Audit trail event Description
Audit overflow Too many audit events in the time period
Violation remote Unsuccessful login attempt from IEC 61850-8-1 (MMS), WHMI,
FTP or LHMI.
Violation local Unsuccessful login attempt from IEC 61850-8-1 (MMS), WHMI,
FTP or LHMI.
PCM600 Event Viewer can be used to view the audit trail events and process related
events. Audit trail events are visible through dedicated Security events view. Since only
the administrator has the right to read audit trail, authorization must be used in PCM600.
The audit trail cannot be reset, but PCM600 Event Viewer can filter data. Audit trail events
can be configured to be visible also in LHMI/WHMI Event list together with process
related events.
To expose the audit trail events through Event list, define the Authority
logging level parameter via Configuration/Authorization/Security.
This exposes audit trail events to all users.
Table 15: Comparison of authority logging levels
Audit trail event
Authority logging level
None
Configuratio
n change
Setting
group
Setting
group,
control
Settings
edit
All
Configuration change ● ● ● ● ●
Firmware change ● ● ● ● ●
Setting group remote ● ● ● ●
Setting group local ● ● ● ●
Control remote ● ● ●
Control local ● ● ●
Test on ● ● ●
Test off ● ● ●
Reset trips ● ● ●
Setting commit ● ●
Time change ●
View audit log ●
Login ●
Logout ●
Password change ●
Table continues on next page
1MAC456939-IB D Section 3
620 series overview
620 series ANSI 33
Operation Manual
To Next Page
Loading...
