Ignition Gateway

1. Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2
1.1 Home . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
1.2 Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.2.1 Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.2.2 Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
1.2.2.1 Connections - EAM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
1.2.2.2 Connections - Databases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
1.2.2.3 Connections - Designers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
1.2.2.4 Connections - Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
1.2.2.5 Connections - Gateway Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
1.2.2.6 Connections - Store and Forward . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
1.2.2.7 Connections - OPC Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
1.2.2.8 Connections - SECS/GEM Equipment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
1.2.2.9 Connections - Perspective Sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
1.2.2.10 Connections - Vision Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
1.2.3 Gateway Diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
1.3 Config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
1.3.1 Gateway Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
1.3.2 Email Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
1.3.3 Web Server Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
1.4 Gateway Backup and Restore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
1.4.1 Gateway Scheduled Backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
1.4.2 Project Export and Import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
1.4.3 Exporting and Importing Tags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
1.5 Gateway Command-line Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
1.6 Gateway Common Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
1.6.1 Gateway Memory Allocation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
Gateway
The Ignition Gateway is the primary software service that drives everything in Ignition. It is a single
application that runs as a web server and accessed through a web browser. It connects to data and
PLCs, executes modules, communicates with clients, and much more. You can customize the On this page
Homepage to fit your needs using the Gateway Settings. From the Gateway, you activate Ignition,
transfer licenses, backup and restore the Ignition Gateway, setup redundancy, and more. You can
even set up a Gateway Network that allows two or more Gateways to connect to one another and ...
share data.
Launching a
Gateway
Gateway Webpage
Home
Launching a Gateway Status
Config
The Gateway is accessed through a web browser. The web browser, running on any machine, Designer
must have network access to the host that is running the Gateway. Launcher
Gateway
By default, Ignition installs by using the 8088 port. For example, if the host's IP address is 10.0.2
Command-line Utility
8.30, you access the Gateway via the URL: http://10.0.28.30:8088. When Ignition is Gateway
installed on the computer that you are logged into, you can access it by typing http://localhos Architecture
t:8088 to display the Gateway Homepage. Any other computer on the same network can access Gateway
the Gateway by using the IP Address or Host Name of the computer where Ignition is installed: Redundancy
i.e., http://192.#.#.#:8088 and it will launch the Gateway and bring up the Gateway Homepage.
Gateway Webpage
The Gateway Webpage performs a cadre of functions and is the hub for accessing all the functions
of the Gateway server. It drives everything in Ignition! The Gateway Webpage is where you setup
your licensing and activation, configure your Gateway settings, databases, devices, projects,
modules, security, alarming, and much more. When the Gateway server is running, you can
connect to a device, connect to a database, launch the Designer, and launch a Vision client or
Perspective session. You can also check the status of your system, network, agents, sessions, Gateway Webpage
tasks, reports, alarms, and much, much more.
The Gateway Webpage has three tabs on the left side of the page that lead you to the key sections Watch the Video
of the server: Home, Status, and Config. The top of the page shows you the path of where you
are on the Gateway Webpage. You can perform a host of Gateway functions from configuring your
system and modules, checking the staus of all your Gateway connections, to launching clients and
sessions, and many tasks in between. You can even redirect the Gateway Homepage to display
another URL.
Home
The first time you go to the Gateway Homepage, it shows you several steps to help you get
started. Once you're up and running, the Home tab lets you open Vision clients, Perspective
sessions, and download the Designer Launcher. There are some resource links to help you get
started with Ignition quickly: Inductive University, Quick Start Guide, Production Documentation
where you can learn about Ignition modules, and the Appendix which contains a complete
reference for components, expressions and scripting functions.
Customizing the
Gateway Homepage
When you're first introduced to Ignition, the Homepage is the landing page. It's where you'll find
the Designer Launcher, Vision Client Launcher, and Perspective Session Launcher.
Watch the Video
The Designer Launcher locates all Gateways that are available on your local network.
Once you open the Designer, you can access existing projects or create new projects on
the Gateway.
The Vision Client Launcher opens Vision Clients from any Ignition Gateway. It browses all
Gateways for Vision projects that are available on your local network and remote locations.
Once your Vision projects are added to the Vision Client Launcher, they will be displayed
and all you have to do is click the link to launch a Vision Client.
The Perspective Sessions Launcher opens a session directly in your browser or you can
download the native application.
Status
The Status page provides in-depth information about the status of the different parts of the Ignition system. The list of options on the left
menu in the Status page changes based on what modules are installed. You can select any of the available options to get more detailed
information.
Config
If you are not already logged into your Gateway, Config tab presents you with a login screen. Enter the username and password for the Igni
tion administrator. This was the first account created during installation. From the Config page, you can setup all connections, projects, and
perform all the Gateway and platform operations. The list of options on the left menu changes based on what modules are installed. You can
select any of the available options to get more detailed information. This page also provides some links to common actions to help get you get
started.
Designer Launcher
The Designer Launcher locates all the Gateways that are available on your local network. Once the Designer is open, you can access
existing projects or create new projects on the Gateway.
The Designer Launcher button on the top right side of the page and the Download button opens the Designer Launcher Download page.
Here you can find all the Designer Launchers for each operating system: Windows, Mac and Linux. Ignition automatically detects your
operating system so all you have to do is download the launcher and follow the steps to install the Designer Launcher. To learn about what
the Designer can do, go to the Designer section of this manual.
Gateway Command-line Utility
The Gateway Command-line Utility (GCU) is a lightweight standalone application that provides information about the Gateway. It performs
high-level tasks that aren't available inside the Gateway webpage such as stopping and restarting the Gateway server, and setting ports used
between the Gateway and clients. It shows the status of the Tomcat web server and the Ignition Gateway application. You can reset the
Gateway password, and even launch the web browser to the Gateway webpage.
For more information, refer to the page on the Gateway Command-line Utility.
Gateway Architecture
The Gateway’s architecture contains many parts, each one letting you perform a specific task. The Gateway parts are as follows:
System Management
Project and Module Management
Security and Auditing Settings
Database Connectivity
Alarming and Modification Settings
Tags Provider Settings
OPC Connectivity
Enterprise Administration Settings
Projects - the most important part!
The following image shows the different parts of the Gateway and how projects work within the Gateway. Note the parts that are outside the
Ignition Gateway box, non-Ignition OPC servers, databases, devices, etc., are all separate from Ignition but can be connected.
Gateway Redundancy
Ignition redundancy supports a 2-node system, meaning there are two copies of the Gateway running. One node is the Master Gateway and
the other is the Backup Gateway or backup node. All projects, Gateway settings, etc., are shared between nodes. The master node manages
the configuration then replicates it to the backup node.
When you have redundant systems in place, you can get detailed status information by going to Gateway webpage and selecting Status >
Redundancy to view the system's status and events. For more about how Gateway redundancy works, go to the section on Redundancy.
In This Section ...
Home
The Homepage provides you with all of the tools you need to get started designing projects and
launching Perspective Sessions and Vision Clients. There are three launchers on the Homepage
that will quickly get you started: On this page
The Designer Launcher allows you to create or modify a project. Download the launcher
and create a shortcut so it's always on your desktop when you need it. ...
The Vision Client Launcher browses all Gateways for Vision projects that are available on Resources
your local network. Once your projects are added to the Vision Client Launcher, they will
be displayed and available to open in a Vision Client. Simply download the launcher and
create a shortcut on your desktop so it's always at your fingertips when you want to launch
a Vision Client.
The Perspective Session Launcher allows you to easily launch a session directly in your
browser. Simply click the link and Ignition will display all your Perspective projects. Find
your project and launch it!
Customizing the
While the top navigation bar is present no matter what tab you are in, the Get Designer button in
the upper right corner does not require that a user login to the Gateway. This allows a user to
Gateway Homepage
launch the Designer right away, only logging in once the Designer has fully launched. See the Desi Watch the Video
gner section for more information on launching and using the Designer.
Resources
On the Homepage, we also provide quick links to several resources: Quick Start Guide, Inductive
University, Product Documentation, and the Appendix which contains a complete reference for
components, expressions, and scripting functions in Ignition.
Related Topics ...
Status
Config
Quick Start - Perspective Session
Quick Start - Vision Client
Inductive University
Status
Your Gateway at a Glance

