FINDING 01High
20,692
Median changes per 30-day window
A typical mid-market org logs 20,000+ metadata changes per month across Setup. Most teams have no visibility into who is making which changes.
20,692 changes in 30 days. Do you know which one broke something?
SetupAuditTrail logs every metadata change in Salesforce. Most teams have no operational visibility into it. Change Intelligence decodes the log, attributes every change to its actor, ships git-style diff, and analyzes downstream impact with AI.
Trusted by leaders at
Change Data · 202604 / 04 findings
What change activity looks like in a typical org
Four numbers drawn from 1,000+ orgs we monitor.
FINDING 02High
100%
Untracked changes pre-audit
Without Change Intelligence, SetupAuditTrail entries are cryptic and unsorted. The data exists but is functionally untracked from an operational perspective.
FINDING 03High
24+
Avg actors making changes
Salesforce Admins, IT Admins, Integration Users, contractors, partners. Knowing who can change what, and what they did change, is a compliance requirement most orgs cannot answer.
FINDING 04High
4-8h
Hours to investigate "what broke"
When something stops working, the typical investigation involves reading SetupAuditTrail manually, asking around, and guessing. Change Intelligence cuts this to seconds.
Change Timeline20,692 changes · 30d
Every metadata change. Who, when, what, why.
Click any change to see the git-style diff and downstream impact. Sample data: 5 of 20,692 changes from a typical 30-day window.
Clientell · Change Intelligence
Recent changes
Sarah Chen · Salesforce Admin
Mar 4, 2026 · 2:47 PMedited
Component
Opportunity_Stage_Update.flowFlow
Git-style diff
-IF(ISCHANGED(StageName), UPDATE Probability)
+IF(ISCHANGED(StageName) || ISCHANGED(ForecastCategory), UPDATE Probability)
Downstream impact
- Opportunity routing affected
- Forecast report rollup affected
- 14 downstream dependencies
SetupAuditTrail · live polling
Filter by actor, object, change type, or date range. Ask the AI co-pilot about downstream impact.
See your change logCoverage Areas06 / 06 areas
What Change Intelligence actually covers
Six surfaces. Every change attributed, diffed, and analyzed.
01
Full SetupAuditTrail decode
Every metadata change in Setup is logged by Salesforce in SetupAuditTrail, but the raw entries are cryptic ("Changed Custom Field Foo__c" with no diff). We decode every entry, identify the actor, classify the change type, and link it to the metadata it touched.
02
Git-style diff preview
For every change, see the before/after with syntax highlighting. Apex source diff, Flow visual diff, Validation Rule formula diff, picklist value changes. The diff Salesforce should have always had.
03
Downstream impact analysis
For every change, the AI maps the downstream effect: which Flows reference the modified field, which reports break, which integrations depend on the changed permission. Trace cause to effect in seconds.
04
Actor attribution per finding
Pair the change with the audit finding. When the Permissions audit surfaces "User has unnecessary Modify All Data", Change Intelligence tells you it was granted by Sarah on March 4 at 2:47 PM. Root cause to remediation in one view.
05
Filter + search across timeline
Filter by actor, object, component type, change date range, or impact level. Search for a specific change. Export to CSV for compliance review.
06
AI co-pilot on changes
"What changed on the Opportunity object last week?" "Did anyone touch the lead routing flow in the past 30 days?" "Who has been editing permission sets?" Natural language queries against the full change history.
Warning Signs05 / 05
When you need change attribution.
If any of these apply, you need Change Intelligence today.
Something broke and you cannot tell what changed
The classic Salesforce mystery. Yesterday it worked, today it does not, and SetupAuditTrail is cryptic. Change Intelligence shows you every change in the time window with diff and downstream impact.
Auditor asks who has been modifying permission sets
SOC 2 and ISO 27001 require change attribution on access management. Without Change Intelligence, the answer is 'we have logs somewhere, let me check'. With it, you produce the report in under a minute.
Multiple admins touch the same object
When 3 admins all have System Administrator and edit the same Flow, the question 'who changed StageName logic' becomes unanswerable. Change Intelligence attributes every modification.
An integration started misbehaving after a deploy
Someone modified the permission set the integration user uses. Or changed a field type. Or removed a profile assignment. Change Intelligence surfaces every change since the integration last worked correctly.
You inherited the org and have no idea what was customized
Change Intelligence gives you the rolling 90-day history. You see who customized what and can reason about the history. Better than nothing, which is what most orgs start with.
Deliverables05 / 05
What ships
Five capabilities. Free with the Clientell agent.
01
Rolling 90-day change log
Every metadata change in your org, decoded, attributed, classified. Searchable, filterable, exportable.
02
Per-actor change report
For each admin, integration user, or contractor with Setup access, the list of changes they made in any time window.
03
Per-component change history
For each Flow, Profile, Permission Set, Custom Field, or Apex Class, the modification history with diffs.
04
Compliance export (SOC 2 / ISO ready)
CSV or PDF export of changes filtered for compliance review. Pre-formatted for SOC 2 CC6.x evidence collection.
05
Downstream impact analyzer
For each change, the AI calculates the downstream impact: which Flows, reports, integrations, or automations are affected.
FAQ10 / 10
You have
questions,
we have
answers.
Everything teams ask before turning on Change Intelligence.
01What is Salesforce Change Intelligence?
What is Salesforce Change Intelligence?
Change Intelligence is a diagnostic layer that decodes Salesforce SetupAuditTrail (the native Salesforce change log) and attributes every metadata change to its actor, classifies the change type, and analyzes the downstream impact. Most orgs have the SetupAuditTrail data but cannot operationally use it because the raw format is cryptic. Change Intelligence makes it useful.
02What is SetupAuditTrail in Salesforce?
