Operation Audit

The FactoryTalk Remote Access clients automatically record the operations (for example, device removal or renaming) performed on their organization resources by users. This information is sent to the FactoryTalk Remote Access organization. Admins can query the audit log at any time by using frontends. This feature cannot be disabled or deleted, even by admins.
Each log contains the following information:
  • The user that performed the operation.
  • The operation code (such as rename of a device).
  • The resource that was the object of the operation (for example, a device).
  • The time stamp.
  • A description of the operation performed.
In more detail, the audit trail contains:
  • Login/logout of users.
  • All CRUD (create, rename, update, delete) operations performed on all organization resources:
    • Users
    • Groups
    • Permissions
    • Device
    • Configurations
  • All remote access operations, with starting time and ending time.
In addition, the organization admin can enable a full log of all operations performed during every remote access session including:
  • Start/end times of remote-control sessions (view-only or interactive).
  • Files transferred.
  • Processes started and stopped.
  • Protocols, IPS, and MACs contacted in a VPN session.
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.