The Status tab provides both an 'at a glance' overview of all of the systems in your Gateway, while
On this page
also giving you the ability to drill down into specific systems and get a more in depth view of what is
currently happening in your system. The Systems and Connections sections that are displayed on ...
the left side of the Status page are based on what modules are currently installed. Some 3rd party
modules could potentially add sections that are not discussed in this manual. Your Gateway at a
Glance
When first opening the Status tab, you will be taken to the Overview page. This page provides an Search
overview of all Ignition systems, while also acting as a launchpad to all other sections in the Status
tab. The pages in the Status tab are built around the idea of quickly drawing attention to problem
areas by highlighting them. As you can see, this Gateway has a faulted database. The pages in the
Status tab also allow you to 'drill down' into sections to see more information. Most objects can be
clicked on, like the faulted database. Clicking either of these will take you to the appropriate
section, allowing you to quickly find out what is wrong with a particular system.
Gateway Status
Page
Troubleshooting
Watch the Video
Search
The Status tab also displays a search bar at the bottom left of each page. This search bar allows you to type in a word or phrase, and it will
list all appropriate pages in both the Status and Config tabs to easily find all pages related to a specific system.
Related Topics ...
Config
In This Section ...
Systems
The Systems section of the Status tab displays information regarding the internal Gateway
systems. This includes systems such as the currently running Transaction Groups as well as active
Alarm Pipelines. These sections are not necessarily concerned with any connections to external
systems.
On this page
...
Overview
Architecture
Environment
Systems
Connections
Performance
Alarm Pipelines
Gateway Scripts
Modules
Redundancy
Force Re-Sync
Request Failover
Reports
SFCs
Voice Alarming
Tags
EAM Tasks
Transaction Groups
Overview
The Overview page is the first page that you see when navigating to the Status tab. It provides a visual synopsis of everything in the
Gateway, as well as some basic information about the server Ignition is installed on. There are four sections on the page: Architecture, Envi
ronment, Systems, and Connections.
Architecture
The Architecture segment provides a top down view of your Gateway. You can see your Ignition version and resource usage, as well as
similar information with a redundant Gateway, if one is connected.
You will also get an overview of the Gateway Network including how many active connections there are, and what is the amount of data being
transferred between them.
Environment
The Environment segment provides some basic information about your server such as the Operating System (OS), Java version, available
disk space, and IP address of detected network interface cards (NIC)..
Systems
The Systems segment summarizes each of Ignition's systems. Here, you can see how many modules you have installed as well as how many
Tags are configured in your Gateway, along with a handful of other information. Click on any of the links in blue to find out more information
about a particular system.
Connections
The Connections segment shows all of the systems that Ignition is connected to. If any of these have issues, they will be outlined in red.
Clicked on the connection to be taken to the relevant page within the Status tab.
Performance
The Performance page displays information on the resource usage of the Gateway. This page enables you to quickly assess your Gateway's
overall health and determin if the Gateway is being taxed too heavily for the server it's running on. You can see the current CPU usage, the
current memory usage (in megabytes) out of the total allocated for the Gateway, and how CPU threads are performing. In the CPU Trend and
Memory Trend sections there are sliders you can move to set the time range anywhere with in the previous 24 hours. The lower portion of the
page shows the current system response time as well as a log of any recent slow response events.
Alarm Pipelines
The Alarm Pipelines page lists the currently configured alarm pipelines in the Gateway. Each pipeline displays the number of alarm items
currently running through it. Click on the Details button to the right to open up a new page that will show the alarm pipeline status and logs.
There will also be a set of tabs at the top of the page. One for the Pipeline Status that is already open, the other for Pipeline Logs. This log
viewer will act as a miniature log viewer that will only show logs that pertain to this particular pipeline.
Gateway Scripts
The Gateway Scripts page displays a list of all currently configured Gateway scripts. These are scripts that are configured in the Gateway
Event Scripts section of the project. The tabs at the top of the page will swap between the different types of Gateway Event Scripts: Timer,
Tag Change, Message Handler, Startup, and Shutdown. They provide useful information such as the name of the project that it is running in
as well as the last time it ran, the duration and status (if it was successful or not).
With this page you can quickly verify that your scripts are running properly. If a script has an error, click on the error for more details about
what went wrong with the script. All of the logs for that section are also contained in the log viewer at the bottom of the page, to make it easy
to see a list of all of the logged errors for that set of Gateway Event Scripts.
Modules
The Modules page shows a list of the currently installed modules, their current version, and if they are running properly with a license. The top
of the page shows a quick count of the running and licensed modules, so you can easily tell if anything is not working. It is then easy to scroll
down through the list to see which modules are having issues.
Redundancy
The Redundancy section displays information regarding the redundant system, if one is configured. It easily shows the Role of the Gateway
you are viewing, the status of the connected Gateway, and their IP addresses. The trends on this page give a snapshot of the last few
minutes of communication between the two Gateways. The first trend shows the data that is being sent and received between the two
Gateways, the second shows the state updates that have recently occurred. The bottom of the page contains a log of the last system events,
to easily track major events between the Gateways.
Force Re-Sync
The Force Re-Sync button forces a full synchronization of the redundant configuration state. The backup node will be forced to restart.
Request Failover
The Request Failover button switches the active node in a redundant pair.
Reports
The Reports page shows information on any Reports that have at least one scheduled action set up. The top of the page gives a quick count
of reports that are executing an action, have executed an action, or are going to execute an action. Below you can also find a list of Reports in
those states as well, to quickly see what project they are located in, or what their last execution time was. As with most other pages, there is
also a log of all events related to reports at the bottom of the page.
SFCs
The Sequential Function Charts (SFCs) section displays a list of all of the currently configured SFCs along with a count of the currently
running charts at the top of the page. Click the Details button next to any SFC for details about that particular Chart.
On the Details for an individual SFC, there are two tabs: Chart Instances and Chart Logs. It will contain a list of all currently running Chart
instances, and will allow you to swap tabs to look at any logged events for that particular chart.
Voice Alarming
The Voice Alarming page will give details about the currently configured Voice Notification profiles on the Gateway. They will give a status
which can be used to quickly see which Notification Profiles are not working, and clicking the details button will allow you to see the current
calls with that Voice Notification profile, and the current queue of calls waiting to be completed.
Tags
The Tags page contains a lot of information about the Gateway's configured Tags and Tag Providers. The first page will show a list of all
realtime and historical Tag Providers that make it easy to see if any of them are having issues. Clicking on an errored provider will show an
error message that may help fix the problem. Clicking on the Details button to the left will open up a page with more information about the
Tags in that particular provider.
The details of the Tag Provider will show a list of all currently configured Tags in that Tag Provider, and show some basic information about
them. You can browse through the Tag structure to get more information about each Tag. When clicking the Details button for an individual
Tag, you will be brought to a Tag Diagnostics screen that will provide more detailed information about that particular Tag, such as if it has a
script written in its Tag event scripts and what its last value was, among other information.
The Group Tab allows you to see the Tag Groups configured. It also shows the number of executions for each Tag Group, the last time the
Group was executed and the average duration in milliseconds. Provider Logs display any events that relate to that particular provider.
EAM Tasks
The EAM Tasks section will only show up once the EAM module is configured. This page shows information regarding the currently running
and scheduled tasks, as well as tasks that were recently executed and whether they were successful or not. From here you can pause a
scheduled task, or see the error that caused a previous execution to fail.
Transaction Groups
The Transaction Groups page makes it easy to get a quick count of the currently running groups as well as the currently errored groups.
Below the counts is a list of Projects that contain Transaction Groups and some basic information like how many are running and how many
database queries is it generating. Clicking the details button to the right for one of the Projects brings up more information about that Project's
Groups. There are some counts on the number of Groups in various states, as well as a list of the groups. Any Groups that have problems
can be clicked on to see what the error is to get a better idea of why the Group is unable to run.
Related Topics ...
Connections
Gateway Diagnostics
Connections
Status of Gateway Connections