What is SetupAuditTrail in Salesforce?
SetupAuditTrail is the Salesforce-native change log that records every metadata modification in Setup. It includes the actor (who made the change), the timestamp, and a brief description (often cryptic, e.g. "Changed Custom Field Account_Score__c"). Salesforce retains 180 days of history by default. Change Intelligence reads SetupAuditTrail and produces an operational change log on top.
03How is this different from Field History Tracking?
How is this different from Field History Tracking?
Field History Tracking logs data-level changes (record field updates) for up to 20 fields per object. Change Intelligence logs metadata-level changes (Setup modifications: who changed the Flow, who granted the permission, who edited the field definition). These are complementary: Field History is for record audit, Change Intelligence is for org audit.
04Does Clientell store my SetupAuditTrail data?
Does Clientell store my SetupAuditTrail data?
We index it for query performance but the source of truth remains in your Salesforce org. You can revoke the OAuth connection and the index becomes stale. Our processing is SOC 2 Type II compliant and customer-isolated.
05Can Change Intelligence detect unauthorized changes?
Can Change Intelligence detect unauthorized changes?
Yes. Flag a 'sensitive change' set (e.g. profile edits, permission set creation, integration user modifications) and any change in that set generates an alert routed via Slack or email. Pair with the Permissions Audit to define what 'unauthorized' means for your compliance posture.
06How long does it take to ingest 90 days of change history?
How long does it take to ingest 90 days of change history?
Roughly 5-10 minutes for the initial backfill. After that, polling runs every 15 minutes against new SetupAuditTrail entries. Changes appear in the Change Intelligence timeline within 30 minutes of when they happen in Salesforce.
07What can the AI co-pilot do with change data?
What can the AI co-pilot do with change data?
"Who edited the Opportunity routing flow last month?" returns a list of actors with timestamps. "Did anyone modify Sarah's permission set since the SOC 2 audit?" returns a yes/no with the specific changes. "What changed on the Lead object last week?" returns a categorized summary. Natural language queries across the change history.
08Is this the same as Salesforce Shield Event Monitoring?
Is this the same as Salesforce Shield Event Monitoring?
Shield Event Monitoring tracks runtime data access (who viewed which record) and is a separate paid Salesforce product. Change Intelligence tracks metadata configuration changes (who changed which Flow). The two are complementary: Shield for runtime activity, Change Intelligence for org governance.
09How is this different from Salto or Strongpoint?
How is this different from Salto or Strongpoint?
Salto and Strongpoint are change management platforms with deeper change history features but are paid enterprise tools. Change Intelligence is free with the Clientell agent and integrated with the rest of the audit suite. If you need just change tracking, Salto/Strongpoint are deep specialists. If you want change tracking plus audit plus admin plus deploy in one platform, Clientell is the value play.
10Can Change Intelligence prevent bad changes?
Can Change Intelligence prevent bad changes?
It surfaces them after they happen, with downstream impact analysis. To prevent specific changes before they happen, pair Change Intelligence with the Permissions Audit (restrict who can change what) and the Deployments product (require deploy review before metadata changes ship).
Further Reading
Related Salesforce change governance resources
Audits, services, and tools for teams getting change attribution right.
Cheatsheet
SetupAuditTrail Decoder Cheatsheet
Quick reference for the most common SetupAuditTrail action types and their operational meaning.
Read moreAuditPermissions Audit
Pairs perfectly: Permissions Audit shows the over-permissioned user. Change Intelligence shows who granted it.
Read moreAuditCompliance Audit
SOC 2, ISO 27001, HIPAA, GDPR control mapping. Uses Change Intelligence for evidence collection.
Read moreServiceSalesforce Health Check
Broader org audit with Change Intelligence on the History tab.
Read moreAuditFlow Audit
When a flow misbehaves, Change Intelligence shows who modified it.
Read moreAuditAgentforce Readiness Audit
Score your org before launching agents. Pairs with change governance for ongoing monitoring.
Read moreProductAI Salesforce Deployments
Prevent unauthorized changes by gating production deploys through review.
Read moreProductAI Salesforce Admin
The agent that uses change history to understand context before applying fixes.
Read moreServiceSalesforce Managed Services
Continuous change governance instead of point-in-time audits.
Read moreCustomer Reviews
What teams found with the Change Intelligence
“When the validation rule broke, the change intelligence timeline showed exactly which deployment introduced it, three releases back. Forensic investigation that used to take a day, done in five minutes.”
“SetupAuditTrail was unreadable raw. The decoded timeline view is what we hand to auditors now. They actually understand it.”
Trust + security posture
Built for the orgs auditors trust.
Related Audits
Run alongside these adjacent diagnostics
- Audit
Audit-evidence ready
SOC 2 CC7.2 requires change monitoring. The change intelligence layer is the evidence.
- Audit
Permission change history
Cross-reference SetupAuditTrail with permission changes for the full access story.
- Audit
Automation forensics
Trace the exact deployment that introduced each automation conflict.
- Audit
Track-friendly deploys
Modern deployments emit clean SetupAuditTrail entries that make tracking easier.
References
References & Authority Sources
Every claim on this page is anchored to a primary source. The references below cite official standards bodies, Salesforce documentation, and peer-reviewed industry research.
- [1]Monitor Setup Changes — Salesforce Help — Salesforce
Supports: SetupAuditTrail mechanics and retention
- [2]
- [3]
- [4]NIST CSF 2.0 — Detect Function — National Institute of Standards and Technology
Supports: Anomaly detection framework alignment
Getting Started
See your
Salesforce change history.
20,000+ changes per month, decoded, attributed, diffed, and analyzed. Free with the Clientell agent.
Unlimited messages · No credit card required
SOC 2
HIPAA
GDPR
Salesforce Partner