This EventType is defined in OPC 10000-3. Its representation in the AddressSpace is formally defined in Table 25.
Table 25 – AuditEventType definition
Attribute |
Value |
|||||
BrowseName |
AuditEventType |
|||||
IsAbstract |
True |
|||||
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
ModellingRule |
|
Subtype of the BaseEventType defined in 6.4.2, which means it inherits the InstanceDeclarations of that Node. |
||||||
HasProperty |
Variable |
ActionTimeStamp |
UtcTime |
PropertyType |
Mandatory |
|
HasProperty |
Variable |
Status |
Boolean |
PropertyType |
Mandatory |
|
HasProperty |
Variable |
ServerId |
String |
PropertyType |
Mandatory |
|
HasProperty |
Variable |
ClientAuditEntryId |
String |
PropertyType |
Mandatory |
|
HasProperty |
Variable |
ClientUserId |
String |
PropertyType |
Mandatory |
|
Conformance Units |
||||||
Auditing Connections |
||||||
Auditing NodeManagement |
||||||
Auditing History Services |
||||||
Auditing Write |
||||||
Auditing Method |
This EventType inherits all Properties of the BaseEventType. Their semantic is defined in 6.4.2.
ActionTimeStamp identifies the time the user initiated the action that resulted in the AuditEvent being generated. It differs from the Time Property because this is the time the server generated the AuditEvent documenting the action.
Status identifies whether the requested action could be performed (set Status to TRUE) or not (set Status to FALSE).
ServerId uniquely identifies the Server generating the Event. It identifies the Server uniquely even in a server-controlled transparent redundancy scenario where several Servers may use the same URI.
ClientAuditEntryId contains the human-readable AuditEntryId defined in OPC 10000-4. If the Server is unable to decrypt AuditEntryId due to a certificate check failure, then some Client identification should be used such as the Client’s IP Address, port, MAC address and/or DNS name as the ClientAuditEntryId.
The ClientUserId identifies the user of the client requesting an action. The ClientUserId can be obtained from the UserIdentityToken passed in the ActivateSession call. If the UserIdentityToken is a UserNameIdentityToken then the ClientUserId is the UserName. If the UserIdentityToken is an X509IdentityToken then the ClientUserId is the X509 Subject Name of the Certificate. If the UserIdentityToken is an IssuedIdentityToken then the ClientUserId shall be a string that represents the owner of the token. The best choice for the string depends on the type of IssuedIdentityToken. If an AnonymousIdentityToken was used, the value is null. For a SessionlessInvoke Service invocation the ClientUserId shall be a string that represents the owner of the authenticationToken in the requestHeader of the Service invocation such as the name field of a JWT IssuedIdentityToken.