System Administration

ILS Technology
deviceWISE version 2.5

System Administration Users Guide
March 2011 This book applies to the ILS Technology deviceWISE product components and to all subsequent releases and modifications until otherwise indicated in new editions. Make sure you are using the correct edition for the level of the product. ILS TECHNOLOGY LLC PROVIDES THIS BOOK "AS IS," WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions therefore, this statement may not apply to you. This book could contain technical inaccuracies or typographical errors. Changes are made periodically to the information herein. ILS Technology may make improvements and changes at any time to the product(s) and/or program(s) described in this book. When you send information to ILS Technology, you grant ILS Technology a nonexclusive right to use or distribute the information in any way it believes appropriate, without incurring any obligation to you.
Copyright 2011 by ILS Technology LLC
Contents
Preface .................................................................................................................................... i
Assumptions......................................................................................................................... i How this book is organized ................................................................................................. i Who should read this book ................................................................................................ iii Related deviceWISE documentation ................................................................................. iv Terminology....................................................................................................................... iv
Attention Bit ......................................................................................................................... 1

Turning on an attention bit...................................................................................................1 Clearing the attention bit......................................................................................................4 Related Modify Attention Bit action ...................................................................................4
Automated Log Export .................................................................................................... 5

Enabling the process ............................................................................................................5 Configuring FTP as the delivery mechanism ...............................................................8 Configuring e-mail as the delivery mechanism ............................................................9 Saving the configuration.............................................................................................10 Disabling the automatic export process .............................................................................10
FTP Server .......................................................................................................................... 13

Starting the FTP server ......................................................................................................13 Remotely connecting to the Staging Browser....................................................................14
Licenses ................................................................................................................................ 15
Key-based licensing and activation process ......................................................................15 Enterprise....................................................................................................................15 Device driver ..............................................................................................................15 Runtime ......................................................................................................................16 Adding runtime, enterprise, and device driver license keys ..............................................16 Importing a license key......................................................................................................18
Network Configuration.................................................................................................. 21
Changing general network settings....................................................................................21 Renaming the host .............................................................................................................22 Contents
Adding a DNS search path................................................................................................ 23 Configuring an adapter...................................................................................................... 24
Notifications ....................................................................................................................... 27
Creating the e-mail notification ........................................................................................ 27 Validating and saving the e-mail notification ................................................................... 30 Starting the e-mail notification ......................................................................................... 31
Node Administration...................................................................................................... 33
Configuring the deviceWISE node ................................................................................... 33 Factory default settings ..................................................................................................... 34 Changing the default name ............................................................................................... 34 Getting a hardware ID....................................................................................................... 36 Returning factory default settings ..................................................................................... 37 Backing up a deviceWISE node ................................................................................ 38 Resetting the node to its factory defaults................................................................... 39 Upgrading the deviceWISE node...................................................................................... 40 Memory and disk utilization ...................................................................................... 41 Testing a network connection ........................................................................................... 42 Troubleshooting the network node ................................................................................... 43 Exiting safe mode.............................................................................................................. 45 Generating a diagnostic log file ........................................................................................ 46
Packages .............................................................................................................................. 49
About packages ................................................................................................................. 49 Adding device drivers and specialty extensions ............................................................... 50 Manually restarting the deviceWISE node ....................................................................... 52
Security ................................................................................................................................ 53
Introducing the Security tab .............................................................................................. 53 Creating a role ................................................................................................................... 55 Reviewing the default policy ............................................................................................ 58 Granting access to resources ............................................................................................. 62 Using resource groups....................................................................................................... 63 Administration ........................................................................................................... 64 Devices....................................................................................................................... 73 Enterprise Connectivity ............................................................................................. 78 Local Database........................................................................................................... 81 Mapper ....................................................................................................................... 83 Projects....................................................................................................................... 84 System Logs............................................................................................................... 85
ii System Administration Users Guide
Triggers.......................................................................................................................86 Creating a new policy ........................................................................................................88 Editing a policy...........................................................................................................91 Enabling or disabling a policy ....................................................................................91 Deleting a policy.........................................................................................................92 Adding a user .....................................................................................................................92 Creating a new user ....................................................................................................93 Changing a user password and access privileges .......................................................96 Changing your own password ....................................................................................97 Deleting a user ............................................................................................................97 Enabling or disabling a user .......................................................................................98 Exporting a role, policy, and user ......................................................................................99 Importing a role, policy, and user ....................................................................................100 Setting up Read Write per device variable ......................................................................102 Step 1: Enable Read Write on a per device variable basis .......................................104 Step 2: Allow or deny Read Write access to device variables .................................107 Step 3: Verify Read Write for the specific device variables ....................................111
Staging Browser .............................................................................................................. 115

About the Staging Browser file system ...........................................................................115 Creating a folder ..............................................................................................................116 Putting a file in the folder ................................................................................................119 Copying a file to a remote computer ...............................................................................121 Copying a file to another folder .......................................................................................122 Mapped log files and staging file system.........................................................................124
System Variables ............................................................................................................ 125

Viewing system variables ................................................................................................125 Sample system variables ..................................................................................................126 Exporting the information................................................................................................129
Time Management ......................................................................................................... 131

Setting the current date and time .....................................................................................132 Set Time ...........................................................................................................................133 Time Synchronization Settings ........................................................................................134 Setting an hourly synchronization ............................................................................135 Setting a day of the month synchronization .............................................................135 Setting a weekday synchronization ..........................................................................136 Primary and secondary time servers ................................................................................137 Time Management tab buttons ........................................................................................138
Contents
iii
Appendix A: Notices .................................................................................................... 139

Disclaimers...................................................................................................................... 139 Trademarks...................................................................................................................... 139
Index ................................................................................................................................... 141
iv System Administration Users Guide
Preface
Welcome to deviceWISE. This System Administration Users Guide describes the tasks used for administrative purposes such as initial setup and configuration of the deviceWISE node and for creating users and defining their roles. These tasks are available from tabs located on the Administration window of the Workbench. Because of some differences in the deviceWISE product that you installed, you might not see some of the tabs described in this book.
Assumptions
To use this book, the following is assumed: You are familiar with the Workbench and have reviewed related information in the deviceWISE Users Guide available from the Workbench Help menu. You have started the Workbench and successfully logged on.
How this book is organized

If you have administration privileges, you can use the Administration feature on the Workbench: 1. From Workbench left pane, expand the appropriate deviceWISE node. 2. Click the Administration icon.
Preface
How this book is organized
The Administration window appears.
This book provides an alphabetic organization of the tabs available from the Administration window of the Workbench as follows: Attention Bit on page 1 lets you set a flag to indicate an exception occurred on the deviceWISE node. Automated Log Export on page 5 lets you set up the automatic exporting of exception and audit log files. FTP Server on page 13 enables a remote connection to Staging Browser. The FTP Server is installed when you install deviceWISE. Licenses on page 15 lets you activate new licensing for the deviceWISE node. Network Configuration on page 21 lets you change the default network setting for the deviceWISE node. Node Administration on page 33 lets you configure a newly installed deviceWISE node or troubleshoot a particular network connection. Notifications on page 27 lets you set the deviceWISE node to send an e-mail whenever a system exception occurs. Packages on page 49 lets you add all separately installed device drivers and other types of deviceWISE node extensions. Security on page 53 lets you implement user access to ensure plant floor security. Staging Browser on page 115 provides access to a special area on the deviceWISE node for storing and organizing files.
ii System Administration Users Guide
Who should read this book
System Variables on page 125 is used for troubleshooting deviceWISE software. Time Management on page 131 lets you set the time to the correct time zone. You can also synchronize to a time server. "Appendix A: Notices" contains legal notices and trademarks.
Who should read this book

This book was written for the following audiences: IT personnel who have responsibility for maintenance and control over enterprise-wide database and message-based systems that manufacturers use to maintain production data. Typically, IT personnel will use the Workbench to build and manage deviceWISE projects including transactions, transports, and listeners. Factory floor engineers who own the assembly line related data that is fed to the enterprise systems. Typically, production engineers will use the Workbench to create triggers for the deviceWISE project and manage runtime operations. The production engineer should have a basic knowledge of how to program and operate a programmable logic controller and CPU modules. Administrators who have full control over the domain integrity. This administrator is experienced with policy administration software and relational databases and will use the Workbench to create users and assign passwords and permissions.
Preface
iii
Related deviceWISE documentation
Related deviceWISE documentation

There is related documentation for the deviceWISE product. deviceWISE Users Guide describes how to use the Workbench, create triggers, data mapping, and device definitions. A section in the back of the book provides different data types. Trigger Actions Guide and Reference is a comprehensive guide to trigger actions. Enterprise Connectivity Users Guide describes how to create transports, transport maps, listeners and listener maps used to move data from the plant floor device or other device to an endpoint enterprise application program. Several Quick Start guides provide sample triggers and walks you through how to create the trigger and associated components. device gateway Users Guide describes how to use the device gateway product to define devices and data mappings to move data between disparate devices.
Terminology
This section provides the terminology associated with the deviceWISE environment. Use this terminology as a reference for the rest of this book. Some of the terms and descriptions were taken from the IBM Terminology and the Microsoft Computer Dictionary. The following terms are listed in alphabetic order. Term access privileges Description Permissions set by an administrator that allow or deny users access to certain features of the Workbench such as changing the value of a device variable. By setting access privileges, the administrator controls user access to restricted data and functions.
iv System Administration Users Guide
Terminology
Term action
base unit
control program
controller
CPU module
device variable deviceWISE node
Description Pertains to a trigger. A trigger action specifies what actions to perform during trigger execution. An action is a logical work item that carries out some executable logic and reports back to the trigger with the result. The rack on which all modules including I/O modules, processor modules, and power supplies are mounted. This is the application that is running on the programmable logic controller. The software supports ladder logic, sequential function chart, structured text, and function block programming languages. A programmable device with physical access to plant floor equipment such as motors, sensors, values, pumps, and so forth. The CPU modules provide the processing power that reads the inputs, solves the logic, and writes to the outputs. Each of the different modules have varied capabilities. A named area of the controllers memory where data is stored. A hardware and embedded software appliance
that fits in a slot on a programmable logic controller.

discrete enterprise system A digital value. Refers to large organizations that run multiple servers using high-end business applications such as ERP.
Preface
Terminology
Term event
listener
MAC address
macro map variable
message queue
node
PLC
Description Pertains to a trigger. The event is an object that defines when the trigger should execute. Some common examples of events would be events that detect data changing in a PLC, a message instruction sent from a ladder program, a time schedule, or a message sent from an enterprise server. In deviceWISE, an entity that is configured to accept requests from a remote enterprise application to effect changes on the deviceWISE node and controller variables in a programmatic way. Media Access Control (MAC) is a hardware address. The number is assigned to the deviceWISE node by the manufacturer. MAC addresses (which are physical addresses) uniquely identify a node on a network. In deviceWISE, a pre-defined variable that is not defined in the controller. A variable created and named by IT personnel when building a transaction. The plant floor person will see the map variables when creating the trigger. During runtime, the map variable is resolved to PLC production line data. An ordered list of messages awaiting transmission from which they were taken up on a first in, first out (FIFO) basis. For deviceWISE, a node can be defined as deviceWISE installed on a vendor appliance (such as a CP 343-1 ERPC) connected to and recognized by a network. Using the Workbench, you will have to scan the network for these nodes. programmable logic controller
vi System Administration Users Guide
Terminology
Term polling protocol queue
run time store and forward
suspend transport
trigger
Description The periodic automatic reading of a device variable. A set of rules for transferring data. A WebSphere MQ object to which message queuing applications can put messages, and from which they can get messages. In deviceWISE, a phase in which projects and triggers created during build time are active. In deviceWISE, this is a delivery method in which transactions are held in a temporary storage location before being retransmitted on to their destination. Store and forward queues are created and maintained on the deviceWISE node. Refers to the temporary halting of activity on the deviceWISE node. Refers to the transferring of data that is generated whenever a trigger condition occurs. The data is transferred between a programmable logic controller and some enterprise system (such as a relational database or messaging software). A predefined condition that is monitored by deviceWISE. The trigger contains one or more actions that are executed whenever a runtime event occurs.
Preface
vii
Terminology
viii System Administration Users Guide
Attention Bit
The Attention Bit tab allows you to set a flag that indicates that the deviceWISE node is in an exception state. This state is reflected as follows: On the LED on the front of the CPU device. The list of nodes in the left pane of the Workbench.
In the audit logs of the deviceWISE node.
Turning on an attention bit

