Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ System Platform

TABLE OF CONTENTS

AVEVA Historian Configuration

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedJun 23, 2022
  • 8 minute read

You can use the Configurator to configure Historian settings.

Note: Before running the Configurator, be sure SQL Server is installed and running. Also, be sure you have SQL Server administrator rights.

You can start the Configurator at any time from the Windows Start menu on the Historian computer.

To configure AVEVA Historian:

  1. Launch the Configurator from the Start menu. In the left pane, click Server.

    Configuring alarm and event storage

  2. Under Database Information, specify the SQL Instances and database path.

    • SQL Instance
      Name the SQL Instance associated with this historian.

    • Database Path
      Unless you have specific requirements, keep the default SQL Server database path. The default is tied to your SQL Server installation and is the path where the configuration database is deployed. If you need to change the default path, click the ellipsis button to specify a different directory in which to install the historian database files.

  3. Under Existing Database Conflict, read any notices.
    If the database is created for the first time, then this option is not available. When reconfiguration is done, then the Drop and Create New Database option is available. If you select this check box, then the existing database is dropped and a new database is created. If this check box is cleared, then the database is not dropped, but configured for changes, if any.

  4. Under Alarms & Events Storage, configure how you want to store alarm and events.

    Important: If you want to change this setting later after the Historian is running, you must first shut down and disable the historian using the Management Console. Then, after making the change, you can restart and enable the historian.

    • High-speed (default/recommended)
      The high-speed setting for storing alarms and events in history blocks provides several advantages. You can manage the data using simple operations such as moving, copying, or deleting folders, instead of using database management software. With this storage method, you no longer need to purge to sustain storage. This method offers significantly higher storage rates. Also, the capacity for alarm and event storage is only limited by disk space, not by insertion rate.

    • Traditional
      The traditional setting stores alarms and events in the A2ALMDB SQL Server database. This works well for smaller applications. Alarm and event data stored in the A2ALMDB database can be retrieved using SQL queries. You can also use SQL Server tools, such as Reporting Services, to query alarm and event history.

  5. Under Network, accept the default Historian TCP and Search ports or change these settings. The ports you specify are added to the exclusions list of Windows Firewall. You must manually add these ports as exclusions if you use another hardware or software firewall.

    • Historian TCP port is used for receiving data from another system.
      If you are sending data to Historian from an Application Engine, Remote IDAS or from another Historian, you must specify this port as part of the connection settings on those source systems.

    • Search port is an internal port, only accessible locally on the server, and is used to support searches in Historian Client Web. This is not configurable and is for reference only.

  6. Select the Historian Rest Details to configure remote access to the Historian REST API and Historian Client Web. The Rest Configuration dialog displays.

    Historian SSL Configuration

    To configure the HTTPS connection, a certificate is required. You can use a certificate provided by your IT department, or you can use a self-signed certificate generated by the configurator.

    For more details about using enabling encrypted communication for the Historian, see Use HTTPS instead of HTTP for Historian Client, Historian Client Web, and REST APIs.

    1. To use a certificate provided by your IT department, select "Provided by IT (import / select)" as the Certificate Source.

      • If the certificate is already installed on the system, select the appropriate Certificate from the list.

      • If you have been provided with a certificate but it is not yet installed on the system, click Import.... The Import Certificate dialog displays.

        Import Certficate

        Click to browse and select the certificate file, which has a .pfx file extension.

      • Select the Certificate Store in which to save the Certificate, as directed by your IT department.

      • Enter the Certificate password and click OK when all the information is correct.

    2. To use a self-signed certificate, select "Automatically Generated" as the Certificate Source. The name of the Certificate is automatically selected for you and cannot be changed.

      Using a self-signed certificate makes it easier to configure the server, but it makes the remote browsing experience more complicated, with users receive security warnings in their browser until the certificate is "trusted" on their system.

      Note: After configuring the Historian with an automatically generated self-signed certificate, when you visit this dialog again, the Certificate Source is "Provided by IT (import / select)". This is because the certificate is installed on the system after configuration, and can now be selected from the Certificate list.

    3. Enter the port numbers to use for the HTTPS Port and the HTTP Port. These ports are used for data queries via Insight or the Historian REST API to the Historian Server.

