Audit Trail User Guide IGSS Version 9.0 Contents Chapter 1: The IGSS Audit Trail 1.1 What is the Audit Trail module? Chapter 2: Setting up the Audit Trail 2.1 Setting up the SQL Server for Audit Trail 2.2 Auto-starting the Audit Trail 1 1 3 3 16 Chapter 3: Using the Audit Trail 17 3.1 Understanding the Audit Trail window 17 3.2 The Action list 18 3.3 The Home ribbon 20 3.4 Choosing the view period 23 3.5 Filtering the Audit Trail 25 3.6 Saving and applying views 26 3.7 Adding a user note 26 3.8 Presenting Audit Trail information in the IGSS Dashboard 27 Chapter 4: Reference and Lookup 30 4.1 Conventions in this Manual 30 4.2 Getting Help in IGSS 31 4.3 Version Information (IGSS Help System) 32 Chapter 5: Glossary 34 Chapter 1: The IGSS Audit Trail 1.1 What is the Audit Trail module? In SCADA1 systems it is crucial to be able to monitor all actions performed in the process of the industrial plant. The IGSS V8 SCADA solution includes the new Audit Trail module, that offers a thorough recording of all actions done by its system operators. What is recorded The Audit Trail module can easily be customized to record any of the following operator actions: l Acknowledgement of process alarms l Commands send to the process PLCs l Operators login or logout l Changes in data collection settings l Operator notes written - for example alarm notes or maintenance notes l Changes in analog alarm limits l System start/stop Viewing and filtering the Audit Trail The recorded audit trails are shown in a list in the Audit Trail window. Filtering in this list is flexible and can be performed on many different system parameters. This is useful to track certain operator actions and detect any irregularities in the process control. Below is listed some of the information available for each record of an audit trail: l Operator - which operator has performed the action l IGSS Object - which object is influenced l IGSS Operator station - from where has the action been performed l Action Type - what has been done l Approved by - which second person has approved the action The Audit Trail window Here's an example where numerous user and system actions have been recorded: 1 Supervisory Control & Data Acquisition Chapter 2: Setting up the Audit Trail 2.1 Setting up the SQL Server for Audit Trail If you have a full SQL Server, it will provide all the functionality you need without any limitations. The free version, SQL Server Express, has a max. limit of 4 GB per database. Install and set up the SQL Server 1. Start by installing the SQL Server on the IGSS Server or on another PC in the IGSS network. l SQL Server Express 2008 and Management Tools can be downloaded from this link: http://www.microsoft.com/express/Database/ l SQL Server Express 2005 and its Management Studio is included on the IGSS installation disc. 2. If you're using SQL Server Express, it is recommended to create a new server name, instead of accepting the default name, SQLEXPRESS. For example, you could call it "IGSS". When you create a new SQL Server name, you obtain two advantages: - If you have other applications dependent on SQL Server Express, they will not conflict in the default server, SQLEXPRESS. - You have the full 4 GB of data available, as only IGSS data will be saved in this server. 3. During installation, remember to enable both authentication types, if required. a. Windows Authentication (can only be used, if you're in a domain/workgroup) b. SQL Server Authentication (necessary if you're not in a domain/workgroup) 4. Start the SQL Server Configuration Manager from the Windows Start menu under SQL Server 2008 > Configuration Tools. 5. Make sure that that SQL Server and SQL Server Browser are started. 6. Make sure that following protocols are enabled, both for the Native client and SQL Server . 7. Close the SQL server Configuration Manager. Run the Audit Trail script 1. Start the Microsoft SQL Server Management Studio. 2. Do the following: l Under Server type, select Database Engine. l Under Server name, select the correct server name (see Note above). l Under Authentication, select Windows Authentication or SQL Server Authentication, as required. 3. In the File menu, choose Open -> File. Browse to the [IGSS installation path]\SQL folder. Default path is C:\Program Files\7T\IGSS32\V9.0\SQL. 4. Open the script named audittraildb.sql . 5. Press the Execute! button in the toolbar. 6. Under Messages, there should be 1 line saying (1 Row(s) affected). If there are more lines, an error has occurred. Troubleshoot the error and repeat this step, once fixed. 7. If you have an operator station which is not in the same domain / workgroup as the SQL Server, you must configure an SQL Server Authentication account. 8. In the Object Explorer tree view, unfold the Security branch, right-click on Logins and select New Login. 9. In this particular case I have created an account called sql , with the password sql . 