You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »


The auditing system in Ignition records actions originating from the Gateway, Perspective and Vision projects. This page lists which actions are logged by the auditing system.  

Gateway Audit Actions

The following actions are recorded in an audit log when the Gateway has a Gateway Audit Profile is configured.

Project System

The following project-based actions are tracked by the auditing system. 

  • Project Property changes made from the Designer.
  • Project setting changes made from the gateway's web interface. 
  • Creating or deleting a project.
  • Saving a project (action recorded as "project update").

Gateway Systems

In addition, project files on the Gateway's file system are closely monitored. If a user or third-party system modifies any of the project files, an entry will be recorded in the auditing system. The following Gateway-level actions are recorded in an audit log when the Gateway has a Gateway Audit Profile is configured.

Modules

  • Installing modules on the Gateway.
  • Restarting a module.
  • Deleting a module.

Gateway - General

  • Gateway startup
  • Gateway shutdown (assuming the gateway was requested to shutdown: unintended shutdowns from power failures and such will not be recorded).

Gateway - Restore

  • Restoring the Gateway from a Gateway backup. Specifically, the Gateway will log that it was asked to before a restore, then perform the restoration. 

Licensing Changes

  • Activating a license.
  • Unactivating a license.
  • Updating a license.

Redundancy

  • Saving after making any changes to the Redundancy Settings page.

Web Server Page

  • Installing or removing a security certificate.
  • Making changes to the Web Server Settings page. 

Gateway Network

  • Saving changes to Gateway Network General Settings .
  • Creating, editing, or deleting outgoing connections.
  • Approving incoming connections.

Email Settings

  • Creating, editing, or deleting an SMTP Profile.

Audit Profile

  • Creating, editing, or deleting an Audit Profile.

User Sources

  • Creating, editing, or deleting a User Source.
  • Creating, editing, or deleting a user.
  • Creating, editing, or deleting a role.
  • User logins against the user source.
  • User logout against the user source.

The following feature is new in Ignition version 8.1.14
Click here to check out the other new features
User Lockout Events will also be recorded. Note that the audit log will record only the initial lockout event, rather than each failed authorization attempt.

Service Security

  • Editing and saving a policy.

Identity Providers

  • Creating, editing, or deleting an Identity Provider configuration.
  • Making changes to a User Attribute Mapping.
  • Creating, editing, or deleting a User Grant.
  • Saving changes on a Security Level Rule.

Security Levels

  • Creating, editing, and deleting security zones

Security Zones

  • Creating, editing, and deleting security zones

Database - Connections

  • Creating, editing or deleting a database connection.

Database - Drivers 

  • Creating, editing or deleting a JDBC driver
  • Creating, editing or deleting a Translator

Store and Forward

  • Creating, editing or deleting a Store and Forward engine.

Alarming - General

  • Saving changes on the Alarming General settings page. 

Alarming - Alarm Journal

  • Creating, editing or deleting an Alarm Journal Profile

Alarming - Notification

  • Creating, editing, or deleting an Alarm Notification Profile. 

Schedules

  • Creating, editing or deleting a schedule.
  • Creating, editing or deleting a holiday.

Tags - Realtime

  • Creating, editing or deleting a Realtime Tag Provider

Tags - Historical

  • Creating, editing or deleting a Historical Tag Provider.

OPC Client Connections

  • Creating, editing or deleting an OPC connection.

OPC UA - Device Connections

  • Creating, editing, or deleting a device connection (editing/saving a device connection configuration without making any changes will be recorded as an edit).
  • Editing a Modbus address mapping via gateway interface on Modbus device connections.
  • Editing DNP3 Aliased Points via gateway interface on DNP3 device connections.
  • Editing tags via gateway interface on Omron NJ device connections.
  • Adding FINS tags via gateway interface on Omron FIN device connections.

OPC UA - Server Settings

  • Editing the OPC UA Settings page.

Enterprise Administration

  • Configuring a gateway to be either an Agent or Controller.

Enterprise Administration - Event Thresholds

  • Changes made to Event thresholds.

Enterprise Administration - Controller Settings

  • Making changes to the Controller Settings page, including uninstalling the controller.

