How do I resolve the error "did not pass configuration check" when onboarding Salesforce logs to Panther?

ISSUE

Why am I getting one of the following errors when trying to onboard Salesforce logs to Panther?

Source CB Cloud Staging test did not pass configuration check because: eventMonitoring: authentication failed with HTTP status code 500: unable to authenticate [INVALID_LOGIN: Invalid username, password, security token; or user locked out.]

or

Source Salesforce did not pass configuration check because: SOQL file list request failed with API error code INVALID_FIELD: EventType, LogDate, CreatedDate, Sequence, Interval From EventLogFile ...

or

Source Salesforce did not pass configuration check because: eventMonitoring: SOAP API login HTTP request failed...

RESOLUTION

Make sure you are onboarding Salesforce production or Sandbox tenant logs. Staginglogs are not supported.

For INVALID_LOGIN errors: In order to onboard different kinds of Salesforce environments such as Sandboxes, you can proceed manually by uploading your Salesforce logs to an S3 bucket in Panther's supported format, creating a custom schema, and then ingesting your logs using your custom schema.

For INVALID_FIELD or API failed errors: Edit the log source in Panther, and change the pull frequency from Hourly to Daily. Also ensure that Event Monitoring is Enabled.

For [CLIENT_NOT_ACCESSIBLE_FOR_USER: Sorry, your administrator has blocked access to this client.] : check the API Access Control settings in Salesforce.

If "For Admin-approved users, limit API access to allowlisted connected apps" is enabled, ensure that the 'Use Any API client' permission is checked on the Permission Set.

CAUSE

For INVALID_LOGIN errors: this can occur if you attempt to ingest staging logs from Salesforce. 

For INVALID_FIELD errors: this can occur when the Salesforce instance isn't properly configured for hourly log pulling.