Audit Policy Properties

How do I open Audit Policy Properties?
  1. Start
    FactoryTalk Administration Console
     or
    FactoryTalk View Studio
     and log on to the
    FactoryTalk
     Network Directory or
    FactoryTalk
     Local Directory.
  2. In
    Explorer
    , expand the
    System
     folder >
    Policies
     >
    System Policies
    .
  3. Select
    Audit Policy
    .
Use
Audit Policy Properties
 to specify what security-related information is recorded while the system is being used. Audit policies include whether access checks are audited, whether access grants, denies, or both are audited, and so on. Audit messages are sent to
FactoryTalk Diagnostics
, where they can be viewed using the
FactoryTalk Diagnostics
 Viewer. Use these settings to specify what information is audited by the
FactoryTalk
 system.
Setting
Description
Audit changes to configuration and control system
Determines whether to generate audit messages when configuration and control system changes occur across the
FactoryTalk
 system.
Default
: Enabled
To disable audit logging, set this policy to
Disabled
.
If this policy is disabled, audit messages are not routed to
FactoryTalk Diagnostics
 log files, even if logging destinations are configured for audit messages on the
Message Routing
 tab in
Diagnostics Setup
.
Any changes made to the value of the
Audit changes to configuration and control system
 policy itself are always recorded, regardless of whether audit logging is enabled or disabled. If enabled, audit information is sent to
FactoryTalk Diagnostics
.
Audit security access failures
Determines whether to generate an audit message when a user attempts an action and is denied access to the secured object or feature because of insufficient security permissions.
Default
: Disabled
To record audit messages when users fail to access objects because of insufficient security permissions, set this policy to
Enabled
. If enabled, audit information is sent to
FactoryTalk Diagnostics
.
Audit security access successes
Determines whether to generate an audit message when a user attempts an action and is granted access to the secured object or feature because the user has the required security permissions.
Default
: Disabled
To record audit messages when users succeed in accessing objects because of sufficient security permissions, set this policy to
Enabled
. When enabled, this policy might generate a large number of audit messages. Enable this policy only if there is a specific reason for doing so, for example, testing or troubleshooting whether users can access particular features or objects in the system.
If enabled, audit information is sent to
FactoryTalk Diagnostics
.
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.
Normal