10. On the General page, I have selected default database AUDITTRAIL and for this purpose I have also selected that my sql user is a sysadmin under the Server Roles page. 11. Close the Microsoft SQL Server Management Studio. Set up Audit Trail in System Configuration 1. Start the System Configuration module and select the IGSS server or single user station. No setup is necessary on the operator station in System Configuration. The only requirement for the operator station is that it must have read/write access to the SQL Server. 2. On the Files tab, under Audit Trail , click the SQL Settings button. 3. Select the check box Write audit trail value to SQL Server and click the Database Setup button. 4. In the Data Link Properties dialog box, select the SQL Server Native Client 10.0 data source. Click Next >> . 5. On the Connection tab, do the following: Step 1: Select the SQL Server in the drop-down list. In a real multiuser system, we recommend that you use the actual IP address, for example, 192.168.0.1. Step 2: Set user access to Use Windows NT integrated security or Use a specific user name and password, if you're using SQL Server Authentication. Enter the user name and password and remember to select Allow saving password. Step 3: Under Select the database on the server , select the AUDITTRAIL database. Step 4: Click Test Connection to test that the connection is working. If successful, then click OK. 6. Verify that the SQL Server Settings dialog box has these settings and click OK. 7. Finally, click the Access Control tab. 8. Enable the audit trail by selecting the Keep a record of all user activity in an audit trail database check box. Then select the activities you want to store in the audit trail database. Select the Comment required check box, if you want to force the user to enter a comment for this type of operation. In the Keep audit trail for field, write 0 (zero) to keep records forever or write a specific number of days. User administration and Audit Trail Audit Trail really only makes sense, if you have users logged in. This will allow you to record exactly what happened and who did it. Therefore, we recommend that you do the following before starting the audit trail: 1. Define the relevant users and user groups in the User Administration module. 2. Clear the check box Disable access control on the tab above in the System Configuration module. 3. Make sure that users are logged in permanently, while they are using IGSS. If a user is only temporarily logged in, he will be prompted for his user name and password, everytime the Audit Trail needs to record an activity. 2.2 Auto-starting the Audit Trail Once you've set up the SQL Server for the Audit Trail, you will probably want to automatically start the module everytime the user starts the IGSS project. To auto-start the Audit Trail: 1. Open the System Configuration module. 2. Select the relevant IGSS station. 3. Click the Startup tab. 4. Under Auto start, select the Audit Trail check box. 5. Repeat steps 2-4 for all the stations where you want Audit Trail to start automatically. 6. In the File menu, select Save and Exit. With the auto start option enabled, the Audit Trail module will now be started with the configuration and closed when the configuration is stopped. Chapter 3: Using the Audit Trail 3.1 Understanding the Audit Trail window Before you start using the Audit Trail module, we recommend that you take a few minutes to get familiar with the user interface. The picture below shows the user interface elements of the Audit Trail window. Here is a short description of each element in the user interface. Element Application button Description When you click the application button, a menu will appear. The functions allow you to print and set up print options. The Options item allows you to set up various global settings for the module. Element The ribbon Action list Description "The Home ribbon" on page 20 includes all the functions you need to operate the Audit Trail. "The Action list" on page 18 shows all the recorded system and user actions for the current view period. 3.2 The Action list The Action list shows all recorded system and user actions in the current view period (specified in the Home ribbon). The table below describes the individual fields in the list. Field Date Description Timestamp of the system or user action. By default, time is given in local time. The following action types exist: Type Subtype Output Commands sent by the user to the PLC. Limits Alarm limits changed by the user. Access When the user logs in and out of the system. Note Used for object notes and user notes. Alarm Used for alarm actions, such as acknowledgement and end alarms. System Used for system start and stop (automatic or user-activate Data Used for operations concerning data logging and data colle Shows a further specification of the type above. Example: For the Access type, you will see Login and Logout. Station Shows the name of the station where the action was taken, either by the system or b User Shows the name of the user currently logged in. Area For object operations