On this page
The Connections section of the Status tab on the Gateway Webpage contains information
regarding the status of Gateway connections to external systems. The list of systems displayed
under the Connections section is based on what modules are installed. It can include EAM Agents, ...
Databases, Devices, Store and Forward, the Gateway Network including other Gateways within the
Gateway Network, and many more. The Connections section allows you to drill down and open up Status of Gateway
more specific information to easily find problems with anything connected to the Gateway, and Connections
even find crucial information about a faulty connection. Log Activity
On the left side of the Status section of the Gateway Webpage, you'll see a list of all your
connections. Click on any system to open a detailed page to see all the available options, and to
get more detailed information. Some third party modules could potentially add sections that are not
discussed in this manual.
Log Activity
Most of the systems in the Connection section have a Log Activity area somewhere within the details of the connection. This Log Activity area
functions much like the Logs in the Diagnostics section of the Status page in that you see a list of all log messages depending on the logging
level you are looking at as well as the filters you have setup. However, what makes the Log Activity areas in each Connections page unique is
that they are filtered to only show loggers for that particular system. This helps you narrow down any potential problems by showing you only
the information that pertains to the section you are looking at.
Related Topics ...
Gateway Diagnostics
In This Section ...
Connections - EAM
EAM Agents
The EAM Agents page shows a list of all the currently configured Agents, including information on
On this page
the connection status. Agents can be organized into groups allowing you to group agents by
location or agent function. If no groups exist, all Agents will be in the Default Group. ...
EAM Agents
EAM Agents
Page
EAM Agents Page
The EAM Agents page contains some useful information about all of your Agent connections.
Attribute Description
EAM Agent Connections
EAM Number of connected agents out of the number of configured agents.

