforce Daily Event Log API.
If the BlueApp fails and you receive a message informing you that it has not been loaded, please contact LevelBlue Technical Support to solve the problem.