You can control what kind of events will cause the attention bit to be turned on, or even control it directly by setting and clearing it from the Attention Bit tab. You cannot use the Attention Bit tab unless you have the appropriate authorization to do so. Follow these steps: 1. From the left pane, expand the deviceWISE node whose attention bit you want to set. 2. Click the Administration icon. The Administration window appears.
Attention Bit
3. Click Attention Bit to bring the tab to the front.
4. Using the down-arrows, select True to set the attention bit on the following conditions: Set when exception occurs: A message is logged to the exception log. Set when device disables: A device becomes disabled (after it was successfully started). Set when trigger overflows: A trigger is in the overflow queue. deviceWISE cannot process some triggers based on the value set in the Max Pending parameter on the trigger definition. Set when trigger disables: A trigger becomes disabled. Set when transport enters SAF: A transport enters store and forward.
2 System Administration Users Guide
Set when disk becomes full. The disk space on the deviceWISE node becomes full. You can refer to Disk Utilization on the Node Administration tab for this information (see Memory and disk utilization on page 41). Set when a mapping is disabled. A data mapping connection becomes disabled. For information about data mapping, see the deviceWISE Users Guide available from the Workbench Help menu.
The bottom of the Attention Bit tab provides these buttons:
The following describes the purpose of these buttons: Name Save Description Saves one or more attention bit conditions that you want to set. When the condition occurs, an attention bit icon appears on the left pane of the Workbench on the deviceWISE node. You can clear the attention bit by using the Clear button. Manually turns on the attention bit on the deviceWISE node.
Set
An attention bit icon appears on the left pane of the Workbench on the deviceWISE node. In addition, the Attention Bit tab status will show as Set.
Attention Bit
Clearing the attention bit
Name Clear
Refresh
Description Removes the attention bit icon from the left pane of the Workbench on the deviceWISE node. Changes the Attention Bit tab to show Not Set. Returns your True or False selection of the attention bit condition to its previous selection.
Clearing the attention bit

You can also remove the attention bit icon from the left pane of the Workbench on the deviceWISE node when you display its pop-up menu, and then click Clear Attention Bit.
Related Modify Attention Bit action

There is a related Modify Attention Bit action that can be set in a trigger. The action is used to set or clear the attention bit at trigger execution time. The action is useful for tighter control over the type of application conditions that cause the bit to be set. For more information, refer to the deviceWISE Trigger Actions Guide and Reference available from the Workbench Help menu.
Automated Log Export

deviceWISE facilitates the automatic exporting of exception and audit log files whenever the log file reaches 1 MB in size. You can use FTP or email to perform the actual file transfer from the deviceWISE node to a remote location anywhere across your intranet or the Internet. A selection and configuration process is required.
Enabling the process

Before you begin, it is assumed that you were assigned administrator privileges for the deviceWISE nodes that you will be working with, started the Workbench, successfully logged on, and expanded the nodes tree. To enable automatic exporting of exception and audit log, follow these steps: 1. From the Workbench left pane, expand the deviceWISE node you want to enable the automatic exporting of system logs. 2. Click the Administration icon.
The Administration window appears.
3. Click the Automated Log Export tab. By default, automatic exporting is disabled. The next step is to activate the file exporting process. 4. From the bottom of the Automated Log Export tab, click Edit.
The Automated Log Export window appears.
The very top of the Automated Log Export window provides check boxes to activate exception and audit log file exporting. At least one check box must be selected in order to activate the file exporting process. Both check boxes can be selected. In addition, the Automated Log Export window provides separate sections for FTP and e-mail configurations.
Configuring FTP as the delivery mechanism
Configuring FTP as the delivery mechanism

The FTP section provides these parameters.
The following table describes each of the parameters when enabling FTP as the delivery mechanism: FTP FTP Information Description Select this check box to activate file transfer protocol (FTP) as the delivery mechanism. This type of transfer is useful when you want the log file sent directly to a specific location. For the file transfer to occur, you must have an FTP server installed on the computer where you are sending the files. This is the user ID for the FTP server program. This is the password for the FTP server program. This is the IP address of the computer where the FTP server is installed. This is the port number of the computer where the FTP server is installed. This is location where you want the file transferred to. Type the path of the computer where the FTP server is installed. For example: /FolderName/SubFolderName
User ID Password Remote Address Port File Location
Configuring e-mail as the delivery mechanism
Configuring e-mail as the delivery mechanism

The e-mail section provides these parameters.
The following describes each of the parameters when enabling e-mail as the delivery mechanism: E-mail E-mail information Description Select this check box to activate e-mail as the delivery mechanism. The log file is sent as an attachment with the e-mail notification. From Address The e-mail address of the person you want the e-mail to appear to be delivered from. To address The e-mail address of the person you want to send the log file to. Mail Server The IP address or host name of the mail Address (SMTP) server. Mail Server Port The port number of the SMTP server (usually 25). Customer Message A text string that you want included in each e-mail that is sent. Note: The subject line of the e-mail will be blank.
Saving the configuration
Saving the configuration

1. After the appropriate values are added, click Save. 2. A message will tell you that the scheduled export configuration has been saved. Click OK. You are returned to the Automated Log Export tab. The tab will be filled in with the information you configured. Upon successful completion of the transfer, a message is recorded in the audit log. If a file transmission fails, an error message will be recorded in the Exceptions log.
Disabling the automatic export process

To disable the automatic exporting of exception and audit log files at any time, follow these steps: 1. From the Workbench left pane, expand the deviceWISE node whose automatic exporting of system logs you want to disable.
2. Click the Administration icon. The Administration window appears. 3. Click the Automated Log Export tab. The Automated Log Export tab appears.
4. At the bottom of the tab, click Edit. The Automated Log Export window appears.
5. Clear either the Enable Exception Log Export or Enable Audit Log Export option or both options.
6. Click Save. 7. A message tells you the configuration was saved. Click OK. Because the settings were not changed, you can re-enable the automatic process by selecting the appropriate Enable check box, and then clicking Save. For more information about log files, see the deviceWISE Users Guide available from the Workbench Help menu.
11
FTP Server
The FTP Server tab is used to enable a remote connection to the Staging Browser. The FTP server is automatically installed when you installed deviceWISE. This chapter assumes that you have read the information in Staging Browser on page 115.
Starting the FTP server

You must start the FTP server in order for the remote connection to occur. Follow these steps: 1. From the left pane, expand the deviceWISE node whose FTP server you want to start. 2. Click the Administration icon. The Administration window appears.
3. Click FTP Server to bring the tab to the front. By default the FTP server is stopped.
FTP Server
13
Remotely connecting to the Staging Browser
4. In the Port box, accept the default port, or type a different port. This is the port that the FTP server is running on. 5. From the bottom of the FTP Server tab, click Start Server. The status of the FTP server is changed to started.
FTP operations can be performed remotely to access data on the specific deviceWISE node staging file system.
Remotely connecting to the Staging Browser

The FTP Server tab supports connecting to the Staging Browser. Using the remote connection, you will be able retrieve data from the deviceWISE node. For more information, see Putting a file in the folder on page 119 and Copying a file to a remote computer on page 121.
Licenses
The Licenses tab lets you activate new licensing for the deviceWISE node.
Key-based licensing and activation process

Prior to using the Licenses tab, you must have completed the steps in Getting a hardware ID on page 36. In addition, you should have received or downloaded the license activation key code from ILS Technology. The key code will turn on all of the requested licenses. The following licenses are available:
Enterprise
Enterprise license refers to the organization within a factory that manages the manufacturing execution system (MES) and Enterprise Resource Planning (ERP) applications. Typically, the Enterprise license also contains the IT department. deviceWISE enables communication from the factory floor to the enterprise, which implies that information is sent from the device on the factory floor to the applications running in the enterprise space (such as MES or ERP applications). The enterprise license supports multiple enterprise protocols including IBM DB2 and IBM WebSphere MQ.
Device driver
A device driver is an installable package that enables communication to one or more types of factory floor devices, such as a PLC, RFID reader, cameras, and barcode readers. Typically, this communication is enabled via network protocols such as TCP or UDP, but also can be enabled via serial (RS-232 and RS-485) or other proprietary protocols.
Licenses
15
Runtime
Runtime
In order to use most features of the deviceWISE node, you must first install a runtime license. To install a runtime license, follow the steps in Importing a license key on page 18. Licenses are attained from your distributor or original equipment manufacturer (OEM). For software purchased directly from ILS Technology, additional licenses can be purchased online at http://www.ilstechnology.com/deviceWISE.
Adding runtime, enterprise, and device driver license keys

Use the Licenses tab to add the activation key code to the deviceWISE node for the licenses that were purchased. Multiple licenses can be part of the same key code. It is assumed that you have started the Workbench, successfully logged on, and expanded the nodes tree. Follow these steps to add the license keys for the runtime, enterprise, or device driver support. 1. From Workbench left pane, expand the deviceWISE node that you want to add the licenses to. 2. Click the Administration icon. The Administration window appears as the right pane. 3. Click the Licenses tab.
Adding runtime, enterprise, and device driver license keys
The tab is empty because no license keys have been added. 4. From the bottom of the Licenses tab, click New. The New License window appears.
5. In the License Key box, type the license key code, and then click OK.
You can also copy and then paste the license key. Appropriate information appears on the Licenses tab.
Licenses
17
Importing a license key
6. Click Refresh. 7. Repeat steps 4, 5, and 6 for each additional license. For this example, there are three licenses. To verify that the enterprise license was added: 1. From the Workbench left pane, expand Enterprise, select Transports, display its pop-up menu, and then click New. The Create Transports window appears. 2. From the Transport Type drop-down list. You should see the appropriate protocols.

You can import a license key from your local computer so that the license becomes active on the deviceWISE node. This process is used mostly for backup and restore purposes. To activate one or more licenses using the import method, follow these steps: 1. From the Workbench left pane, expand the deviceWISE node to which you want to add the license. 2. Click the Administration icon. The Administration window appears. 3. Click the Licenses tab. 4. At the bottom of the Licenses tab, click Import. The License File Location window appears. 5. Change to the location of the file. One or more license key files will appear in the box with a .KEY file extension. 6. Select the file you want to import, and then click Open. A message will tell you the license was successfully imported.
7. Click OK. The license information is added to the Licenses tab. 8. Click Refresh.
Licenses
19
Network Configuration
The Network Configuration tab lets you change the IP address and subnet mask to match the customers network and add other required network settings such as host name and DNS server. Note the Network Configuration tab is not available for all deviceWISE products. You might not see the Network Configuration tab on your installed deviceWISE node.
Changing general network settings

You must have administrator authority in order to add general network settings. In addition, the IT administrator should have supplied you with the necessary network setting information. It is assumed that you have started the Workbench, successfully logged on, and expanded the nodes tree. Follow these steps: 1. From the left pane, expand the deviceWISE node whose settings you want to configure. The deviceWISE nodes default settings will be 192.168.3.3 as its IP address.
2. Click the Administration icon. The Administration window appears.
21
Renaming the host
3. Click the Network Configuration tab.
The number of Adapter tabs shown depend on the hardware configuration of the deviceWISE node.
Renaming the host

The top portion of the Network Configuration has a Host Name box that defaults to STANDARD.
1. Type the name you want to use. The name can be up to 15 characters long. 2. If there are no other changes, click Save Configuration.
Adding a DNS search path
Adding a DNS search path