Agents
Default Group and all groups
Gateway Name of the Agent.
Edition Identifies a Standard vs Edge Gateway. Edge edition shows "edge," and if it's a Standard Gateway, this field is left blank.
Status Current status of the Agent connection.
Last Date and time recorded for the last communication with the Agent.
Comm
Last Name of the event last recorded with the Agent.

Event
Event Date and time recorded for the last occurring event with the Agent.
Date
Log Shows any EAM Agent activity along with the Time the log was created and a brief message. You can find more of these
Activity same type of messages in the Gateway Logger which is found in the Status section under Diagnostics > Logs, and the
Wrapper Logger file under Program Files > Inductive Automation> Ignition > logs > wrapper.log.
Related Topics ...
Enterprise Administration
Creating a Controller
Adding an Agent
Connections - Databases
Databases
The Databases page shows a list of configured databases, and if they have a valid connection or
On this page
not. Clicking on the Details button to the right of a connection will either show the full error if the
connection is faulted, or it will bring you to a details screen for that database connection. On the ...
details screen, you can easily see any active queries, long running queries, the number of queries
a second that are running, as well as a trend showing the percentage of queries that completed in Databases
that time. Databases Page
Database
Connection
Details
Databases Page
The main database page contains some useful information about all of your database connections.
Attributes Description
Valid Connections Number of valid connections.
Total Throughput Number of queries and their status.
Name Name of the query.
Driver Name of the driver.
Status Current status of the database connection.
Database Connection Details

The Details page for an individual connection provides more in depth information for that particular database connection.
Database Stats - Stats about the database connection
Connections Number of database connections out of configured databases.
Queries / Sec Number of queries running per second along with a trend showing the percentage of queries that completed in that time.
Active Queries - A list of currently active queries
Query Currently running queries.
Started When the query was started.
Actions The ability to cancel a query.
Longest Recent Queries - A list of the longest running queries.
Query Displays the actual query.
Duration Amount of time the query ran.
Started When the query started running.
Related Topics ...

