Set audit policies

Use
Audit Policy Properties
 to specify what security-related information is recorded while the system is being used. Audit policies include whether access checks are audited, whether access grants, denies, or both are audited, and so on. Audit messages are sent to
FactoryTalk Diagnostics
, and are viewed using the
FactoryTalk Diagnostics
 Viewer.
To set up audit policies
  1. In
    FactoryTalk Administration Console
    Explorer
    , expand
    System
    >
    Policies
     >
    System Policies
    .
  2. Right-click
    Audit Policy
     and select
    Properties
    .
  3. In
    Audit Policy Properties,
    for each policy setting listed choose either
    Enabled
     or
    Disabled
    .
    1. Audit changes to configuration and control system
      • Enabled
        (default) - Generates audit messages when configuration and control system changes occur across the
        FactoryTalk
         system.
      • Disabled -
        Does not route audit messages to
        FactoryTalk Diagnostics
         log files, even if logging destinations are configured for audit messages on the
        Message Routing
         tab in
        FactoryTalk Diagnostics
         Setup
        .
      Any changes made to the value of the
      Audit changes to configuration and control system
       policy itself are always recorded, regardless of whether audit logging is enabled or disabled. If enabled, audit information is sent to
      FactoryTalk Diagnostics
      .
    2. Audit security access failures
      • Enabled
         - Generates audit messages when users fail to access objects or features because of insufficient security permissions.
      • Disabled
        (default) - Does not generate audit messages when users fail to access secured objects or features.
    3. Audit security access successes
      • Enabled
         - Generates audit messages when users succeed in accessing objects or features because of sufficient security permissions.
      • Disabled
        (default) - Does not generate audit messages when users succeed in accessing objects or features because of sufficient security permissions.
      When enabled, this policy might generate a large number of audit messages. Enable this policy only if there is a specific reason, for example, testing or troubleshooting whether users are able to access particular features or objects in the system. If enabled, audit information is sent to
      FactoryTalk Diagnostics
      .
  4. Select
    OK
    .
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.
Normal