The DNS tab provides these parameters:
Parameter name DNS Search Path
Manually configure DNS DNS Servers
Description Provides a space to type a domain name. When resolved, this is the domain name that is appended to the host name. For example, if you add apple.com as the DNS search path and type ping xyz at a Windows command prompt, Windows queries for xyz.apple.com. When selected, you must type the DNS settings obtained from your network administrator. Type the IP addresses for DNS servers to search in the order listed, and then click Add.
23
Configuring an adapter
The number of adapters shown depends on the hardware configuration of the deviceWISE node.
Each Adapter tab has its own set of parameters as follows. Parameter name Address Enable interface Automatically obtain address settings Manually configure address IP Address Description Allows communication across the adapter and other adapters. When selected, the IP settings are assigned automatically from the network. When selected, you must type the settings obtained from the network administrator. This is the factory default IP address of the deviceWISE node. Change to the address obtained from your network administrator.
Parameter name Subnet Mask
Default Gateway
Description This is the factory default subnet mask of the deviceWISE node. Change to the subnet mask obtained from your network administrator. This is the factory default IP address for the default local gateway (IP router). Type the gateway address obtained from your network administrator.
1.
To clear the settings, click Reset.
2. To save the settings, click Save Configuration. Changes are immediate. Changed IP address: When you change the IP address for the deviceWISE node, the network connection to the node is broken. You must re-scan the network for the new IP address in order to re-establish a connection to the new IP address and regain access to the deviceWISE node via the Workbench. For more information, refer to scanning for a single IP address in the deviceWISE Users Guide available from the Workbench Help menu. Now that you have established the network settings for the deviceWISE node, you can set the date, time, time zone, and a time synchronization server. For more information, see Setting the current date and time on page 132.
25
Notifications
The Notifications tab provides an online service whereby e-mail can be sent to one or more recipients whenever system difficulties occur. For example, you can set up an e-mail to be sent whenever an exception error occurs (such as a lost TCP connection or some other type of module error). You can also set up e-mail to be sent whenever a WebSphere MQ or database transport change to a store and forward state. Should store and forward reach full capacity (that is considered an error) an e-mail would be sent. When you set up the e-mail, you determine how often you want the message sent and the number of logged messages to send.
Creating the e-mail notification

To set up an e-mail notification, follow these steps: 1. From the left pane, expand the deviceWISE node for which you want to set up e-mail notifications. 2. Click the Administration icon. The Administration window appears. 3. Click the Notifications tab. The Notifications tab appears.
Notifications
27
The tab might contain information about an e-mail notification such as name, type, state, the last notification sent, the last state changed, and when the notification was last changed. 4. Click New at the bottom of the window. The Notification window appears.
The Notification window provides these parameters that let you indicate who to send the e-mail to, the address of the mail server you want to access, and so forth. The following describes each of the parameter on the Notification window: Parameter Name Description Type a name to identify the e-mail notification. When saved, this name and information about the e-mail notification will be listed on the Notifications tab. Display the drop-down list to select to send an e-mail whenever an exception or store and forward error occurs. The e-mail address of the person you want the e-mail to appear to be delivered from. The subject of the e-mail. Spaces are not allowed in the subject line. If you use a space in the subject line, the notification will not be sent. The e-mail address of the person you want to send the message to. These are the main recipients of the message.
Notification Type
From Address Subject Line
To Distribution List
Parameter Add .cc Distribution List (optional) Add Mail Server Address Mail Server Port Custom Message Notification Rate
Number of Messages
Description Click to insert the current e-mail address from the To Distribution List. The e-mail address of the person to send an information-only copy of the message. Click to insert the current e-mail address from the .cc Distribution List. The IP address or host name of the SMTP server. The port number of the SMTP server (usually 25). The text string that you want appended to each e-mail notification that is sent out. Display the drop-down list to set the maximum time interval that messages can be sent. For example, the 1 hour setting means that no more than one e-mail per hour will be sent by the system. The number of messages (from the exception log) to include in the text of the message.
Notifications
29
Validating and saving the e-mail notification
Validating and saving the e-mail notification

All e-mail notifications can be validated. The Notification window provides Save, Validate, and Cancel buttons. 1. After you have filled in each parameter (described on page 28), click Validate.
2. A message will tell you the setting were checked and a test e-mail will be sent to the recipient. Click OK. 3. Click Save. The new e-mail notification is saved to the deviceWISE node and added to the Notifications tab. You might have to click Refresh to see the name. The next step is to start the notification.
Starting the e-mail notification

Once you have validated the e-mail notification parameters, you must manually start the notification process. 1. From the Notifications tab, display the pop-up menu for the notification you want to start.
2. Click Start. The State column changes to Started. From the pop-up menu, you can also edit an existing notification, delete an unwanted notification, import and export a notification. Jumbled text on received e-mails: E-mail notifications work properly when all text is ASCII; however, other language characters (such as Japanese) might be jumbled. To correct the problem (except for the subject line), set your e-mail program to use Unicode (UTF-8).
Notifications
31
Node Administration
This chapter describes the Node Administration tab that lets you configure a newly installed deviceWISE node and troubleshoot a particular network connection.
Configuring the deviceWISE node

You must configure each newly installed deviceWISE node so that it can operate in the companys network. Typically, the IT person will provide the IP address. The network configuration setting is performed using the Node Administration tab from the Administration feature.
Using the Node Administration tab you can perform these tasks: Change the factory default settings for the deviceWISE node. For more information, see Factory default settings on page 34 Obtain the MAC address of the deviceWISE node. See Getting a hardware ID on page 36 and upgrade the deviceWISE node software. Changing the default name on page 34
Node Administration
33
Factory default settings
Troubleshoot network problems. For more information, see Testing a network connection on page 42.
Factory default settings

It is important to know that when first installed, all deviceWISE nodes have these factory default settings: Name IP address Subnet mask Default gateway NEW NODE 192.168.3.3 255.255.255.0 192.168.1.1
Changing the default name

The first step when setting up an deviceWISE node might be to change the default name to a more meaningful name. It is assumed that you have started the Workbench, successfully logged on, and expanded the nodes tree. Follow these steps: 1. From Workbench left pane, expand the deviceWISE node whose name you want to change. 2. Click the Administration icon. The Administration window appears.
Changing the default name
3. Click the Node Administration tab.
4. In the Name box, type the new name, and then click Save Name. The deviceWISE node name can have up to 64 characters and include letters, numbers, and the underscore character. Spaces are allowed. The name of the node is immediately changed on the left pane.
The next step is to add general network settings for the new node. See Changing general network settings on page 21.
Node Administration
35
Getting a hardware ID
Getting a hardware ID
If you want to activate an entitlement key for a deviceWISE runtime system, you must first obtain the hardware ID of the computer where the deviceWISE runtime is installed. For computers running Windows and Linux, you will obtain a MAC address. For computers running HP-UX, you will obtain a serial number. The following provides the process for obtaining the hardware address and ultimately receiving the activation key code. It is assumed that you have started the Workbench, successfully logged on, and you have expanded the nodes tree. 1. From the left pane, expand the deviceWISE node whose hardware address you want to obtain. 2. Click the Administration icon. The Administration window appears. 3. Click the Node Administration tab. 4. Record the address that appears next to MAC Address or Serial Number.
Returning factory default settings
You can also select, copy, then and paste the numbers.
In order to acquire the license activation key codes for the runtime, (the appropriate) enterprise, and device driver licenses, requires that you send ILS Technology an e-mail along with the MAC address of the deviceWISE node. When ILS Technology receives the MAC address, you will receive back an activation key code for the licenses. The activation key code is used in conjunction with the Licenses tab where you use the key code to activate the specific software support. For more information, see Adding runtime, enterprise, and device driver license keys on page 16.
Returning factory default settings

The Node Administration tab provides a feature whereby you can return the deviceWISE node back to its factory default setting. This operation will delete all data from the node and restore default settings such as IP address.
Node Administration
37
Backing up a deviceWISE node
Backing up a deviceWISE node

Before you return the deviceWISE node back to its factory settings, you should back up data on the node. The data is sent to a location that you specify. Follow these steps: 1. From the Workbench left pane, display the pop-up menu for the deviceWISE node whose data you want to save, and then click Back up.
2. A message appears asking if you want to include the network settings. Click Yes or No. If you click No, network settings such as IP address and subnet mask will not be saved in the backup file. That is useful should your organization have several identical deviceWISE nodes and you want to use the backup for restoring purposes. You would not want to have the IP address included. The Back up File Location window appears. The name of the deviceWISE node with IP address appended to the name appears in the File name box. For example: XYZNODE123456789
Resetting the node to its factory defaults
3. Change to the drive and folder that you want to save the data to, and then click Select. 4. A message will tell you the back up was successful. Click OK. The file is saved with a .DBK extension.
Resetting the node to its factory defaults

1. From Workbench left pane, expand the deviceWISE node whose settings you want to restore to factory defaults. 2. Click the Administration icon. The Administration window appears. 3. Click the Node Administration tab. 4. From the bottom of the tab, click Reset to Factory Defaults.
A message appears telling you to back up the current node.
a. If you have backed up the node, click Continue, and then go to Step 5. b. If you have not backed up the node, follow the steps in Backing up a deviceWISE node on page 38, and then go to Step 5. 5. Another message will tell you that the operation will delete all data from the deviceWISE node, and then ask you if you are sure. Click Yes. The deviceWISE node is returned to is original factory settings.
Node Administration
39
Upgrading the deviceWISE node
Upgrading the deviceWISE node

From time to time, you might need to upgrade the software that is installed on the deviceWISE node. It is assumed that you have: Received or downloaded the upgraded software from ILS Technology Started the Workbench and successfully logged on Expanded the appropriate nodes tree Note the Update Firmware feature is not available on the Node Administration tab for all deviceWISE products. You might not see the Update Firmware button on your installed deviceWISE node. Follow these steps: 1. From the left pane, expand the deviceWISE node whose software you want to upgrade. 2. Click the Administration icon. The Administration window appears. 3. Click the Node Administration tab.
Software Release Level shows the latest version of the software that is installed on the deviceWISE node. 4. From the bottom of the tab, click Update Firmware.
Memory and disk utilization
The Update Firmware File Location window appears. 5. Next to Look In, click the down-arrow, and then go to the location of the folder that contains the upgraded software. 6. Select the file. The file name is added to the File Name box. 7. Click Select. 8. A message will tell you that the upgrade was successful. Click OK.
Memory and disk utilization

From the Node Administration tab, you can view how much memory and disk space has been used on the deviceWISE node.
You can set an attention bit to on whenever the disk on the deviceWISE node becomes full (see Turning on an attention bit on page 1).
Node Administration
41
Testing a network connection
Testing a network connection

The Node Administration tab also provides a section where you can troubleshoot network problems. Ping gives you the ability to test whether a particular IP address is reachable across a network. Using the Node Administration tab, you can execute a ping command from the deviceWISE node to another IP address or host name within the network. This feature can be used for debugging connectivity to enterprise servers and plant floor devices. You can base transaction routing on the results of a ping. For example, you can ping an address and then route success and failure based on the result. To quickly check a connection: 1. From the Workbench left pane, click the Administration icon. The Administration window appears. 2. Click the Node Administration tab. 3. Locate the Connection Diagnostics section.
4. In the Address/Host Name box, type the IP address (or host name), and then click Ping. 5. A message with appears with the results of the ping. Click OK. TCP Connect gives you the ability to check the port number that TCP is listening on.
Troubleshooting the network node

The Node Administration tab also provides you with the ability to switch into a diagnostic mode. This mode suspends all started triggers on the current deviceWISE node. The triggers are only suspended and not stopped. This mode logs errors (with extra information) that can be used by technical support personnel for problem solving. Once the errors are recorded, you can generate a file to send to the technical support person. 1. From the Workbench left pane, click the Administration icon. The Administration window appears. 2. Click the Node Administration tab. 3. Locate the System Execution section.
The default mode is Running. 4. Click Toggle Mode. The mode status is changed to Suspended.
Node Administration
43
A banner appears at the bottom of the Projects tabs indicating that trigger execution is in a suspended state. However, the State column does not change.
The banner appears on all project tabs within the deviceWISE node regardless of whether projects are started or stopped or triggers are started or stopped. Once the problem is fixed, be sure to toggle back to Running as suspended mode uses resources and can slow your system. The next step might be to generate a log file to send to technical support personnel to be used for diagnostic purposes.
Exiting safe mode
Exiting safe mode

A deviceWISE node will enter into a safe mode when it detects that it is being restarted within 5 minutes of its last startup time. Safe mode offers a 5 minute recovery period during which you can troubleshoot triggers, data maps, devices, and other items that require intervention. While the deviceWISE node is in safe mode, triggers will not execute. After the 5 minute time period expires, the deviceWISE node will automatically return to normal running mode. You will be alerted that the deviceWISE node has entered into safe mode by the following: The deviceWISE node in the Workbench left pane will show a safe mode icon:
The bottom of the Workbench right pane will show a banner indicating the node has entered safe mode.
While in safe mode, you can stop triggers and other items, view the Exceptions Log, or generate a diagnostic report as part of the problem investigation. The Node Administration tab gives you the ability to manually exit safe mode. 1. From the Workbench left pane, click the Administration icon. The Administration window appears. 2. Click the Node Administration tab. 3. Locate the System Execution section. The mode status is Safe. 4. Click Toggle Mode. The mode status is changed to Running.
Node Administration
45
Generating a diagnostic log file

At any time you can generate a file that has low-level system information about the current deviceWISE node. 1. From the bottom of the Node Administration tab, click Generate Diagnostics File. The Generate Diagnostic File window appears.
2. Next to Look In, click the down-arrow, and then go to the location of the folder where you want to save the file.
3. A file name appears in the File Name box. Notice the file is a zip file. Also notice that the file name is appended with the IP address of the deviceWISE node. 4. Click OK. A progress indicate shows that the file is being generated.
When the file is generated, a message appears that tells you the diagnostic information was saved to the location that you indicated.
5. Click OK. 6. Go to the location of the saved zip file and extract the files. Look for the folders that contain the log files.
Node Administration
47
Packages
The Packages tab lets you add device drivers and other types of deviceWISE node extensions.
About packages
When a device driver or function extension is installed on the deviceWISE node, the name of the driver or extension appears on the Packages tab.
The Packages tab has a table format with columns that provide the name of the package, the type of package (such as a device driver), the version number of the package, and the creator of the package (for this example,
Packages
49
Adding device drivers and specialty extensions
ILS Technology). When a row is selected, additional information appears at the bottom of the tab.