only. Shows the name of the area in which the object resides. Object For object operations only. Shows the name of the manipulated object. Field Description For object operations only. Shows the atom which was manipulated. Atom Value Shows the value which was sent to the PLC, for example, alarm limits, set points, etc Shows the entire value string. For analog objects, the unit will be displayed as shown in the picture above. For digital objects, the command name will be shown (whereas the Value field shows number). String Note Shows an explanation of the system or user action. Examples are: Command sent, high alarm changed, set point changed, object note a logged in, user note. Field Description Shows further details about the user action. Examples are: Automatic user logout, We need to maintain this motor (object note), ice technician. We need to fix the pump now (user note). Comments Approved by This field is used with the Confirm 2 Users safe command only. It shows the name of the user approving that the safe command will be sent. 3.3 The Home ribbon The Home ribbon includes all the functions needed for using the Audit Trail in the daily plant operation. The table below explains the individual functions and is divided into the function groups shown at the bottom of the ribbon. Group name Note Field Add Note Description Allows you to add an operator note. The note will not be tied to any specific object in the configuration, but is a general operator note. You must be logged in to have access to this function. The button is not active, if you are not logged in. Contents Refresh Performs a manual update of the Action list based on the current filter settings. Freeze While this check box is selected, the automatic update of the Action list is disabled. Group name Period Field View period Description Select the type of period you want to show. Choosing one of the first three options will open the relevant time options in the View tab. Choosing any of the other options will grey out all time options, as these are predefined periods. Show UTC Shows all time stamps in the universal time format, UTC. This is the raw time format used in the IGSS databases. Start date Click the drop-down arrow to browse through the calendar to find the date. Or type the date in the format DD-MM-YYYY. Start time Type the time in the format HH:MM:SS. Or use the up/down arrows to change the time. Span Enter the time span for the data period. Time span can be combined with either start time or end time. End date Click the drop-down arrow to browse through the calendar to find the date. Or type the date in the format DD-MM-YYYY. End time Type the time in the format HH:MM:SS. Or use the up/down arrows to change the time. Group name Filter Field Description Type Select the action types you want to view in the Action list. Area Filter the list by area. The drop-down list shows the areas of the current configuration. Object Filter the Action list by object. Type the name of the object directly in the list or click the three dots (...) beside the field to choose a specific object in the configuration. To filter by multiple objects, you can filter the list using wildcards. For example, writing q* will list all objects starting with the character q. Station name Filter the Action list by IGSS station. Choose the relevant station in the list. User name Filter the Action list by user. Choose the relevant user in the list. Users are defined in the User Administration module. Approved by Filter the list by approving user. An approving user is a user that has approved sending of a safe command. Views Save As View If you want to save a specific filter setup, click this button. You will then be asked to name the filter. Click the drop-down arrow to reveal this menu. Update Selected View will update the current view with the current filter settings. Delete Selected View will remove the filter. Make Default will make this view the default view. Saved Views This list shows the saved views. Choose the relevant view. 3.4 Choosing the view period To get you up-and-running with the Audit Trail as fast as possible, we have developed a series of examples based on the IGSS Demo Configuration. If you start with this topic, you can move through the examples step-by-step as if you were operating a real plant. Precondition: The Audit Trail module must have been set up for saving data in the IGSS SQL Server, before you can perform this procedure. 1. If the IGSS Demo Configuration is not activated, open the System Configuration module. 2. In the File menu, select Open Demo Configuration and then select File and Save and Exit. 3. In the IGSS Start menu, activate the IGSS Starter module. The IGSS Demo Configuration will now be automatically started. 4. In the File menu of Supervise, choose Login. 5. Log in as the administrator user: User name = admin and Password = admin. 6. Let's do some user actions to get some information into the Audit Trail. Click the Customer Cases button, then click the District Heating graphic. 