Database Connections
Connections - Designers
Designers
The Designers page displays information on currently running designer sessions. All the open
On this page
designers are displayed on the page along with some basic information about each session, such
as what user is logged into each designer session and the project they are currently working on. ...
Clicking on the Details button to the right of a designer session will display more information about
that particular designer. On the Details page, you can see session information, as well as what Designers
designer locks the session currently has set. Locks are when a designer is working on a particular Designers Page
page or set of pages, the system places a lock on those resources (i.e., window, pipelines, etc.,) to Designer Details
prevent other designers from working on the same resource. There is also a log at the bottom of
the page displaying any errors pertaining to that designer session.
Designers Page
The main Designers page has a list of all currently running designer sessions, and some basic information about all of them.
Designer Stats
Active Number of active Designer connections.

Designers
Requests / Sec Number of requests running per second along with a trend showing the percentage of requests that completed in that
time.
Designer Sessions
Filter Search criteria to filter for specific designer sessions.
View The number of designer sessions to preview.
Id Designer session id number.
User Name of the user logged into the Designer.
Project Name of project the user is currently working on.
Uptime Amount of time the user is logged into the designer session.
Status If the Designer is actively connected or not.
Address The IP Address and name of the computer running the designer.
Memory Current memory usage for the session.

Designer Details
The Designer Details page shows more in depth information about that particular designer session, with the most important being the list of
Designer Locks. The locks are project resources that the designer session is using. Because that designer session is using those project
resources, no other designers will be able to access those resources, to prevent two designers from working on the same thing.
Session Details
User Name of the user logged into the Designer.
Project Name of project the user is currently working on.
Address The IP Address and name of the computer running the designer.
Uptime Amount of time the user is logged into the designer session.
Memory Current memory usage for the session.
Timezone Local time of the user.
Log Activity
Min Level Dropdown menu with options Info, Debug, and Trace.
Live Values Toggle switch to turn live values on or off.
Logger Name of the logger that describes the context of the message.
Time Time of log.
Message Message for the log.

Related Topics ...
Designer
Connections - Devices
Devices
The Devices page lists the currently configured OPC-UA devices, and lets you know which are
On this page
connected and which have a faulty connection. From here, you can drill into a device connection to
see how many Tags Ignition is requesting from the device, along with how often it is requesting ...
them. This information can be used to determine if we are overloading the device with too many
requests too quickly, or if we can request more from our device. Devices
Devices Page
Device Details
Devices Page
The main Devices page lists out all OPC-UA devices, as well as how many currently have a valid connection. Note: this will only show the
devices connected through an Ignition device connection. For information about devices connected through other OPC Servers, see those
programs.
Attribue Description
Connected Devices Number of devices connected out of configured devices.
Name Name of the device.
Driver Name of the device driver.
Status Current device status.
Editor notes are only visible to logged in users

Replace this image after Dev fixes the the Connected Devices. The number of Running
Devices in the list are not reflected in the number of Connected Devices.
Device Details
Clicking the Details button to the right will display a diagnostics page for that device which provides a lot of useful metrics like a Tag count.
The log at the bottom of the page will display recent events that pertain to that particular device.
The Device Details page also lists statistics to help determine if the device is overloaded with requests. There are values for each Tag Group
that are configured on Tags from the specified device, as well as aggregate statistics which pull from all Tag Groups to get an average for the
device. The four values are listed in the table below.
Aggregate Statics
Request Count Tracks the number of requests that are coming in from the device, each request consisting of multiple Tags.
How many Tags are in a request can vary between devices, which Tags are being requested, and how often they
are requested.
Throughput Average amount of requests that come through per second since the device was last started.
(Mean)
If the device connection is edited and saved, this will cause the device connection to reinitialize and this value will
be reset.
Throughput (1 Average amount of requests that come through per second for the last minute.
min)
Mean Response Average time it takes for Ignition to get a response from the device. This number should be an average of the graph
Time on the right of the page.
So based on the statistics above, we can determine if we are overloading our device by requesting too many Tags too quickly. We simply
need to take the throughput and use that to determine how many total requests come in per Tag Group execution. If this is at or above the
request count, then our device can keep up with the numbers we are requesting. If it is below the request count, then the number of requests
we are making to the device aren't coming in as fast as we want them, which can lead to poor device performance or bad values.
For example, take the image below. Scheduled at 2000ms, we have 81 requests. Our average throughput is about 40.8 requests a second.
This means that every two seconds, we get 81.6 requests. Since we are making 81 requests every two seconds, this is exactly what we
would expect to be getting from this device.