Enterprise Administration - Agent Settings

  • Making changes to the Agent Settings page, including uninstalling the agent.

Enterprise Administration - Agent Management

  • Creating, editing, deleting an Agent Group.

Enterprise Administration - License Management

  • Adding or removing a license from the License Management page. 

Enterprise Administration - Agent Tasks

  • Creating, editing, or deleting an agent task
  • Separate records are taken each time a task executes. 

Sequential Function Charts

  • Changes made to the SFC Settings page.

Add a Record Manually 

  • You can also add a record into the audit profile using the function system.util.audit.

On this page ...


Perspective Auditing Actions

Perspective Sessions generate entries in an assigned audit profile. The following actions are recorded in the Audit Profile:

  • Tag changes from a component binding.
  • Authentication level changes (a user's security level changes).

The following feature is new in Ignition version 8.1.14
Click here to check out the other new features

  • User Lockout Events. Note that the audit log will record only the initial lockout event, rather than each failed authorization attempt. changed


Vision Auditing Actions

The Vision project needs an audit profile configured and auditing enabled. Vision Clients will then log records to an assigned audit profile. Here is a list of audit actions that will be tracked in the Ignition auditing system:

Tags

The following Tag related actions generate entries in the audit log. Note that the functions below must originate from the Tag Browser, the Designer's Scripting Console, or Vision component-based scripts.

  • Tag Creation - Including tags created with the Tag Editor and the system.tag.configure function.
  • Tag Deletion - Including those deleted from the Tag Browser's UI and the system.tag.deleteTags function. 
  • Tag Edits - Including edits made to tags from the Tag Editor and the system.tag.configure function.
  • Moving Tags - Including moves made by drag-and-drop in the Tag Browser or by calling the system.tag.move function.
  • Tag Renames - Renaming a tag generates an entry. 

Vision Tag Writes

Write requests sent from a tag either through a standard Tag Binding, Indirect Tag Binding, or manual entry from the Tag Browser. 

Vision Component Database Writes

The system explicitly captures modifications made to database tables through the following methods:

Database Query Browser

  • If the project opened in the Designer has an assigned Audit Profile, then changes made to database tables using the database query browser are automatically recorded to the audit log. "Changes" in this case refer to UPDATE, DELETE, or INSERT statements manually typed and executed from the database query browser.
  • Enabling edit mode and applying changes, including typing in new values, adding rows, removing rows, and clearing out fields, are recorded as queries called from the project. 

Vision Scripting

The following functions generate entries in the audit log if called from Vision component-based scripts, or from the Designer's Scripting Console.


Designer

Designer Login and Closing

  • Opening a project in the Designer that has auditing enabled will also generate a login entry in the auditing system. Note that this occurs when the user opens the project, not when they log in using the Designer's login screen: auditing is project-based, so the user has to select a project that is being edited first.
  • Closing the Designer effectively counts as logging off, and will generate a "logout" entry. Similar to vision, should the designer close unexpectedly, then an entry will not be recorded. 

Database Query Browser

If the project opened in the Designer has an assigned Audit Profile, then changes made to database tables using the database query browser are automatically recorded to the audit log. "Changes" in this case refer to UPDATE, DELETE, or INSERT statements manually typed and executed from the database query browser.

Enabling edit mode and applying changes, including typing in new values, adding rows, removing rows, and clearing out fields, are recorded as queries called from the project. 


Alarm Notification

Alarm Notification Attempts

Attempts to send out alarm notifications are recorded in the auditing system. Specifically, the Gateway will record when it attempted to send out a notification, as well as if the attempt failed (such as the SMTP server refusing the request). It is important to note that the auditing system can not report failures that occur outside of the Gateway. Thus, if a voice notification fails to send due to some error in the VOIP system, it's possible that the Gateway won't report the VOIP error, but the audit log will have an entry stating that the Gateway attempted to send the notification.


Reporting Module

Report Execution

Reporting Module Reports generate an entry in the auditing system when a report is executed. Thus:

  • Reports running on a schedule will generate an entry.
  • Report schedules executed on demand will generate an entry.
  • Navigating to a Vision window (in either the Designer or a Vision Client) will trigger a report execution, generating an entry in the auditing system.


  • No labels