Operation Audit

The
FactoryTalk® Remote Access
 clients automatically record the operations (for example, device removal or renaming) performed on their organization resources by users. This information is sent to the
FactoryTalk® Remote Access
 organization
. Admins can query the audit log at any time by using frontends. This feature cannot be disabled or deleted, even by admins.
Each log contains the following information:
  • The user that performed the operation.
  • The operation code (such as rename of a device).
  • The resource that was the object of the operation (for example, a device).
  • The time stamp.
  • A description of the operation performed.
In more detail, the audit trail contains:
  • Login/logout of users.
  • All CRUD (create, rename, update, delete) operations performed on all organization resources:
    • Users
    • Groups
    • Permissions
    • Device
    • Configurations
  • All remote access operations, with starting time and ending time.
In addition, the organization admin can enable a full log of all operations performed during every remote access session including:
  • Start/end times of remote-control sessions (view-only or interactive).
  • Files transferred.
  • Processes started and stopped.
  • Protocols, IPS, and MACs contacted in a VPN session.
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.
Normal