7. Click the motor symbol in the upper left corner of the mimic diagram. 8. In the command menu, select the first command named Auto. 9. Repeat step 6, only this time sending the command Manual . 10. Repeat for the commands, Manual close and Manual open. The Audit Trail should now look like this. 11. Now stop the system from the IGSS Starter. 12. Start it again by hitting the Start button. 13. Let's change the view period. In the Period drop-down list, choose 2 hours back. 14. Now we have the right view period and some actions in the Action list. Let's continue with "Filtering the Audit Trail" on page 25. 3.5 Filtering the Audit Trail We are now ready to filter the Action list. 1. In the Home ribbon under Filter, do the following: l Under Type, select System. We are now seeing the system stop and start actions. 2. Change the Type filter back to (All). 3. Under User name, select the admin user. The Action list should now look like this. 4. As the next step we want to learn how we're "Saving and applying views" on page 26 3.6 Saving and applying views A View in the Audit Trail is a saved filter. You can save as many views as you need. 1. Our current filter shows all actions taken by the admin user. Let's save it as a view. 2. Click the Save as View button. 3. Type the view name Admin user (All) and click OK. 4. The next step is learning how we're "Adding a user note" on page 26 3.7 Adding a user note A user note is a general note to the other users of the system. A user note is not tied to any specific object. The user must be logged into the system in order to create a user note. 1. Click the Add Note icon. 2. Enter this text in the note field: Call the service technicians. We need to maintain those pumps now. 3. Click OK. The user note now appears in the Action list. Notice that the note text itself is shown in the Comments field. 4. The next step is optional, but useful if you are using the IGSS Dashboard module. You will learn how to "Presenting Audit Trail information in the IGSS Dashboard" on page 27 3.8 Presenting Audit Trail information in the IGSS Dashboard If you want to show Audit Trail information in your dashboard(s), you can insert an Audit Trail widget. 1. In the IGSS Start menu, click the Dashboard icon. The default dashboard named Pump Station appears. We will add the Audit Trail widget to this dashboard. 2. Click the Application button in the upper left corner of the window. 3. Select Configuration Mode. 4. On the Configuration tab under Insert Widget, click the Audit Trail icon. 5. Resize the widget and put it at the center of the screen. Notice that you can add user notes and activate views just the same, as if you were in the Audit Trail module. 6. On the Audit Trail tab under Columns Visible When Minimized, select the Area, Object and Atom check boxes. Remember to explain to the end user that by clicking the Maximize button of the widget, he will be able view all information fields. As you can see, all fields are enabled under Columns Visible When Maximized. You have successfully completed the series of Audit Trail examples. Chapter 4: Reference and Lookup 4.1 Conventions in this Manual The following typographical conventions are used: Convention Description User interface element When referring to labels and names in the user interface. User input When the user has to type specific data in IGSS. Example The Data Management tab. Type the following description: Incoming flow in Tank 2 Module name When referring to a module in IGSS Note A note emphasizes or supplements important points of the main text. A note provides information that may apply only in special cases. Tip A tip suggests alternative methods that may not be obvious in the user interface. A tip also helps the user in working more effectively with IGSS. A tip is not essential to the basic understanding of the text. Alternative to this simple find function, you can also filter on text in the messages in Driver Log Filters dialog box. Warning A warning is an important note that is essential for the completion of a task. In some cases, disregarding a warning may result in undesirable functionality or loss of data. If you disregard the System alarm, you may risk loss of data in the LOG and BCL files. Open the Definition module. By default, the timestamp is in universal time format, UTC1. This can be changed in the Driver Log Filters dialog box. 1 Universal Time Coordinated (formerly Greenwich Mean Time), used as the basis for calculating time in most parts of the world. IGSS uses this time format internally in the database. You can switch between UTC and local time by enabling or disabling the "UTC" field in various dialog boxes in the system. 