From the Packages tab, you can add or remove the device driver or extension from the deviceWISE node. To add a device driver or extension package, follow these steps: 1. From the Workbench left pane, expand the deviceWISE node that you want to add the package to. 2. Click the Administration icon. The Administration window appears.
3. Click Packages to bring the tab to the front. The window is empty because no device driver or extension package has been added. 4. At the bottom of the Package tab, click Add.
The Package File Location window appears.
5. Change to the location of the packages file, and then select the file. The file name is added to the File name box. 6. Click Select. 7. A message tells you the deviceWISE node will be restarted, and then asks if you really want to add the specified package. Click Yes. Depending on your operating environment, deviceWISE might automatically restart or you might have to manually restart the node. For more information, see Manually restarting the deviceWISE node (next).
Packages
51
Manually restarting the deviceWISE node
Manually restarting the deviceWISE node

Whenever you install a deviceWISE driver package, even though the deviceWISE node might be automatically restarted, it is recommended that the deviceWISE node be manually re-started. You will know that the driver package was installed successfully (assuming licenses were added) because you will see the corresponding device type listed in the Device window.
To manually restart a deviceWISE node, toggle the RESET switch on the deviceWISE node or power off the rack where the node is located.
Security
deviceWISE provides a security feature that controls user access to ensure plant floor integrity. The security feature applies policy-based resources with roles. A user is paired with a role to provide the policy-based authorization. This chapter will describe the tasks for implementing a security system for the deviceWISE environment including: Creating a role on page 55 Reviewing the default policy on page 58 Granting access to resources on page 62 Using resource groups on page 63 Creating a new policy on page 88 Adding a user on page 92 Setting up Read Write per device variable on page 102
It is assumed that you were assigned administrator privileges for the deviceWISE node that you will be working with.
Introducing the Security tab

The Security tab is used to establish who is allowed access to specific features or perform specific tasks on the deviceWISE node. To use the Security tab, follow these steps: 1. From the Workbench left pane, expand the appropriate deviceWISE node. 2. Click the Administration icon. The Administration window appears. 3. Click the Security tab.
Security
53
Introducing the Security tab
The Security tab comes to the front.
The Security tab provides a set of tabs that enable security for the deviceWISE node as follows: Roles tab. Used to create a role and specify a role name and description. An example of a role might be a Technician2. For more information, see Creating a role on page 55. Policies tab. Used to create a policy and pair one or more built-in resources with one or more roles. An example of a policy is Create Trigger. You can pair Technician2 with Create Trigger. For more information, see Reviewing the default policy on page 58. Users tab. Used to create a user and specify one or more roles. User David Hayes could be assigned Technician2 giving him the ability to create triggers. For more information, see Adding a user on page 92.
Creating a role
Creating a role
Roles dictate the access level for the user. A role gives a user specific privileges on the deviceWISE node. A user can be assigned as many roles as needed. By default, the Workbench provides three roles: Administrators provides access to common administration functions. IT Users provides access to common information technology functions. Plant Users provides access to common plant user functions.
As an administrator you can limit these roles by assigning policies, as described in Reviewing the default policy on page 58. A single policy can affect multiple roles. Therefore, a user can have one or more roles, and each policy can affect those roles. To create a role, follow these steps: 1. From the Workbench left pane, expand the deviceWISE node for which you want to create a role. 2. Click the Administration icon. The Administration window appears. 3. Click the Security tab, and then click the Roles tab. The Roles tab appears.
The Roles tab provides the default list of roles.
Security
55
Creating a role
4. At the bottom of the Roles tab, click New. You can also display a pop-up menu. Anywhere on the Roles tab, right-click to display its pop-up menu, and then click New.
The Add Role window appears.
5. In the Name box, type a name for the role. For example, Technician2. 6. In the Description box, type an appropriate description. For example, Analyst for moch machine. 7. Click Add. The new role is added to the Roles tab.
Creating a role
The Technician2 role will be available when you create a new policy and a new user.
Security
57
Reviewing the default policy

The Workbench implements a policy-based security system where multiple overlapping policies might be activated at any given time. You can have basic policies that set up the rules for access to features such as trigger management, creating transports, and so forth. A policy gives each role its privileges to the deviceWISE node. By default, the Workbench provides a Default Policy on the deviceWISE node. You can use the default policy or create a new policy. Before you create another policy, you should review the features available with the default policy. To review features of the default policy, follow these steps: 1. From the Workbench left pane, expand the deviceWISE node for which you want to create a role. 2. Click the Administration icon. The Administration window appears. 3. Click the Security tab, and then click the Policies tab. The Policies tab appears.
The Policies tab provides a default policy and a table format with these columns. Column Name Description A unique name for the policy. When you create a new policy, the policy is added as a row to the table on the Policies tab. deviceWISE provides a predefined policy named Default Policy.
Column State
Description Can be Enabled or Disable. Enabled The policy is available for use. Disabled The policy is not available for use. To make a policy available, select it, and then click Enable from the bottom of the Policies tab. Priority Because multiple policies can affect a single role, it is possible to have overlapping access privileges. The priority determines which policy should have precedence. The lower the priority, the higher precedence a policy will have. Last State Changed Displays the date and time the policy was last enabled or disabled. Last Modified Displays the date and time the policy was last changed.
Security
59
4. At the bottom of the Policies tab, click Edit. You can also display a popup menu. Anywhere on the Policies tab, right-click to display its pop-up menu, and then click Edit.
The Policy window similar to the following appears.
Resource
Role
Using the Policy window, you pair resources with roles. For information on how to pair a resource with a role, see Granting access to resources on page 62.
The Policy window provides columns for resources and roles as follows: Column name Resource Description When you create a policy, you assign access levels to resources, which are grouped according to function. The resources list that appears under the Resource column is based on license type and software drivers installed on your deviceWISE node. For more information, see Using resource groups on page 63. A default role. The access levels assigned to the default administrator role appear as check marks or Xs. A default role. The access levels assigned to the default IT user role appear as check marks or Xs. A default role. The access levels assigned to the default plant user role appear as check marks or Xs.
Administrators
IT Users Plant Users
Before creating a new policy, you should review Granting access to resources (next), and Using resource groups on page 63.
Security
61
Granting access to resources
Granting access to resources

Notice the check marks and Xs in the Policy window.
deviceWISE identifies access to resources with those symbols as follows: Allow Access A green check mark indicates that access is granted to one resource or a resource group and its resources. Inherit Allow A gray check mark indicates that access is granted to a resource because an Allow Access was granted to the resource group. A red X indicates that access is denied to one resource or a resource group and its resources. A gray X indicates that access is denied to a resource because a Deny Access was granted to the resource group.
Deny Access Inherit Deny
To change the access, locate the specific resource and simply click the symbol under the appropriate role column.
Click to change.
Using resource groups
Using resource groups

