You can investigate the events triggered by Modbus devices using the Modbus event report and the Modbus health report in Security Desk.
Three reports are available.
What you should know
- Modbus event report
- Use this report to see which events were triggered by the rules made for your Modbus devices.
- Modbus action report
- Use this report to see which actions were written to your Modbus devices.
- Modbus health report
- Use this report to see which health events were reported by devices and the plugin. Find out when your devices established and lost a connection with the plugin, reported a monitoring problem, and lost data; and when the plugin reported warnings and operator's cleared the warnings.
- From the home page in Security Desk, open the Modbus event report or the Modbus health report.
Set up the query filters for your report. Choose one or more of the following
- Select the device to investigate.
- Select the Security Center custom events to investigate.
- Time range
- Choose a time range for the report. You can specify a start and end date, or a period, such as the last day or the last week.
Click Generate report.
The events are listed in the report pane. The following report pane columns are available for this report:
- Date and time that the event occurred.
- Event name.
- The device that triggered the event.
- Message related to the event. This report column does not apply to events that were triggered based on rules you created for the plugin.