Security logging 

  • Log in to the WBM. 

Return to topicHow do I get to the WBM again? Click here for more information... 

Establishing a connection to the Web-based Management (WBM):

  • Open a web browser on your computer.
  • In the address field, enter the URL https://<IP-address-of-the-controller>/wbm,
    for example:

For further information, see WBM.


  • Open the Notifications page (DiagnosticsNotifications). 
Note: Only the SecurityAuditor has access to the notifications.

The UserManager assigns a session ID to each user who logs in. The session ID is displayed at the corresponding notifications for all activities. The SecurityAdmin and the SecurityAuditor have access to the security logging. On the basis of the notifications it is possible to see how the PLCnext Control is booted (whether the integrity is given) and general information about all activities of the logged-in users (who changed what when and how) in the sense of non-repudiation according to IEC 62443.

 For more information on security logging, refer to the topic Configuring central logging.


Note: To see all messages and remove the filter, clear the box at "Sender" and then click Apply Filter.

Ensuring audit storage capacity

Notification Manager: Configurable file size (default 10 MB) when limit reached configurable number of messages are deleted (default 16). Security messages are hand over to syslog. Logrotate is executed every hour. Syslog-ng interface for external logging can be configured.



•  Web browser recommendation: Chrome/Edge 88 or newer, Firefox ESR 90 or neweror Safari  • 
• Published/reviewed: 2023-11-02 • Revision 011 •