By default, the Workbench provides several resource groups. The resources are available from the Policy window under the Resource column.
Different Resource list? Your Resource list might not exactly match the list that is described in this chapter. The resources list that is available from the Policy window is based on features and software drivers installed on your deviceWISE node. In addition, the deviceWISE product is available in several different license configurations that also affect the resources that appear in the list. To expand the resource, click the plus sign. The following describes each resource.
Security
63
Administration
Administration
The Administration group allows the user to enforce access to each deviceWISE node and controller environment.
When you apply allow access to the top level Administration, all resources in the Administration group are allowed access. There are several major categories under Administration: Attention Bit Attention Bit allows the user to use features on the Attention Bit tab.
For more information, see Turning on an attention bit on page 1.
Administration
Change Settings Allows the user to modify the attention bit condition on the Attention Bit tab.
Clear Allows the user to clear the attention bit on the deviceWISE node using the Clear button from the bottom of the Attention Bit tab or the Clear Attention Bit menu from the Workbench left pane.
Set Allows the user to set the attention bit on the deviceWISE node using the Set button from the bottom of the Attention Bit tab.
Security
65
Administration
FTP Server Allows the user to view and use features of the FTP Server tab.
The FTP Server is used in conjunction with FTP trigger actions (Staging File System category). Change Settings Allows the user to change the port address of the FTP server. Read Allows the user to perform read operations on files using an FTP Get or Put. The user cannot overwrite any existing files. Start Server Allows the user to start the FTP server. Stop Server Allows the user to stop the FTP server. Write Allows the user to perform write operations on files using an FTP Get or Put. The user can overwrite existing files. FTP server Read and Write security policy: Note that FTP server read and write permission is not changed on the fly. For example, suppose a user is logged on and his or her access permission to FTP server read and write is changed to deny. The user will not be logged off the system and his or her access permission remains the same until he or she personally logs off.
Administration
General General allows the user to manage various deviceWISE node maintenance.
The resources listed under General are based on the installed license, software driver, and deviceWISE platform. Description Allows the user to change the description of a deviceWISE node using the Node Administration tab. Firmware Update Allows the user to update installed software on the deviceWISE node to the latest version. Install Packages Allows the user to add a software driver to the deviceWISE node using the Packages tab. Log Export Allows the user to edit the Automated Log Export settings which enables automated log exporting through FTP or e-mail. Name Allows the user to change the name of a deviceWISE node. Network Allows the user to add or change network settings for the deviceWISE node.
Security
67
Administration
Reset to Factory Defaults Allows the user to return the deviceWISE node back to its factory settings using the Reset to Factory Default button on the Node Administration tab.
System Restart Allows the user to shut down and then restart the deviceWISE node using the Node Reboot button on the Node Administration tab or an Operating System action from a trigger definition. For more information, refer to the Trigger Action Guide and Reference available from the Workbench Help menu. You will not see this resource unless you have a deviceWISE Device Gateway product. Timesync Allows the user to setup scheduled time synchronization settings using the Time Management tab. Time Allows the user to set or change the time settings using the Time Management tab. You can set the time zone, daylight savings time, and a time synchronization server. For more information, see Setting the current date and time on page 132. Uninstall Packages Allows the user to remove a software driver to the deviceWISE node using the Packages tab.
Licenses Allows the user to install and delete licenses using the Licenses tab.
For more information, see Key-based licensing and activation process on page 15.
Administration
Notifications Notifications allows the user to manage the online service whereby an e-mail can be sent to one or more recipients whenever system difficulties occur.
Add Allows the user to set up an e-mail notification based on the content of the exception log using the Notifications tab.
Delete Allows the user to delete e-mail notifications. Edit Allows the user to change the setup of the e-mail notification. Start Allows the user to start sending e-mail notifications. Stop Allows the user to stop sending e-mail notifications. For more information, see Creating the e-mail notification on page 27.
Security
69
Administration
Security Security allows the user to manage policies, users, and roles using the Security tab.
Policy Management Policy Management allows the user to manage defined policies on the deviceWISE node.
Add Allows the user to add a policy, specifying its name, priority, and resource access privileges. The default status is disabled. Delete Allows the user to delete a policy. Disable Allows the user to disable a policy, thus making it unavailable for use. The name of the policy remains in the Policies tab with Disabled status. Edit Allows the user to change a policy. Enable Allows the user to enable a policy, thus making it available for use.
Administration
Role Management Allows the user to add new roles or delete existing roles on the deviceWISE node.
Add Allows the user to add a new role. Delete Allows the user to delete a role. User Management Allows the user to manage users on the deviceWISE node.
Add Allows the user to create a new user and specify the user name, password, and role access rights. For more information, see Adding a user on page 92. Delete Allows the user to delete a user. The name of the user is removed from the Users tab. Disable Allows the user to disable a user while keeping the user definitions, but making it unavailable for use. The name of the user remains in the Users tab with Disabled status. Edit Allows the user to edit the password and role access privileges of another user. Enable Allows the user to enable a user, thus making it available for use.
Security
71
Administration
Staging Browser Allows the user to view and use file system function available from the Staging Browser tab.
Read Allows the user the ability to use Get from the Staging Browser tab. View Allows the user the ability to view the Staging Browser tab. Write Allows the user the ability to copy, move, and delete files from the Staging Browser and file operation actions. The user is also allowed to use Put from the Staging Browser.
Staging Browser resources are also used in conjunction with Staging File System actions. For more information, refer to the Trigger Action Guide and Reference available from the Workbench Help menu. View Allows the user to see the Administration icon from the Workbench left pane.
Without this view permission the user will not be able to use any of the features on the Administration tab.
Devices
Devices
The Devices group allows the user to set up a local CPU or a connection to a remote PLC using the Devices tab.
Resources listed under the Devices tree depend on the device driver installed on the deviceWISE node. To see some resources, the device must be started.
Security
73
Devices
Clear Status Allows the user to clear values from the Status and Extended Status columns on the Devices tab. Create Allows the user to setup a connection to a local or remote device using the New button on the Devices tab. For more information, refer to adding a remote device definition in the deviceWISE Users Guide available from the Workbench Help menu. Delete Allows the user to delete device definitions from the Devices tab. Edit Allows the user to change parameters for a local deviceWISE node and remote devices from the Devices tab. Execute If you have created global variable devices, alias variable devices, or you have installed a deviceWISE driver that supports device commands, those devices and device commands will appear under Execute. To see resources under Execute, the devices must be started. device commands
global variable device
Execute allows the user to clear values from global variables devices and alias variable devices and use device commands. For more information, refer to the deviceWISE Users Guide available from the Workbench Help menu.
Devices
Export Allows the user to select Export from the Devices tab and then export one or more devices using the following window.
OPC Server Allows the user to use the OPC feature to change settings and start and stop the server.
The OPC Server capability is enabled when you have an OPC Client Server package and a license for the OPC drivers. You will see the OPC Server icon on the Workbench left pane. If you have not installed the OPC Server extension package, the OPC Server icon will not appear on the Workbench left pane. Change Settings Allows the user to change parameters on the OPC Server and OPC-UA Server tabs. Start Server and Stop Server Allows the user to start and stop an OPC server service. OPC clients cannot connect to deviceWISE node unless the OPC server service is started. Likewise, when the OPC server service is stopped, all clients are dropped.
Security
75
Devices
Read Allows the user to read the value of all device variables from the list in the Variables tab.
device variables To see a device name under Read, the device must be started. In addition, to see the device variables that are associated with the device, security for the device must be enabled. For more information, see Setting up Read Write per device variable on page 102. If the user does not have read access to the device variable, he or she will not be able to start a data trigger that references the device variable. In addition, if the user is creating a trigger and then specifies the device variable when setting a trigger action (such as a Set action) that reads from the device variable, the user will not be able to start that trigger. Start Allows the user to start the deviceWISE data monitoring service for a local deviceWISE node and remote devices on the Devices tab. Stop Allows the user to stop the deviceWISE data monitoring service for a local deviceWISE node and remote devices on the Devices tab.
Devices
View Allows the user to select the Devices and Variables icons from the Workbench left pane and then view the Devices tab and Variables tab. For more information, refer to using the Devices tab and the Variables tab in the deviceWISE Users Guide available from the Workbench Help menu. Write Allows the user to change the value of a device variable in the Variables tab. To see a device resource under Write, the device must be started.
device variable
In addition, to see the device variables that are associated with the device, security for the device must be enabled. For more information, see Setting up Read Write per device variable on page 102. If the user does not have write access to the device variable, he or she will not be able start a data trigger that references the device variable. In addition, if the user does not have write access, he or she will not be able to start a data trigger that contains an action that reads from the device variable.
Security
77
Enterprise Connectivity
The Enterprise Connectivity group allows the user to create and manage listener maps, listeners, transport maps, and transports.
Listener Maps Listener Maps allow the user to create and manage listener maps.
Add Allows the user to create a listener map. Delete Allows the user to delete a listener map. Edit Allows the user to edit a listener map. Export Allows the user to export one or more listener maps. View Allows the user to select the Listener Maps icon from the Workbench left pane to display the Listener Maps tab.
Listeners Listeners allows the user to create and manage listeners.
Add Allows the user to create a listener. Delete Allows the user to delete a listener. Edit Allows the user to change a listener. Export Allows the user to export one or more listeners. Start Allows the user to start a listener. Stop Allows the user to stop a listener. Validate Allows the user to test a connection to a remote queue or topic. View Allows the user to select the Listeners icon from the Workbench left pane to display the Listeners tab.
Security
79
Transport Maps Transport Maps allows the user to create and manage transport maps.
Add Allows the user to create a transport map. Delete Allows the user to delete a transport map. Edit Allows the user to change a transport map. Export Allows the user to export one or more transport maps. View Allows the user to select the Transport Maps icon from the Workbench left pane and then view the Transport Maps tab.
Transports Transports allows the user to create and manage transports.
Add Allows the user to create a transport.
Local Database
Delete Allows the user to delete a transport if it is not in use by a transport map. Edit Allows the user to edit a transport. Export Allows the user to export one or more transports. Resume Allows the user to resume a suspended transport and returns it to its normal mode. Suspend Allows the user to stop the delivery of transactions to the final destination of the transport even if that destination is reachable and services are up and running on the destination host. Validate Allows the user to test the connection to the transport target application. View Allows the user to select the Transports icon from the Workbench left pane to display the Transports tab.
Local Database
The Local Database group allows the user to view and use the Local Database window including creating and deleting tables, and inserting and deleting rows in the table.
Change Data Allows the user to: Use SQL operations (such as Insert, Update, Delete) in order to change data that resides in a local database table using the Execute SQL tab on the Local Database window. Import the contents of a local database table using the Local DB Import trigger action.
Security
81
Local Database
Change Schema Allows the user to: Import one or more database table definitions using the Tables tab on the Local Database window. Import one or more index definitions using the Management tab on the Local Database window. Create a local database index using the Management tab. Create local database tables using the Tables tab. Delete one or more local database indexes using the Delete button on the Management tab. Delete one or more local database tables using the Delete Table button from the Tables tab Create tables and indexes using the Execute SQL tab on the Local Database window.
Execute SQL Allows the user to use features available on the local database Execute SQL tab on the Local Database window. Export Allows the user to: Export one or more local database table definitions. Export one or more local database index definitions. Export the contents of a table from the local database using Local DB Export trigger action.
View Allows the user to view information on each Local Database window tab (Tables, Management, Execute SQL).
For more information, refer to using a local database in the Enterprise Connectivity Users Guide available from the Workbench Help menu.
Mapper
Mapper
The Mapper group allows the user to use the deviceWISE Data Mapping feature.
Clear Counters Allows the user to display a pop-up menu for the selected row on the Data Mapping tab and then click Clear Counters to remove all number counts. Create Allows the user to use the New button on the Data Mapping tab to create a new data map. Delete Allows the user to use the Delete button on the Data Mapping tab to delete one or more data maps. Edit Allows the user to use the Edit button on the Data Mapping tab to change the selected data map. Export Allows the user to display a pop-up menu for the selected row on the Data Mapping tab and then click Export to export one or more data maps. Start Allows the user to display a pop-up menu for the selected row on the Data Mapping tab and then click Start to start the transfer of data. Stop Allows the user to display a pop-up menu for the selected row on the Data Mapping tab and then click Stop to stop the transfer of data.
Security
83
Projects
View Allows the user to see the Data Mapping icon from the Workbench left pane.
Without this permission the user will not be able to use any of the features of Data Mapping. The Data Mapping icon will not appear in the Workbench left pane.
Projects
The Projects group allows the user to manage all projects within the current deviceWISE node.
Create Allows the user to create a project. Delete Allows the user to delete a project. Export Allows the user to export a project. Start Allows the user to start a project (and all of its started triggers). You must also allow access to Start on the Triggers resource. For more information, see Triggers on page 86. Stop Allows the user to stop a project. View Allows the user to expand the Projects icon from the Workbench left pane and then view the Projects tab. Without this permission, the Projects icon will not appear in the Workbench left pane when the user logs on.
System Logs
System Logs
The System Logs group allows the user to manage transport or listener logs.
Clear Audit Logs Allows the user to clear the content of the audit log files using the Clear Log button. Clear Exception Logs Allows the user to clear the content of the exception log files using the Clear Log button. Clear Mapping Logs Allows the user to delete the content of a transport or listener log file using the Delete Log button. Not available for products that do not support transports and listeners. View Allows the user to select the Logs & Reports icon in the Workbench left pane to display the Logs & Reports window. Without
Security
85
Triggers
this permission the user will not be able to use any of the features of Logs & Reports.
The Log & Reports icon will not appear in the Workbench left pane.
Triggers
The Triggers group allows the user to manage all triggers within the current deviceWISE node.
Create Allows the user to create a trigger. Delete Allows the user to delete a trigger. Edit Allows the user to edit a trigger.
Triggers
Export Allows the user to export one or more triggers from the project (project tab) that the trigger belongs to. Reports The Reports resource allows the user to: Change Settings. The user can click the Settings button from the Reports tab to display the Reporting Settings window.
When the user is allowed access to this resource, he or she can change the parameters on the Reporting Settings window, and then click Save to apply the changed settings. Delete. The user can use the Delete button from the Reports tab to delete one or more reports. Generate. The user can generate a report for a specific trigger from the project tab that the trigger belongs to. View. The user can view a report from the Reports tab for a specific trigger. Without this permission the user will not be able to use the Reports feature of Logs & Reports. The Reports icon will not appear in the Workbench left pane.
Start Allows the user to start a trigger from the project tab that the triggers belongs to. Stop Allows the user to stop a trigger from project tab that the triggers belongs to.
Security
87
Creating a new policy
Suspend Execution Allows the user to use the System Execution section of the Node Administration tab of the Administration window.
The Toggle Mode button lets the user change the state of all triggers for the deviceWISE node to either Running or Suspended (meaning the ability of all triggers to run or be suspended if executed). For more information, see Troubleshooting the network node on page 43. View Allows the user to select the Projects icon from the Workbench left pane and then click the project tab that contains the triggers. The user must have allow access to Projects. For more information, see Projects on page 84.