Update images with more activity. Images below were in v7.9. Screens were updated in v8.
Overloaded Device
However, if we altered the Tag Group on the same device to 500ms, we see a very different picture. The request count is still 81, but because
we are requesting values every 500ms, we should see about 162 requests coming through every second. The throughput values only show
us getting about 87.5 requests per second, which is about half of what we actually are asking for. This would indicate that our device is
overloaded, which can also be seen in the Load Factor. Our Tags would not be updating as quickly as we would like, which could lead to bad
Tag values.
Related Topics ...
OPC UA
Allen Bradley Ethernet
Modbus
Siemens
Connections - Gateway Network
Gateway Network
The Gateway Network page is designed to give a quick overview of the status of all Gateways
On this page
within the Gateway Network. If the Gateway is faulted, the status message in red can be selected
to see the error that pertains to why it is faulted. Any Gateways with a status of 'Connected' can be ...
drilled into by clicking the Details button to the right. On the Details page, metrics for the selected
Gateway are displayed, giving an idea of the rate of data transfer between the two Gateways, as Gateway Network
well as a list of recent connection events. Gateway Network
Page
Connections
Details
Remote Gateway
Details
Outgoing Queues
Details
Gateway Network Page
The main Gateway Network page displays a list of all current Gateway Network connections both incoming and outgoing, as well a list of all
Remote Gateways that the Local Gateway can see both from its Gateway Network connections and through proxy connections. Each list has
some basic information along with the ability to see more details on a specific Gateway Network connection or a Remote Gateway.
Gateway Network Connections
Remote Gateway Name of the Remote Gateway connection.
Direction The direction of the Gateway Network connection. Can either be Incoming or Outgoing.
Redundancy Role The redundancy role of the Gateway. Can either be Independent, Backup, or Master.
Last Comm The time of the last communication with the Gateway.
Ping Time Reaction time of Gateway connection. How fast you get a response after you've sent out a request.
Status Current state of the Gateway Network Connection.
Fault Count Number of errors.
Remote Gateways
Gateway Name Name of the Remote Gateway.
Outgoing Msg/Sec The number of outgoing messages per second.
Incoming Msg/Sec The number of incoming messages per second.
Pending The number of currently pending messages.
Connected Through How the Gateway is connected to the Remote Gateway.
Status Current state of the Remote Gateway Connection.

Connections Details
Clicking on the Details button to the right of a Gateway Network connection gives more details on that specific connection.
Status Current state of the Gateway Network Connection.
Average Outgoing Bytes Average bytes of data going from the Local Gateway to the Remote Gateway per second.
Average Incoming Bytes Average bytes of data going from the Remote Gateway to the Local Gateway per second.
Ping Time Reaction time of Gateway connection. How fast you get a response after you've sent out a request.
Pending Uploads The number of uploads pending from the Gateway Network connection.
Pending Downloads The number of downloads pending from the Gateway Network connection.
Local Id Id of the local Gateway.
Remote Id Id of the remote Gateway.
Remote Gateway Name of the Gateway on the Gateway network.

Network Address Physical address used to communicate with all devices on the Gateway network.
Redundant Role The redundancy role of the Gateway. Can either be Independent, Backup, or Master.
Direction The direction of the Gateway Network connection. Can either be Incoming or Outgoing.
Session Id Gateway connection session Id number.
Last Comm The time of the last communication with the Gateway.
Fault Count Number of errors.
Connection Events Displays a list of recent connection events.

Remote Gateway Details
Clicking on the Details button to the right of a Remote Gateway will give more information about the Remote Gateway and the messages
being sent between it and the local Gateway.
Outgoing Queues
Name The name of the queue.
Priority The priority the queue takes amongst other queues.
Enter Rate The rate at which messages enter the queue.
Exit Rate The rate at which messages exit the queue.
Pending The number of pending messages in that queue.
Total Sent The number of messages sent out through that queue.
Incoming Service Invocations
Name The name of the incoming invocation.
Description A description of what the invocation is asking of the Local Gateway.
Invocations/Sec The number of that type of invocation per second.
Total The total number of that type of invocations.

Outgoing Queues Details
Clicking on the Details button to the right of a Outgoing Queue will bring up details on the messages being sent from that queue. It lists out
each message type, as well as the number of each message type per second that is being sent, as well as the total number of that message
being sent.
Message Type The name and type of message.
Inserts/Sec The number of messages per second.
Total The rate at which messages enter the queue.

