AVEVA™ Products Feedback Portal

Welcome to our new feedback site!


We created this site to hear your enhancement ideas, suggestions and feedback about AVEVA products and services. All of the feedback you share here is monitored and reviewed by the AVEVA product managers.

To start, select the product of your interest in the left column. Then take a look at the ideas in the list below and VOTE for your favorite ideas submitted by other users. POST your own idea if it hasn’t been suggested yet. Include COMMENTS and share relevant business case details that will help our product team get more information on the suggestion. Please note that your ideas will first be moderated before they are made visible to other users of this portal.

This page is for feedback for specific AVEVA solutions, excluding PI Systems and Data Hub. For links to these other feedback portals, please see the tab RESOURCES below.

Add a new idea Subscribe
Portfolio area Enterprise SCADA Server
Products Other API/SDK Security and DMZ
Created by Collin Heggerud
Created on Jun 10, 2025

RELATED IDEAS

Create separate security event log for all ES security events for IT monitoring

I am submitting this mostly on Simon Guo's behalf, with a few of my own additions (Collin H).

Suggest that a separate security event log (Windows event log) be created to log all ES security-related events to for IT monitoring. This log would be accessible using standard Windows tools.

During OPC UA Client development, GRT required all OPC UA Security events to be logged to the Windows event log and flagged as security events.

Events of interest to IT are failed and successful logins, authorizations, etc. Something that would identify an attack or abuse, whether it be a DoS, or something else.

Expectation

I wonder if there is an existing Enterprise SCADA Application Programing Interface (API) for Extensions applications to consume, so Extensions applications can generate security event accordingly like other events. For example, API can be like:

OasysLogger.GenSecurityEvent( string applicationName, int ID, string eventMessage);
OasysLogger.GenSecurityEvent( string applicationName, int ID, string user, string eventMessage);

OasysLogger.GenSecurityEvent( string applicationName, int ID, string user, string aorArea, string aorGroup, string eventMessage);
Idea business value

Extensions applications, as well as the SCADA Host will compliance to OWASP and IEC 62351.

This would help to maintain ES's cyber-security advantage over competitors.

FYI, in about 1998, I (Collin H) advocated strongly that the oasErrLog could not be moved to the Windows event log. I'm not even sure I was correct at the time, but it is certainly time to re-evaluate.
Idea Type Improvement
Idea priority 3 – Some use to my company
  • Attach files