Operation Audit
The
FactoryTalk® Remote Access™
clients automatically record the operations (for example, device removal or renaming) performed on their organization resources by users. This information is sent to the FactoryTalk® Remote Access™ organization
. Admins can query the audit log at any time by using frontends. This feature cannot be disabled or deleted, even by admins.Each log contains the following information:
- The user that performed the operation.
- The operation code (such as rename of a device).
- The resource that was the object of the operation (for example, a device).
- The time stamp.
- A description of the operation performed.
In more detail, the audit trail contains:
- Login/logout of users.
- All CRUD (create, rename, update, delete) operations performed on all organization resources:
- Users
- Groups
- Permissions
- Device
- Configurations
- All remote access operations, with starting time and ending time.
In addition, the organization admin can enable a full log of all operations performed during every remote access session including:
- Start/end times of remote-control sessions (view-only or interactive).
- Files transferred.
- Processes started and stopped.
- Protocols, IPS, and MACs contacted in a VPN session.
Provide Feedback