Now that you understand the resources that are available for a policy, you are ready to create a policy. Follow these steps: 1. From the Workbench left pane, expand the deviceWISE node for which you want to create a role. 2. Click the Administration icon. The Administration window appears. 3. Click the Security tab, and then click the Policies tab.
The Policies tab appears.
The Policies tab provides a default policy. 4. At the bottom of the Policies tab, click New. The Policy window appears.
5. In the Policy box, type a name for the policy. For this example, FloorDevice101. The name can be up to 31 characters in length and can include letters, numbers, and the underscore character. Spaces are allowed. 6. In the Priority box, type a value for the policy. The value determines which policy should have precedence. The lower the value, the higher the precedence a policy will have for a role. For this example, type 7. Six policies will have precedence over this priority. The next step is to associate a resource with a role. You will want to specify allow access next to the role.
Security
89
7. Expand the resource that you want to associate with a role. For this example, expand Devices, and then select Read.
By default, all roles are denied access to all resources. 8. Local the junction between the Read resource and the Technician2 . role, and then click the The X turns into a green check mark. Read access is granted to anyone who might become a member of the Technician2 role. 9. Repeat steps 6 through 7 to grant access to other roles and other resources. 10. Click Save. The new policy is added to the Policies tab.
Editing a policy
By default, all newly-created policies are in the Disabled state. You must change the state to Enabled so that the policy becomes available to the deviceWISE authentication system.
Editing a policy
To edit an existing policy, follow these steps. 1. From the left pane, expand the deviceWISE node you want to edit. 2. Click the Administration icon. The Administration window appears. 3. Click the Security tab, and then click the Policies tab. 4. Select the policy you want to edit, right-click to display its pop-up menu, and then click Edit. The Policy window appears. 5. Make the changes, and then click Save. If a policy is in the disabled state, it will be saved. If the policy is in the enabled state, a message will ask if this policy should be applied now.
Depending on whether you click Yes or No, the following happens: Yes Any changes to the policy take effect immediately. No Changes will not take effect until you manually apply the changes, restart the deviceWISE node, or disable and then reenable the policy.
Enabling or disabling a policy

To change the state of a policy from disabled to enabled or enabled to disabled, follow these steps. 1. From the left pane, expand the deviceWISE node that contains the policy you want to enable or disable. 2. Click the Administration icon. The Administration window appears.
Security
91
Deleting a policy
3. Click the Security tab, and then click the Policies tab. 4. Select the policy you want to enable or disable, right-click to display its pop-up menu, and then click Enable or Disable, whichever is appropriate. 5. A message will ask if you are sure you want to enable/disable that specific policy. Click Yes. The state of the policy changes appropriately on the Policies tab.
Deleting a policy
In order to delete a policy, the policy must be in a disabled state. To delete a policy, follow these steps. 1. From the Workbench left pane, expand the deviceWISE node for which you want to delete a policy. 2. Click the Administration icon. The Administration window appears. 3. Click the Security tab, and then click the Policies tab. 4. Select the policy you want to delete, right-click to display its pop-up menu, and then click Delete. 5. A message will ask if you are sure you want to delete the specified policy, click Yes. The policy name is removed from the Policies tab.
Adding a user
To ensure plant floor security, every person who uses the Workbench must be identified. If you have administrative privileges, you can add users and assign their user name and password. User name and password are assigned individually for each deviceWISE node. Authentication occurs when the user tries to access the deviceWISE node. As the administrator, you must also determine what a person can see and what that person can do. When the user logs on, the user name and password specify the type of access.
Creating a new user
You create users on each deviceWISE node, and then specify access privileges for that user by specifying one or more roles. Users can have multiple roles that define their privileges on the system. You can enable or disable a user, thus preventing access without deleting the users account. A users password can be changed by the user or a user with administrator privileges.
By default, four user accounts are provided on the deviceWISE node with the following user names: admin a user account with all enabled privileges. The admin user account cannot be deleted or disabled. This ensures access to the deviceWISE node. The user password can be changed only by the admin user. The default password is admin. Administrator a user account with all privileges, but it can be edited, enabled, or disabled. The default password is Administrator. it_user a user account with common privileges of an information technology user. The default password is it_user. plant_user a user account with common privileges of a plant floor user. The default password is plant_user.
Creating a new user

To create a new user, follow these steps. 1. From the left pane, expand the deviceWISE node for which you want to add the user to. 2. Click the Administration icon. The Administration window appears. 3. Click the Security tab, and then click the Users tab.
Security
93
Creating a new user
The Users tab appears.
The tab lists the users defined for the deviceWISE node, each user name, status, and the roles that he or she might be a member of. 4. At the bottom of the Users tab, click New. You can also display a popup menu. Anywhere on the Users tab, right-click to display its pop-up menu, and then click New.
Creating a new user
The New User window appears.
5. In the Name box, type a name for the user. The name is case-sensitive and must begin with a letter. Spaces are not allowed. 6. In the Password box, type a unique password. Passwords are also case-sensitive. Asterisks appear in the box as you type. 7. In the Verify Password box, type the same password. Asterisks appear in the box as you type. 8. 9. Under Roles, select the role to which this user will belong. When you have completed assigning roles for the user, click OK. The name of the user and access privileges are added to the Users tab. By default, all newly-created uses are set to Enable so that he or she is able to log onto the Workbench. For more information, Enabling or disabling a user on page 98. At the bottom of the Users tab, click Refresh to place the name in the appropriate alphabetic order.
Security
95
Changing a user password and access privileges
Changing a user password and access privileges

You must be an administrator to perform this task. To change a user password or access privileges, including your own, follow these steps. 1. From the left pane, expand the deviceWISE node that contains the user you want to edit.
2. Click the Security tab, and then click the Users tab. 3. Select the user whose attributes you want to change, right-click to display its pop-up menu, and click Edit. The Edit User window appears.
4. Make the appropriate changes, and then click OK. The changes are reflected in the appropriate rows on the Users tab for that user.
Changing your own password
Changing your own password

Before you begin, it is assumed that you started the Workbench and successfully logged on. To change your own password: 1. From the left pane, right-click the deviceWISE node for which you want to change your password, to display its pop-up menu, and then click Change Password.
The Password Change window appears. 2. Type the new password and its confirmation, and then click OK.
Deleting a user
You can delete any user who is not currently logged onto the Workbench. Before you begin, it is assumed that you were assigned administrator privileges for the deviceWISE node that you will be working with, started the Workbench, successfully logged on, and expanded the nodes tree. To delete a user, follow these steps. 1. From the left pane, expand the deviceWISE node that contains the user you want to delete.
2. Click the Administration icon. The Administration window appears. 3. Click the Security tab, and then click the Users tab.
Security
97
Enabling or disabling a user
4. Select the user you want to delete, right-click to display its pop-up menu, and click Delete.
5. A message will ask if you are sure you want to delete that specific user. Click Yes. The name of the user is removed from the Users tab. You might have to click Refresh to remove the name.
Enabling or disabling a user

If you are an administrator, you can enable or disable a user. If you disable a user, he or she will not be able to log onto the Workbench. Follow these steps. 1. From the left pane, expand the deviceWISE node that contains the user you want to enable or disable. 2. Click the Administration icon. The Administration window appears. 3. Click the Security tab, and then click the Users tab. 4. Select the user you want to enable or disable, right-click to display its pop-up menu, and then click Enable or Disable.
Exporting a role, policy, and user
The state of the user changes appropriately in the Users tab.
Exporting a role, policy, and user

You can export one or more roles, policies, or users from one deviceWISE node and then import them into another deviceWISE node. The steps are the same. 1. From the left pane, expand the deviceWISE node that contains the role, policy, or user that you want to export. 2. Click the Administration icon. The Administration window appears. 3. From the Security tab, click the appropriate tab, and then select the role, policy, or user you want to export. 4. Right-click to display its pop-up menu, and then click Export. The Select Items to Export window appears.
Click the plus-sign to display the list of dependencies for the item you are exporting. For this example, the user Mary Lindsey and her associated set of roles will be exported. 5. Click the browse button to locate the folder to export the role, policy, or user to. The Export File Location window appears. The item name you selected is automatically added to the File name box and user_ is added to the front of the name. For this example,
Security
99
Importing a role, policy, and user
user_MaryLindsey. When exported, the file name will be appended with a .DWX file extension. 6. Navigate to the drive and folder that you want to save the item to, and then double-click the folder. The folder name is added to the Look in box. 7. Click Select. The Select Items to Export window reappears with the path and file name added to the File box. 8. Click Export. 9. A message will tell you that the policy was successfully exported. Click OK. You can also use export as a backup mechanism.

Once you have exported one or more roles, policies, or users, you can import them into the appropriate deviceWISE node. The steps are the same. 1. From the left pane, expand the deviceWISE node that you want to import the exported item. 2. Click the Administration icon. The Administration window appears. 3. Click the Security tab, and then click the appropriate Roles, Policies, or Users tab. 4. Anywhere on the tab, right-click to display its pop-up menu, and then click Import. The Import File Location window appears. 5. Navigate to the drive and folder that contains the exported file, and then double-click the folder. The folder name is added to the Look in box. 6. Select the role, policy, or user file you want to import.
The file name is added to the File name box. 7. Click Select. The Import window appears.
The File box shows the location and file of the exported item. Use the browse button to change the path specification. For this example, the Items in File table shows the user and roles that were exported from the specific deviceWISE node. 8. Click Import. 9. A message will tell you that the import of the item was successful. Click OK. The role, policy, or user is immediately added to the appropriate tab. You might have to click Refresh to see the name.
Security
101
Setting up Read Write per device variable

For some deviceWISE platforms, by default, read and write security is not available on a per device variable basis. This means that any user (assuming that user was given Read and Write access on the Policy window) can go to the Variables tab and read the value and change the value of all device variables for the device. At any time, you can enable security on a per device variable basis so that only a subset of device variables are available for read and write. You will know that per device variable security is not enabled for a given device, because you will not be able to see the device variables under the device name.
The example shows a portion of the Policy window. The Devices group for the Read and Write resources has no per device variable security. To be able to assign read and write access on a per device variable basis, you must turn on security for the individual device (this includes system and global variables).
When security is enabled for the individual device on a per device variable basis, the user will see the device variables listed under the device name under Read and Write (the device must be started).
When the device name is expanded, the list of variables appears.
There are three steps to enable and verify read write access on a per device variable level for a device: Use the Device window for the individual device and set the per device variable feature to on. For more information, see Step 1: Enable Read Write on a per device variable basis on page 104.
Security
103
Step 1: Enable Read Write on a per device variable basis
Use the Administration Security tab and the Devices resource for the device and allow read and write access. For more information, see Step 2: Allow or deny Read Write access to device variables on page 107. Use the Variables tab and verify that read and write access for the specific device variables is correct. For more information, see Step 3: Verify Read Write for the specific device variables on page 111. Conserving memory: The per device variable security feature is available because the read and write capability for all device variables uses a considerable amount of memory (the more device variables, the more memory allocated and consumed). This conservative use of memory allows you to run more triggers and devices.

This section describes how to edit the Devices window and enable Read Write security on a per device variable basis. You can also enable read write on a per device variable basis when creating a new device (the steps are similar). 1. From the Workbench left pane, expand the deviceWISE node that contains the device whose read write access per device variable you want to turn on. 2. Click the Devices icon. The Devices tab appears as the right pane.
3. Locate the device, and make sure the device is stopped.
4. Select the device, display its pop-up menu, and then click Edit.
Security
105
The Device window appears.
5. Under Configuration, make sure Use Advanced Properties is selected.
6. Click the Per Variable Security down arrow, and then select True. 7. Click Save. 8. Start the device. The next step is to go to the Administration window and use the Security tab to allow read and write access for each device variable for this device.
Step 2: Allow or deny Read Write access to device variables

This section assumes that you have administrative privileges, and you have created one or more users and assigned that user a role. These are the users who are to perform read and write operations on the specific device variables. This section also assumes that you have completed Step 1: Enable Read Write on a per device variable basis on page 104, and enabled per device variable level security for the device. The following describes one example when allowing or denying access to specific device variables. 1. From the Workbench left pane, click the Administration icon. The Administration window appears. 2. Click the Security tab, and then click the Policies tab. 3. Select the policy you want to edit, and make sure it is available for use. To make a policy available for use, select it, and then click Enable from the bottom of the Policies tab. 4. Right-click the policy to display its pop-up menu, and then click Edit. The Policy window appears.
Security
107
5. Expand the Devices group.
6. For this example, expand Read, and then expand the device whose device variables you want to allow or deny access to.
7. Click the symbol next to the device to allow Read access to all the variables. The symbol will become a check mark. Another example: If you have only a few device variables that you want to allow read or write access to, you can choose to deny Read (or Write) access at the device level. Then, allow access to only those few variables. 8. Expand the list of device variables as appropriate.
Security
109
You will pair the device variable resource with the role that the user belongs to.
9. To selectively limit the user from performing Read on a specific device variable, select the device variable, and then click the symbol under the role that the user belongs. The check mark changes to an X. For this example, the user will be denied Read access to bool1 and bool2 for the Aarray1Dudt01 device variable. 10. Repeat the step for as many device variables you want to deny access to. The steps are the same for selectively limiting the user from performing Write operations on an individual device variable. 11. Click Save. The last step is to go to the Variables tab and verify that the specific read and write access is available.
Step 3: Verify Read Write for the specific device variables