Related Topics ...
Gateway Status
Gateway Diagnostics
Connections - Store and Forward
Store & Forward
The Store and Forward page displays a list of the Store and Forward engines, including their
On this page
status, as well as the number of records currently in each Store and Forward system. If the
database connection becomes faulted, the database records wait in the Store and Forward system ...
until the database connection is restored.
Store & Forward
Store & Forward
Page
Store & Forward
Details
Store & Forward Page
The main Store and Forward page lists out all store and forward engines. Typically, each database connection gets its own store and forward
engine, so there should be one engine for each database connection. In addition to displaying some basic stats for each engine, you can also
find some totals for all store and forward systems, to get an idea of how much data is being pushed through the system to databases and if
any records are being dropped.
Store and Forward Connections
Aggregate Aggregate number of records inserted into a database from any Store and Forward engine per second.
Throughput
Total Number of quarantined items for all Store and Forward engines.
Quarantine
Total Number of records dropped from the Store and Forward engines. A record is considered dropped if it can not be added to
Dropped one of the buffers, (i.e., when a buffer is full and the Store and Forward engine can no longer accept new records).
Store and Forward Engines
Name Name of the Store and Forward engine.
Store Number of records that go through the Store and Forward Engine per second
Throughput
Forward Number of records to be forwarded on to the database per second.

Throughput
Quarantined Is data that has erred-out multiple times during attempts to forward it or data that could not be stored because of some
configuration issues.
Activity Current state of the Store and Forward engine.
Actions By clicking Details, shows additional information about Store and Forward engines.
Store & Forward Details
Clicking the Details button brings up a new window that will show even more details about the records in the selected Store and Forward
Engine. Here, we can see a count of the number of records in the memory buffer and local cache, as well as the number of quarantined
records. The quarantined items at the bottom of the Details page will have some buttons that allow you to control the data that is in the
quarantine. The quarantined item can be retried, where it will be thrown back through the Store and Forward system to see if it will go through
properly, assuming the original reason why it was quarantined has been fixed. It can also be deleted so that it is no longer taking up space in
the Store and Forward system, or exported to your local machine where you can save it to try again later. You can then import the file back
from the same page when you resolved the issue that caused the data to be quarantined in the first place.
Memory Number of records entering the Memory Buffer per second. The progress bar shows the percent of the buffer being
Buffer utilized, along with the current and max number of records.
Local Number of records entering the Local Cache per second. An "Idle" state means the engine is able to successfully store all
Cache records into the database before the Write Size or Write Time values have been reached. The progress bar shows the
percent of the buffer being utilized, along with the current and max number of records.
Database Displays the number of records pushed from either buffer to the database per second.
Storage
Quarantined Shows a list of quarantine items and allows you to choose the quarantined file and import it.
Items
ID Identification number of the quarantine item.
Count Number of occurrences for the quarantined item.
Description Description of where the quarantine item origninated from.
Reason Explanation why the record was placed into quarantine.
Actions Provides and opportunity to retry, delete, or export the items from quarantine.
Related Topics ...

Using Store and Forward
Controlling Quarantine Data
Connections - OPC Connections
OPC Connections
The OPC Connections page displays all currently configured OPC (both UA and DA) connections. (
On this page
Note: If you are using an OPC UA connection, you should be using the OPC UA Module. If you are
using the DA connection, you should be using the OPC COM Module). ...
OPC Connections
OPC Connections
Page
Subscriptions
Nodes
OPC Connections Page
Here on the main OPC Connections page, we can see a list of all current OPC connections, as well as their status. If any are faulted, you can
click the red faulted status to get an error message popup with a full description of the error.
Connected Servers Displays the list of OPC servers out of configured servers, and their status.
Name OPC server name.
Filter Search criteria to filter for specific server names.
Type OPC server type - UA or DA
Uptime Total time OPC server is connected.
Status Current status of OPC server.

Subscriptions
By clicking on the Subscriptions button brings up more detailed information for that particular server. It will list out all of the subscriptions to
that server with the publishing rates, as well as the number of items within that subscription.
Filter Search criteria to filter for specific subscriptions.
Refresh Refreshes subscription data.
Name Displays the subscription name.
Rate The rate which a Tag will execute as defined in the Tag Group.
Request Publishing Interval The rate which Tags are requested from the server.
Revised Publishing Interval The server's revised rate based on what the server can handle.
Tag Count The number of Tags currently subscribed to that Tag Group.
Nodes
Clicking the Nodes button for one of the subscriptions will bring up the list of subscribed OPC items.
Filter Search criteria to filter for a specific node.
Refresh Refreshes node data.
Node ID The OPC item path.
Requested The rate of the subscription that the client requested.

Sampling Interval
Revised Sampling The revised rate at which the subscription publishes.

Interval
Requested Queue Determines how many data points can be stored and transferred to the client once the sampling rate elapses
Size when the sampling rate is slower that the publishing rate.
Status Code Status of the node.