      Note: To allow the correct functioning of the Alarm Control History Blocks, the firewall must be configured to permit inbound and outbound network traffic on these ports.

    4. The Connections option determines what happens when a connection is made to Historian Client Web over the untrusted (HTTP) port. Select one of the following options:

      • Favor trusted connections, but permit untrusted connections. When this option is selected, users at run time are informed there is a trusted connection available, and they can decide whether to use the trusted or untrusted connection. For more information about the run-time options, refer to the Historian Administrator Guide.

      • Require trusted connections (clients must trust this certificate). When this option is selected, if you are using a certificate from a trusted authority, users are redirected to the HTTPS connection. If you are using an untrusted certificate, such as a self-signed certificate, an informational message is displayed that directs users how to proceed. For more information about this message and how users can proceed, refer to the Historian Administrator Guide.

    5. Click OK to accept the selected options, then click Configure to apply any changes to the system.

      For more information about secure, encrypted communication between nodes, see Common Platform.

  7. Under Security, select Allow Remote Access for OCMC if you want to allow remote access of this server's Operations Control Management Console (previously called the System Management Console, or SMC). This option is disabled by default for improved security, and we recommend that you use remote desktop software to administer remote Historian servers.

    When you select Allow Remote Access for OCMC, Historian allows remote connection to the Operations Control Management Console. Specifically, this allows remote launch and remote activation permissions for the aahCfgSvc and aahEventSvc Historian COM services. (By default, these are set to local launch and local activation.) The permissions are limited to the aaAdministrators, aaPowerUsers, and aaUsers groups. Anyone who is not a member of these groups on the server will not see that Historian remotely via SMC.

    Important: In 2022, Microsoft is releasing a phased update to address a security issue with DCOM on Windows. After the third phase of this update is applied, administering remote historian servers will no longer be possible using the Operations Control Management Console. Instead, you can administer remote Historian servers by first connecting with the remote desktop software of your choice, and then using the Operations Control Management Console on the remote server.

    For more up-to-date information about the vulnerability, and a timetable for its phased release, see https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26414.

  8. In the left pane, click Security. Configure the security options as follows.

    Config_Security

    1. Under Historian Users, review the existing users and roles for this server. Make adjustments to the list as needed:

      • To create a new user account, click Create Users and then specify account details.

      • To add existing user accounts to this list, click Add Users and then select the account criteria to use.

      • If you don't need this account anymore, mark the Delete Account check box.

    2. Under SQL Logins, do one of the following to ensure your SQL Server logins are secure:

      • If you want to keep using a default account listed, type a new password.

      • If you don't need this account, mark the Delete Account check box.

      Note: Secure Development Lifecycle (SDL) guidelines recommend against using automatically created users like aaUser and aaAdminUser with well-known or publicly documented passwords.

      When you migrate from an older version of the Historian Server, this area is populated with all preexisting SQL Server accounts and gives you the option to change account password and to delete unused accounts to ensure strong security for your system.

  9. In the left pane, click Search. Then configure the search options as follows.

    Under Search Configuration, specify file locations.

    • Data Path
      Accept the default path, or click the ellipsis button to specify a different directory for the historian history blocks.

      Make sure that you have plenty of space on this drive most of your plant data will be stored here. (The SQL Server database files typically take less disk space.)

    • Log Path
      Accept the default path, or click the ellipsis button to specify a different directory for the log files.

    • Mark the Reindex Search Documents check box to create a new index of all existing tags.

  10. In the left pane, click Reporting. Then mark the appropriate check boxes to configure OData extensions for SQL Reporting Studio or Visual Studio Report Designer on your system.

  11. In the Configuration Messages area, read messages regarding prerequisite checks, current configuration state, and configuration activities that are logged.

  12. Click Configure. The Processing SQL Script dialog box appears. You can see the historian database configuration scripts running. Multiple scripts run during the configuration.

  13. After the system finishes running the SQL scripts, the Historian node and Historian Server node are shown with a green status indicator if the database is successfully configured.

  14. Click All Messages to see all the configuration messages.

TitleResults for “How to create a CRG?”Also Available in