It is assumed that the example user in this section is the person who was given read and write access for each device variable. Follow these steps to verify the read and write access at the device variable level as specified in Step 2: Allow or deny Read Write access to device variables on page 107. The device must be started. 1. From the Workbench left pane, expand the deviceWISE node that contains the device whose per device variable security you turned on. 2. Expand Devices, and then click the Variables icon. The Variables tab appears as the right pane.
Security
111
3. Expand the device whose device variables you are allowed read and write access.
Select a device variable that you are allowed Read access, display its pop-up menu, and then click Read or Write. A value appears under the Value column for that device variable. 4. Next, select a device variable that you were not given Read access. For this example, bool1.
A read error appears under the Value column for this device variable. This user was denied read access. 5. Likewise, if you try to write a value to a device variable that you do not have write access to, you will receive a message saying that access is denied.
6. Click OK.
Security
113
Staging Browser
The Staging Browser tab provides a secure file system on the deviceWISE node. Using the Staging Browser, you can store files and also transfer files from the staging to another folder on the staging area or to a remote folder. Remote FTP operations If you intend to perform remote FTP operations on the staging file system, the FTP server must be started. For more information, see Starting the FTP server on page 13.
About the Staging Browser file system

You must have been given permission to use the features of the Staging Browser. The Staging Browser works in conjunction with the following deviceWISE Staging File System trigger action components: Email This action will read a file that is located on the Staging Browser file system and then send it as an attachment with an e-mail. FTP This action allows you to move files between the Staging Browser file system and any remote FTP server that has a valid IP address. File Operation This action lets you interact with files within the Staging Browser. Local DB Export This action lets you export the content of a table that resides on the local database to a file. Local DB Import This action lets you import data from a CSV file to a table on the local database.
Staging Browser
115
Creating a folder
For a complete reference to trigger actions, see the Trigger Actions Guide and Reference available from the Workbench Help menu. Use cases Using Staging Browser capabilities, you can: Create a scheduled trigger to export a table from the local database to the Staging Browser file system, FTP the file to a remote server, and then delete the file from the Staging Browser file system. Create a data trigger that can FTP to a remote server, get a CSV file, and then move the file to the Staging Browser file system. From the Staging Browser, the file could be imported to the local database.
Creating a folder
Like any file system, it is best to create folders to organize information. Therefore, the first task you might want to perform is to create a folder for the staging area. From there, you can add other folders and put files in those folders. Follow these steps: 1. From the left pane, expand the deviceWISE node for which you want to view the Staging Browser. 2. Click the Administration icon. The Administration window appears.
3. Click the Staging Browser tab.
Creating a folder
The tab is empty because no directory structure has been created. The tab provides columns for basic file and folder management such as name,. file size, and date created. 4. Right-click anywhere inside the Staging Browser to display its popup menu.
5. Click Create Directory. The Create Directory window appears.
6. Type a name for the folder, and then click OK.
Staging Browser
117
Creating a folder
Since there are no folders in the Staging Browser, the name that you type will be the root folder.
Folders can be added under the root folder.
Once you have a folder (and a file in the folder), you can create a trigger that will copy the file from the Staging Browser file system to a remote computer. You can also create a trigger that can copy and move a file from the staging area to another folder in the staging area.
Putting a file in the folder

Now that you have a folder, the next task might be to use an FTP Put operation to transfer a file from an external location to the new folder on the Staging Browser file system. 1. From the Staging Browser tab, right-click the folder that you want to put the file into to display its pop-up menu, and then click Put.
The Select Files window appears. 2. Change to the location where the file resides, and then select the file. The name of the file is added to the File Name box. 3. Click Select.
4. A message will ask you if you want to upload the selected file. Click Yes.
Staging Browser
119
5. Another message will tell you that the file was uploaded to the target folder. Click OK. The file appears in the directory structure.
Now that you have a file in the staging area, you can perform additional file system tasks and FTP operations.
6. Right-click the file to display its pop-up menu. Using this menu, you can: Add a folder Copy a file to another folder in the staging area Move a file to another folder in the staging area Delete a file in the staging area Put a file in a remote folder
Copying a file to a remote computer
Get a file from a remote folder
Copying a file to a remote computer

You can use the FTP Get operation to copy a file from the staging area to a remote computer. Follow these steps: 1. From the Staging Browser tab, expand the folder that contains the file you want to copy to the remote computer.
2. Right-click the file to display its pop-up menu, and then click Get.
3. A message asks you to confirm the file to get. Click Yes.
Staging Browser
121
Copying a file to another folder
The Save File window appears. 4. Change to the location where want the file to reside. The name of the file is added to the File Name box.
5. Click Save. A progress indicate appears during the upload process. 6. When the Get is complete, a message will tell you that the file was saved in the appropriate folder. Click OK.

It is assumed that you have at least two folders available on the Staging Browser tab. The following describes how to copy one file to a different folder on the staging area. 1. From the Staging Browser tab, expand the folder that contains the file you want to copy to another folder.
2. Right-click the file that you want to copy to display its pop-up menu, and then click Copy. 3. A message asks if you want to copy the file. Click Yes.
The Staging Browser window appears.
4. Select the folder that you want to copy file to, and then click Select.
You are returned to the Staging Browser tab, and the file is available from the appropriate folder. The steps are the same for moving a file except the file is physically moved to the appropriate folder.
Staging Browser
123
Mapped log files and staging file system
Mapped log files and staging file system

When you create a transport, you have the option to turn on a map log file that records every outbound transaction. Transaction logging uses a rollover scheme so as never to exceed the maximum file size and number of log files allocated to one log file. Whenever the file reaches a specified maximum size, a copy of the file is sent to the staging file system.
You can perform file system operations on the map log file using the Staging Browser tab. For example, you can use a Get operation to copy the file to another folder on the local or remote computer.
System Variables
The System Variables tab lets you view the internal variables of the deviceWISE software for debugging purposes. You can also export the data for debugging purposes.
Viewing system variables

When troubleshooting an issue, you might be asked to record the values of specific system variables. At such a time, the technical support representative will give you information about what variables are needed. 1. From the Workbench left pane, expand the appropriate deviceWISE node. 2. Click the Administration icon. The Administration window appears.
System Variables
125
Sample system variables
The data displayed is read-only.

The following provides a sample of system variables that you might encounter: System variable name device.started.count melco.qbfevent.cpu1.count melco.qbfevent.cpu2.count melco.qbfevent.cpu3.count os.cpu.usage Description The number of started devices. Internal. Internal. Internal. The percentage of the CPU utilization. Zero represents the CPU is idle. Internal. Available memory in bytes for the operating system. Total physical memory in bytes for the operating system. Used memory in bytes for the operating system. The percentage of the memory utilization. System failure will occur when the percentage reaches 100. Internal. Internal. Internal. Internal. Internal. Internal. Internal. Internal. Internal.
os.disk.DRIVE_0 os.memory.bytes_free os.memory.bytes_total os.memory.bytes_used os.memory.usage
pool.0.executing pool.1.executing pool.2.executing pool.3.executing pool.4.executing pool.5.executing pool.6.executing pool.7.executing pool.8.executing
System variable name pool.9.executing pool.max_concurrent_executions pool.queue.depth
pool.queue.threads pool.queue.threads.created pool.queue.threads.idle_count pool.queue.threads.max pool.queue.threads.min pool.work_items_per_minute process.memory.usage publisher.prio[X].current_miss _ count publisher.prio[X].iteration_count
Description Internal. Internal. The number of work items that are waiting to be processed. If the number increases continuously over a period of time, the system might become overloaded and the user should reduce the system load by stopping some triggers to prevent system failure. Internal. Internal. Internal. Internal. Internal. Internal. Internal. Internal. Number of iterations data publisher had run. The data event is evaluated based on data publisher. The number should increase by 1 every invocation, which is defined by the priority of the event. X represents the level of priority: 1=50 milliseconds, 2=200 milliseconds, 3=500 milliseconds, 4=1000 milliseconds. The work time in millisecond spent on the last invocation of the data publisher.
publisher.prio[X].last_time
System Variables
127
System variable name publisher.prio[X].miss_count
publisher.prio[X].miss_percent
schedule.periodic.cycle_iteration _count
schedule.periodic.cycle_last _time schedule.periodic.cycle_miss _count
Description Number of iterations a data publisher had missed. The data publisher might miss some iterations when the system is being overrun. If the number is increasing continuously, it indicates that the user should reduce the system load in order to maintain the integrity of the data publisher. Number of iterations a data publisher had missed represented in percentage. Number of iterations a periodic timer had run. The periodic schedule event is triggered based on the periodic timer. The number should increase by 1 every invocation or every periodic interval (schedule.periodic.interval) in millisecond, which is predefined by the system. The work time in millisecond spent on the last invocation. Number of iterations a periodic timer had missed. The periodic timer might miss some iterations when the system is being overrun. If the number is increasing continuously, it indicates that the user should reduce the system load in order to maintain the integrity of the periodic timer.
Exporting the information
System variable name schedule.periodic.cycle_miss _percent schedule.periodic.cycle_overrun _count schedule.periodic.interval system.platform_name
Description Number of iterations a periodic timer had missed represented in percentage. Internal. The interval between invocation of the periodic timer. The platform name of the hardware which deviceWISE is running on. Internal. Internal. Internal. Internal.
system.startup.time trans.jvm.freeHeap trans.jvm.totalHeap trans.memory.usage

You can export the information that the technical support representative needs. 1. From anywhere on the System Variables tab, right-click to display the Export Data menu.
2. Click Export Data. The Save File window appears.
System Variables
129
3. Next to Look In, click the down-arrow, and then go to the location of the folder where you want to save the file.
4. A file name appears in the File Name box. Notice the .CSV file name extension.This indicates the file is an Excel worksheet. 5. Click Save. A message appears indicating the data was saved to the location indicated.
6. Click OK. 7. Go to the location of the saved .CSV file. Double-click the file to review the data.
Time Management
The Time Management tab lets you set the time to the correct time zone. You can also synchronize to a time server. deviceWISE also provides trigger date and time actions that can be used to create the time management and time synchronization logic for your deviceWISE system. These actions compliment the features of Time Management tab as follows: Date Diff calculates the difference between two timestamps. Get Date & Time gets the date and time from the deviceWISE node and returns it as a timestamp for further processing. Get Device Date & Time gets the date and time from a device and returns it as a timestamp for further processing. Get NTP Date & Time gets the date and time from a Network Time Protocol (NTP) server and returns it as a timestamp for further processing. Set Date & Time sets the date and time of the deviceWISE node. Set Device Date & Time sets the date and time of the device that you select from a list.
For information about these date and time actions refer to the Trigger Actions Guide and Reference available from the Workbench Help menu.
Time Management
131
Setting the current date and time
Setting the current date and time

You can set the current date, time, and time zone on the deviceWISE node. You can also: Schedule time synchronization to ensure time changes do not occur during a production run. Specify a primary and secondary time synchronization server.
It is assumed that you have started the Workbench, successfully logged on, and expanded the nodes tree. Follow these steps: 1. From the Workbench left pane, expand the deviceWISE node whose time and date you want to set. 2. Click the Administration icon. The Administration window appears.
3. Click the Time Management tab.
Set Time
The Time Management tab provides two main sections: Set Time (next and Time Synchronization Settings (see page 134). In addition, the Time Management tab lets you specify a primary and secondary time server (see page 137).
Set Time
The Set Time section of the Time Management tab provides current time and date information and lets you set a time zone.
The following describes the parameters under Set Time. Parameter Device Time Description This is the time that is set for the clock on the deviceWISE node. Local Time Current time on the computer where the Workbench is installed. If necessary, change the computers clock to match the time on the deviceWISE node. Device Time Zone The time zone in which the deviceWISE node is located. To change the time zone, click the down-arrow, and then select the time zone setting. Set Current Time and This button saves the current time and time zone Zone setting to the deviceWISE node. Automatically adjust Select the check box to have the time for daylight savings automatically adjust for Daylight Savings Time.
Time Management
133
Time Synchronization Settings
Changing the time zone: If you change a time zone on the deviceWISE node, you must restart the deviceWISE node. The deviceWISE node will automatically handle daylight savings changes.
Time Synchronization Settings

