Audit History Service (history-AuditHistoryService)
The station commissioning process installs and enables this service by default.
Regular events include station configuration changes, such as adding and deleting users. Security events include each time someone logs in and out, and each time someone changes component properties that have been identified as security-related properties. Separating security-related audit records from regular audit records emphasizes the importance of monitoring security and ensures that the audit history file maintains a manageable size. For example, frequent user log-in and —out events may quickly fill a history with unnecessary records. Recording authentication events in a security history prevents a regular audit history from filling up too quickly.
Figure 17. Audit History Service properties
To open this Property Sheet, expand and double-click on the AuditHistoryService in the Nav tree.
The component is designed to audit all property modifications and all action invocations. These events are subject to audit:
- Property changed
- Property added
- Property removed
- Property renamed
- Property reordered
- Action invoked
History Config properties
These properties configure the audit function. A separate set under the heading Security Audit History Source applies specifically to security-related events, such as authentication and changes to security-related properties.
| Property | Value | Description |
|---|---|---|
| Enabled | true or false |
Activates and deactivates use of the component. |
| HistoryConfig | Container for sub-properties used to configure the attributes of the history record stored in the History space. | |
| Id | Text string | Read only value. String results from value configured in history extension’s History Name property. An error string here indicates the History Name property is incorrectly configured .
|
| Time Zone | display or drop-down list | The time zone is set up using the Set System Date/Time, which you access either using a platform connection and or using one of the station’s PlatformServices views (Platform Service Container plugin or System Date and Time Editor). Otherwise, the time zone is displayed for information only. |
| Record Type | Text | Read only values. Displays the data that the record holds in terms of: extension type (history) and data type (BooleanTrendRecord, NumericTrendRecord, and so on). |
| Capacity | Record Count: nnn (500 default), Unlimited | Specifies local storage capacity for histories. In general, 500 (default record count) or less is adequate for a controller
station because those records are usually archived (exported) to a
Unlimited is not the wisest choice even for a
|
| Full Policy | Roll (default), Stop | Applies only if Capacity is set to “Record Count”. Upon specified record count, the oldest records are overwritten by newest
records. Roll ensures that the latest data are recorded. Stop terminates recording when the number of stored records reaches specified history capacity.
Full policy has no effect if |
| Interval | Text string | Read only value. For Interval-based data collection, the cycle time, or how often the history properties are checked. Any time you change this property, a new history is created (or “split-off”) from the original history because histories with different intervals are not compatible. |
| System Tags | Text | This property allows you to assign additional metadata (the System Tag) to a history extension. This identifier is then available for selective import or export of histories using the Niagara System History Import or Niagara System History Export option (using the System Tag Patterns). Each System Tag is separated by a semicolon. For example: NorthAmerica;Region1;Cities. |
| Last Record | Container for read only values for sub-properties that describe attributes of the last recorded change: date/time the last record was made, time zone, and the operation that generated the record, and the user who made the change. |
Last Record properties
| Property | Value | Description |
|---|---|---|
| Timestamp | read-only | Reports when the event occurred. |
| Operation | read-only | Identifies the type of event. |
| Target | read-only | Reports the modified Ord. |
| Slot Name | read-only | Identifies the host IP address. |
| Old Value | read-only | Reports the value before the change. |
| Value | read-only | Reports the new value. |
| User Name | read-only | Identifies the person who made the change. |