Nebula logger and gov cloud

[gayatrigoda]

I wanted to check - is the logger package 'gov cloud friendly'?

[jongpie]

Hi @gayatrigoda - I believe the answer is yes, depending on your specific requirements. I've previously implemented it myself on some gov cloud projects a few years ago when I was working as a consultant, and I know of a few other gov cloud projects that have also implemented it over the last year or two.

• From a technical perspective, Nebula Logger should work in enterprise & unlimited editions of Salesforce
• Nebula Logger is built 100% natively in Salesforce, so all of the code runs within your Gov Cloud instance
• The data sharing model is private by default - users have to be granted access to logging data via permission sets before they can see any of the data
• Depending on your project's compliance requirements, you may want to take some additional steps in your org. For example, Nebula leverages platform events, which are not encrypted by default when stored in the event bus. If this particular item is a concern for you, you can use Salesforce Shield to encrypt platform events - there may be other similar types of security aspects specific to your project that you may need consider, but offhand, this is the only one that comes to mind.

Hope this helps, but please let me know if you have further questions!

[gayatrigoda]

Thank you for your prompt reply - this is very useful information, especially about the missing event encryption piece. I will run it by our gov cloud team. We have very recently used the nebula logger in our regular salesforce instance - and added a bit of a twist to it. We are using metadata to group "features" and turning them off / on to control logging. So as an example - the UX team needs to do some research on a certain feature (some components, pages, flows) for a few months then turn it off - we are able to do that "remotely" without redeploying code. I will definitely reach out to you in case of any further questions - thank you again. Regards, Gayatri

…

On Thu, Oct 27, 2022 at 7:48 AM Jonathan Gillespie ***@***.***> wrote: Hi @gayatrigoda <https://github.com/gayatrigoda> - I believe the answer is yes, depending on your specific requirements. I've previously implemented it myself on some gov cloud projects a few years ago when I was working as a consultant. - From a technical perspective, Nebula Logger should work in enterprise & unlimited editions of Salesforce - Nebula Logger is built 100% natively in Salesforce, so all of the code runs within your Gov Cloud instance - The data sharing model is private by default - users have to be granted access to logging data via permission sets before they can see any of the data - Depending on your project's compliance requirements, you may want to take some additional steps in your org. For example, Nebula leverages platform events, which are not encrypted by default when stored in the event bus. If this particular item is a concern for you, you can use Salesforce Shield to encrypt platform events <https://developer.salesforce.com/docs/atlas.en-us.platform_events.meta/platform_events/platform_events_encryption.htm> - there may be other similar types of security aspects specific to your project that you may need consider, but offhand, this is the only one that comes to mind. Hope this helps, but please let me know if you have further questions! — Reply to this email directly, view it on GitHub <#399 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ANJMULLO5DEG7PJLUZ2QOQDWFKI4TANCNFSM6AAAAAARPRDSEM> . You are receiving this because you were mentioned.Message ID: ***@***.***>

[jongpie]

@gayatrigoda if you encounter any other concerns for Gov Cloud that you can share, please let me know! I'll plan to create a new page in the wiki for Gov Cloud implementations to document any special considerations or concerns.

And your implementation for using metadata to group features sounds really interesting! Could you share some more details about how you implemented it? It sounds like you had....

• A custom metadata object with different records for different "features" in your org. Each record indicates if logging is enabled/disabled for a particular "feature" within your org.
• Each Apex class that "belongs" to a feature would check a corresponding record in the custom metadata object to see if logging is enabled/disabled

Does that sound like an accurate summary of how it worked? And since this was being done for your UX team, was there any other relevant data that would have been useful to log, but is not currently available in Nebula Logger? As part of #225, I'm hoping to eventually capture more details about the current user's browser & other similar details - if you have any similar suggestions of new fields to add, let me know!

[gayatrigoda]

Thank you Jonathan!
Your description of the usage of custom metadata is accurate. This makes it easy to maintain remotely, without redeploying..
One of the other riddles we are trying to solve for (generic, not necessarily answered by the logger only), is - user actions - where did the user come from to this page and where did he go after he performed a certain action/s on the page.

[jongpie]

@gayatrigoda perfect, thanks for confirming on the usage of custom metadata! I do like that approach - some of that functionality is now handled by using methods like Logger.setScenario(String) & Logger.endScenario(String), combined with the LoggerScenarioRule__mdt object, but even if you use your own custom metadata object, I think being able to "remotely" change the behavior without redeploying code can be incredibly helpful. Thanks for sharing!

And as far as user actions, yeah, I fully agree, it's difficult sometimes to understand what actions a user took. I have some backlog issues #225 and #397 to start tracking more details about the user's browser and the user's currently selected app in Salesforce, which may help - but if you have any other suggestions on how Nebula Logger could help provide context for user actions, let me know!