The Time Synchronization Settings section of the Time Management tab lets you set a time synchronization schedule that the deviceWISE node uses to contact the time server to update the time. You can schedule a time synchronization to ensure time changes do not occur during a production run.
When you select Scheduled Synchronization, parameters become available to schedule the time synchronization. From the Frequency drop-down list, click the down-arrow, and then select the frequency option you want to use.
Each option has custom parameters that guide you through defining a scheduled synchronization.
Setting an hourly synchronization
Setting an hourly synchronization

The Hourly option lets you set a specific minute after the hour for the synchronization to occur. In addition, you can select one or more days of the week in which this hourly synchronization is active.
In the Minutes after the hour box, type a whole number between 0 and 59. You must select at least one day of the week check box. In the example, all days were selected.
Setting a day of the month synchronization

The Day of the Month option lets you set the synchronization schedule for a specific time, on a specific day, for one or more months.
Time Management
135
Setting a weekday synchronization
In the Time box, type the time of day that you want the synchronization to occur. Use standard HH:MM (hour:minute) and AM PM format. Time set in military format will be converted to the corresponding AM PM time format. Click the Day of Month down-arrow, and then select a day entry 1 through 31. If you select 31, those months that do not contain 31 days become unavailable. Likewise, selecting 29 or 30 will make February unavailable. You must select at least one check box.
Setting a weekday synchronization

The Weekdays option lets you set a synchronization at a specific time and day of the week and the weeks of the month for that day. You can also specify one or more months that the synchronization will be active.
Primary and secondary time servers
The following example shows how to set a synchronization schedule that will occur at 3:45 PM on the first Sunday during the months of July and August.
Primary and secondary time servers

You can specify a primary and secondary time server for synchronizing the clock of deviceWISE node. deviceWISE provides the Network Time Protocol (NTP) and Simple Network Time Protocol (SNTP) time synchronization protocols.
The following describes the primary and secondary time servers parameters. Parameter Primary Server Description The name or IP address of the server to contact for the time.
Time Management
137
Time Management tab buttons
Parameter Secondary Time Server Port
Protocol
Description The name or IP address of the server to contact for the time when the primary server is unavailable. NTP and SNTP use the port 123. You might have to open this port on a firewall or router to ensure proper communication with the time server. Use the down-arrow to select either Network Time Protocol (NTP) or Simple Network Time Protocol (SNTP).
Time Management tab buttons

There are three buttons at the bottom of the Time Management tab: Save Synchronization Settings
All settings shown on the Time Management tab are saved to the deviceWISE node. Synchronize Now
Contact the time server and update the deviceWISE node. Refresh
All parameters shown on the Time Management tab are returned to their original settings. Once the new values are saved to the deviceWISE node, Refresh simply clears the input parameters and resets them to the values that were saved to the deviceWISE node.
Notices
References in this publication to ILS Technology products, programs, or services do not imply that ILS Technology intends to make these available in all countries in which ILS Technology operates.
Appendix A
Disclaimers
Any reference to an ILS Technology licensed program or other ILS Technology product in this publication is not intended to state or imply that only ILS Technologys program or other products can be used. Any functionally equivalent product, program, or service that does not infringe on any of ILS Technologys intellectual property rights or other legally protectible rights can be used instead of the ILS Technology product, program, or service. Evaluation and verification of operation in conjunction with other products, programs, or services, except those expressly designated by ILS Technology, are the users responsibility.
Trademarks
The following term is a registered trademark of ILS Technology LLC: deviceWISE The following terms are trademarks or registered trademarks of the IBM Corporation: IBM WebSphere MQ AIX
Appendix A: Notices
139
Trademarks
The following terms are trademarks or registered trademarks of Microsoft Corporation: Microsoft Microsoft SQL Server Windows .NET Framework The following terms are trademarks of Mitsubishi Electric Corporation: Mitsubishi Q Series ezSocket The following terms are trademarks of other companies: iconv, Free Software Foundation Intel, Intel Corporation Java, Sun Microsystems javasqlite, Christian Werner libxml2, xmlsoft.org log4j, as originally developed by Apache.org Oracle, Oracle Corporation OpenSSL Toolkit, Open SSL Project, OpenSSL 1998-2008 by the Open SSL Project; This product includes cryptographic software written by Eric Young (eay@cryptsoft.com) and by Tim Hudson (tjh@cryptsoft.com) Solaris and Java, Sun Microsystems, Inc. The term MySQL is a trademark of MySQL AB. J-Integra is a registered trademark of Intrinsyc Software International, Inc. J-Integra 2010 Intrinsyc Software, Inc and its licensors. All rights reserved.
Index
A
access privileges change 96 action definition v Administration group 64 administration resource 72 attention bit authorization 65 clear 4 set 3 turn on 1 Attention Bit resource 64 Attention Bit tab 1 audit log file authorization to clear 85 audit logs activating 7 automatic exporting 5 Automated Log Export window 7 automatic exporting disable 10 system logs 5 clear counters allow access 74 clear the attention bit authorization 65 control program description v create listeners authorization 79 create project allow access 84
D
Data Mapping allow 83, 84 Data Mapping tab security 83 Date Diff action 131 default gateway 34 Default Policy 58 delete project allow access 84 Device Administration tab 36 device driver license description 15 Device Gateway resources 68 Device Time Zone parameter 133 device variable write access 77 device variable security 102 deviceWISE node backup 37 disk space used 41 Index
B
backup deviceWISE node 38
C
Change Data resource 81 change password 96 changing time zone 134 Clear Attention Bit menu 4
141
System Administration Users Guide
manual restart 52 upgrade software 40 diagnostic mode 43 disable log on 98 disable policy 92 disk utilization 41 DNS Search Path 23 driver package manual restart 52
F
factory default settings 34 authorization 68 File Operation actions 115 Firmware Update resource 67 FTP activate for logging 8 FTP action 115 FTP Information parameter 8 FTP server automatic export 8 log file exports 8 start 13 FTP Server tab allow access 66
E
edit listeners authorization 79 e-mail automatic export 9 jumbled text 31 setup for exception errors 27 start notification 31 Email action 115 E-mail information parameter 9 e-mail subject line 28 enable log on 98 enable policy 91 Enterprise Connectivity resource 78 Enterprise license description 15 entitlement key hardware ID 36 event definition vi Exceptions log authorization to clear 85 automatic export 5, 10 Execute resources 74 export project authorization 84 export transports authorization 81 export trigger allow acess 87
G
generate a report authorization 87 Generate File diagnostic mode 46 Get from staging 121 Get Date & Time action 131 Get Device Date & Time action 131 Get NTP Date & Time action 131
H
hardware ID 36 host name character limitation 22 HTTP Server tab allow access 84
I
importing license key file 18 IP address changed 25 factory default 34
J
J-Integra trademark 140
L
ladder logic software v License File Location window 18 license key importing 18 refresh 17 Licenses tab 16 allow access 68 license keys 37 listener definition vi Listener Maps allow access 78 listeners allow export 79 Listeners window allow access 79 Local Database group 81 Local DB Export allow 82 Local DB Export action 115 Local DB Import allow 81 Local DB Import action 115 log file automatic export 5 FTP transfer 8 Logs & Reports allow access 85
deviceWISE node 52 map variable definition vi Mapper group 83 Max Pending parameter attention bit 2 memory utilization 41 Modify Attention Bit action 4 MySQL trademark 140
N
name change for module 34 Network Configuration tab 22 network connection rescan 25 network settings allow 67 network settings for module 25 node definition vi Node Administration Node Reboot 68 Node Reboot button 68 Notifications tab resources 69
O
OPC Server resource 75 Operating System action authorization 68 overflow attention bit 2
M
MAC address definition vi for deviceWISE node 37 manual restart
P
Packages tab authorization 67 Index
143
password add new 95 change 96, 97 per device variable security 102 Per Variable Security 106 ping command 42 policies resources 70 Policies tab 89 policy create 88 edit 91 enable 91 priority value 89 Policy window 61 problem spaces in subject line 28 projects allow access 84 protocol supported vii
R
read access enable 104 file system 72 FTP server 66 registered trademarks 139 reports for triggers allow access 87 allow delete 87 Resource description 61 Resource list 63 roles for users 95 runtime license description 16
S
safe mode
exit 45 Save Configuration 25 Save Name button 35 Save Sync Settings 138 scheduled time synchronization 134 security per device variable 102 read write 104 Security resource 70 set current time 133 Set Date & Time action 131 Set Device Date & Time action 131 set time for module 132 SMTP server 29 software driver authorization to add 67 Software Release Level 40 Staging Browser resources 72 Staging Browser tab allow access 72 map log files 124 start listeners authorization 79 start project allow access 84 stop project allow access 84 store and forward definition vii Subject Line space rule 28 subnet mask factory default 34 suspend definition vii Suspend Execution allow 88 suspend mode for triggers 43
System Execution parameter 43, 45 System Logs group 85 System Restart resource 68 system variables samples 126 System Variables tab description 125
definition vii overflow 2 triggers suspend mode 43 Triggers group 86
U
Unicode (UTF-8) for e-mails 31 Uninstall Packages resource 68 Update Firmware button 40 upgrading software 40 Use Advanced Properties 106 user add new 93 name 95 password 95 roles 95
T
TCP Connect button 42 Time Management tab 132, 133 time resource 68 time servers 137 time synchronization schedule 132 scheduled 134 time zone change 133 set 132 Timesync authorization 68 Toggle Mode button allow 88 safe mode 45 trademarks 139 transport activation key 16 definition vii transport map allow access 80 transport maps allow export 80 trigger allow create 86
V
Variables window security 77 view resource 72
W
Workbench disable log on 98 write access device variable 77 enable 104 file system 72 FTP server 66
Index
145
ILS Technology LLC

System Administration

Enviado por

Dados do documento

Descrição original:

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

System Administration

Enviado por

Direitos autorais:

Formatos disponíveis

ILS Technology

deviceWISE version 2.5

Copyright 2011 by ILS Technology LLC

Attention Bit ......................................................................................................................... 1

Automated Log Export .................................................................................................... 5

FTP Server .......................................................................................................................... 13

Adding a DNS search path................................................................................................ 23 Configuring an adapter...................................................................................................... 24

ii System Administration Users Guide

Staging Browser .............................................................................................................. 115

System Variables ............................................................................................................ 125

Time Management ......................................................................................................... 131

Appendix A: Notices .................................................................................................... 139

Index ................................................................................................................................... 141

iv System Administration Users Guide

How this book is organized

How this book is organized

The Administration window appears.

ii System Administration Users Guide

Who should read this book

Who should read this book

Related deviceWISE documentation

Related deviceWISE documentation

iv System Administration Users Guide

device variable deviceWISE node

that fits in a slot on a programmable logic controller.

macro map variable

vi System Administration Users Guide

Term polling protocol queue

run time store and forward

viii System Administration Users Guide

In the audit logs of the deviceWISE node.

Turning on an attention bit

Turning on an attention bit

3. Click Attention Bit to bring the tab to the front.

2 System Administration Users Guide

Turning on an attention bit

The bottom of the Attention Bit tab provides these buttons:

Clearing the attention bit

Clearing the attention bit

Related Modify Attention Bit action

4 System Administration Users Guide

Automated Log Export

Enabling the process

Automated Log Export

Enabling the process

The Administration window appears.

6 System Administration Users Guide

Enabling the process

The Automated Log Export window appears.

Automated Log Export

Configuring FTP as the delivery mechanism

Configuring FTP as the delivery mechanism

User ID Password Remote Address Port File Location

8 System Administration Users Guide

Configuring e-mail as the delivery mechanism

Configuring e-mail as the delivery mechanism

Automated Log Export

Saving the configuration

Saving the configuration

Disabling the automatic export process

10 System Administration Users Guide

Disabling the automatic export process

Automated Log Export