Audited Events - Metasys - LIT-1201793 - Software Application - Site Management Portal - 12.0.50

Metasys Site Management Portal Help

Product name
Site Management Portal
Document type
User Guide
Document number
Revision date

Audited events are significant events occurring in the system that trigger the Audit Trail feature to generate an audit message. The following table lists the features and corresponding actions that initiate the generation of audit messages. The following table also lists Audit Classes (Set 568) in which the actions belong. Click the feature name for more information about that feature.

Note: Do not confuse audited events with those associated with alarming. See Alarm and Event Management for details on alarming.
Table 1. Audited Events


Action Causing Audit Message


Queues each command issued, enabled, disabled, or deleted (Audit Class = User Action)

Alarm and Event Management

By default, the Metasys Server does not create an audit entry when you discard an event that originates on the Metasys Server through the Alarms Window, Event Viewer, or a BACnet device (Audit Class = User Action). To capture audit entries for these events would create an undue number of entries in the database.

  • Engines do not create an audit entry when you discard events that originate on the engine. For details on changing this setting, refer to Creating Audit Entries for Discarded Events in the NAE Commissioning Guide (LIT-1201519).
  • Error messages returned by the Email DDA logged in the Audit Viewer appear in English only.

Audit Trail

  • each command issued to clear the Audit Repository. See Clearing the Audit Repository. (Audit Class = User Action)
  • each command issued to discard an audit message or a group of audit messages. (Audit Class = User Action)
  • each command issued to change the Enabled Audit Level attribute in the Engine Device Object or ADS Device Object based on a system event, a user changing the time of day, or a user command.

See Configuring the Engine Audit Repository. (Audit Class = User Action, Non-critical System Event, Critical System Event, Application, or Diagnostic)

Trend Extensions

Trend Studies

  • each new trend extension created (Audit Class = User Action)
  • each change to the trend routing configuration (Audit Class = User Action)
  • each command issued to the trend extension (Audit Class = User Action)
  • each change to trend views such as creating, deleting, or editing a trend view (Audit Class = User Action)
  • each change to the Engine and Metasys Server configuration (Audit Class = User Action)


  • each item added to or removed from the schedule (Audit Class = User Action)
  • each change to the key item or its scheduled attribute (Audit Class = User Action)
  • each change to the effective period (Audit Class = User Action)
  • each time the schedule is enabled or disabled (Audit Class = User Action or Application)

System Security

  • each successful and failed log in and log out attempt (Audit Class = User Action)
  • each administrative action (Audit Class = User Action)
  • each authentication failure (Audit Class = Application)
  • each authorization failure (Audit Class = Application)

User Graphics Tool (UGT)

each command (Audit Class = User Action)

Navigation Tree and Other Features

  • each user command (Audit Class = User Action)
  • each change in item configuration such as adding, deleting, and editing an item (Audit Class = User Action)
  • each controller upload, download, synchronization, and reset occurring in online mode. Audit messages are not generated for those actions in the SCT offline mode. (Audit Class = User Action, Application, Non-critical System Event, Critical System Event)