4.2 Getting Help in IGSS IGSS comes with a comprehensive help system designed to help both system designers and operators to get started with IGSS as quickly as possible. Documentation overview The IGSS documentation includes the following items: Documentation item Description Getting Started An introduction to IGSS and its most fundamental terms and features. Getting Started is intended to get you up and running as fast as possible. The manual provides a system and architecture overview followed by a number of real-life use cases you can go through before building your first real IGSS project. The manual is available in Adobe Acrobat format (.pdf). Module help For each module there is a help file with the same name as the module itself, for example, Igss.chm for the Master module, Igss.exe. The help file is invoked by clicking the in the upper right corner of the module. The Table of Contents will then allow you to browse through the topics. For each dialog box there is a help topic with the following standard information: Dialog box help l Overview l Preconditions l Where do I find it? l Field help Dialog box help is invoked by clicking the help button in the upper right hand corner of the dialog box. Thematic help IGSS also provides thematic help. When there is a special theme that requires special attention from the user, a dedicated help file is provided. Examples include "Driver-Specific Help" and "Database Administration Help". Where are the help files located? The IGSS help files are located in the appropriate language folder under the [IGSS InstallPath]. The help files are available in English at release time. The paths to the help files are: Language Path English [IGSS InstallPath]\ENG Danish [IGSS InstallPath]\DAN German [IGSS InstallPath]\DEU Translated help files Selected help files have been translated into Danish and German. If you require help files in your language, please contact 7T. Help updates The IGSS help files are continuously updated and improved. Check regularly with the IGSS Update module in the IGSS Start menu. 4.3 Version Information (IGSS Help System) © 7-Technologies A/S, IGSS Version 9.0 The IGSS help files are based on software build number 10305 (initial release) English help files To update the help files, you must activate the IGSS Update module in the IGSS Start menu. There must be a connection from the PC to the Internet. Every time IGSS Update is run, IGSS help files as well as IGSS system files will automatically be updated on the PC from the 7-Technologies web server. You select the languages you want to update in the Tools menu of the IGSS Update module. If you are not able to update the IGSS system directly via the Internet, the alternative is to download the updates from the 7-Technologies website as zip files. These can then be transferred onto a CD or USB memory stick, which is then the medium used to update on site. After running IGSS Update, the build numbers in various IGSS modules may change to a higher number. This signifies that the module in question has been updated with newer files. Build numbers consist of four digits, where the first digit represents the year and the last three represent the day number in the year in question. The build number can be seen in the About dialog box which can be activated from the Help menu. An example: Build number = 10305 10 = the year 2010 210 = The 210th day of the year Chapter 5: Glossary A Application menu The Application menu is the first ribbon in the IGSS Master module. Click the icon to drop down the menu. The menu contains items that were typically found in the File menu in previous versions of IGSS. In most modules, an "Options" item allows the user to define global module settings. The Application menu was introduced in the Microsoft Office 2010 package. It replaces the Application button (nicknamed Doughnut) which was introduced in IGSS V7 and V8. D descriptor A descriptor is the graphical display of an object. IGSS includes many types of descriptors including: - Built-in standard symbols - Animated symbols (Symbol Factory library) - Graphics and animation - Drawing symbols - Windows controls - ActiveX controls An IGSS object can be represented with different descriptors on different diagrams. Q Quick Access Bar You can customize the Quick Access Bar to include the functions you use most frequently. Simply drag the relevant function from the ribbon to the Quick Access Bar. R Ribbon The Ribbon is a new term/element in the Microsoft universe. The Ribbon replaces the well-known toolbars in applications. The Ribbon provides quick access to the most commonly used functions in the application. The Ribbon is divided into logical groups (the tabs) and each tab is divided into sections (the blocks in the tab). The Ribbon is context-sensitive which means that only relevant functions are accessible dependent on the current user action. S SCADA Supervisory Control & Data Acquisition U UTC Universal Time Coordinated (formerly Greenwich Mean Time), used as the basis for calculating time in most parts of the world. IGSS uses this time format internally in the database. You can switch between UTC and local time by enabling or disabling the "UTC" field in various dialog boxes in the system.
* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project