Related Topics ...
OPC UA
OPC UA Connections and Settings
Connections - SECS/GEM Equipment
SECS/GEM Equipment
The SECSGEM Equipment page displays a list of all equipment connections, their status, as well
On this page
as the number of sent requests and received messages. If any piece of equipment becomes
faulted, it will show a status of "Not Connected." If you click the Details button, it opens a new ...
page with some Connection Stats. Note: the SECSGEM Module is not standard and will be missing
for most installs of Ignition. The SECSGEM Equipment Connection will only be displayed in the SECS/GEM
Status section of the Gateway webpage under Connections when the module is installed. Equipment
SECS/GEM
Equipment Page
SECS/GEM
Equipment
Details
SECS/GEM Equipment Page
The main SECS/GEM Equipment page lists out all equipment connections and displays the number of messages sent between them and
Ignition.
Connections The total number of active SECS/GEM Equipment connections.
Aggregate Throughput The messages per second the system is sending and receiving from all devices at that time.
Name The name of the equipment connection in the list.
Sent Messages The number of messages sent to the equipment.
Received Messages The number of messages received from the equipment.
Status The status of the equipment.

SECS/GEM Equipment Details
Clicking the Details button to the right of a piece of equipment will take you to a page that shows more detailed information for that particular
piece of equipment.
Sent Messages
Throughput The messages per second the system is currently sending.
Average The average messages sent per second from when the equipment was first enabled.
Total The total messages sent.
Received Messages
Throughput The messages per second the system is currently receiving.
Average The average messages received per second from when the equipment was first enabled.
Total The total messages received.

Related Topics ...
SECS/GEM
Connections - Perspective Sessions
Perspective Sessions
Much like the Designers page, the Perspective Sessions page shows a ton of information regarding
On this page
currently open Sessions. All the open Perspective Sessions are displayed on the page along with
some basic information about each session, such as what user is logged into each session and the ...
project they are currently working on, their IP address, and much more. Each session has a Detail
button that allows you navigate all the elements of a session: pages, view instances, and Perspective
components. Sessions
Perspective
Sessions Page
Perspective Sessi
on Details
View Instances
Components
Perspective Sessions Page
The main Perspective Sessions page displays a list of all currently running Designer and Client Sessions to show how many are open, and
the name of the users that are currently using them. By clicking on the Details button to the right of a session will display even more
information about that particular session, including any Log Activity pertaining to errors recorded while the session was active.
Sessions Details
Total Sessions The number of currently active Designer and Perspective Sessions.
Device Type of device running the Session.
User The user logged into the Session.
Project The name of the project open in the Session.
Uptime The total uptime of the Session.
Last Comm. Date and time recorded for the last communication with the Session.
Address The IP Address and computer name where the Session is launched.
Session Scope Indicates what browser opened the Session, and the Perspective icon indicates the Designer is open.
Actions Displays more details about the session.

Perspective Session Details
The Performance Page within the session displays more in depth information such as the Page Id and how many views are on each Page. Hit
the Details button to get more detailed information about each page in the sesson.
Performance
Total Views The number of currently active pages.
Total Bytes Sent Displays total number of bytes sent out.
Pages
Id Page Id
Views Displays total number of views on a page/
Actions Displays the details of the view instances in the session.
Log Activity
Min level Dropdown menu with options Info, Debug, and Trace.
Merge to Logs Merge the settings of the current view with the main Diagnostics Log Viewer.
Time Time of log.
Displys log properties of the logged event.

(Log Properties)
View Instances
The View Instances page shows the number of View Instances on a Page and the number of Components in each view instance. Press the D
etails button next to each View Instance to get even more information about the type of components used in each view.
Sessions Details
InstanceID Displays View Instances for eac view.
Components Total number of components used in the specified view.
Actions By clicking on the Details button shows mor information for each view instance.
Components
The Components page lists all the components used in a View Instance of Page along with the following information about each component.
Name Name of the component.
AddressPath Address of the component.
Bindings Displays the number of bindings for each component.
Children Displays the number of children for each component.
Properties Displays the number of properties for each component.
PropertyChangeScripts Displays the number of property change scripts for each component
Actions Displays the number of actions for each component.

Related Topics ...
Launching a Perspective Session
Connections - Vision Clients
Vision Clients
Much like the Designers page, the Vision Clients page shows information regarding currently
On this page
opened Clients. The Clients are listed and show some basic information such as the address of the
Client. From here, the Client session can be terminated by selecting the More button and hitting Te ...
rminate, or select the Details option to see more details about the Client session such as the
number of Tags that the session is currently subscribed to, as well as a log of errors that may have Vision Clients
happened with that Client. Vision Clients
Page
Client Session
Details
Vision Clients Page
The main Vision Clients page displays a list of all currently running Clients which show how many clients are open and what users are
currently using them.
Clients Stats and Details
Active Clients The number of currently active Clients.
Requests/sec The number of requests per second coming from all Clients.
Id The Client Id.
User The user logged in on the Client session.
Project The name of the project open in the Client session.
Uptime The total uptime of the Client session.
Activity Denotes whether the Client session is currently connected and active or not.
Address The IP Address and computer name where the Client is launched.
Memory The Client's current memory usage.
Actions The option to terminate the Client session, or see more details about the session.
Client Session Details
Clicking on the Details button for a Client session will take you to a page that displays more in depth information for that particular Client
session. It also gives a logger at the bottom where errors coming from that particular Client can be seen.
Client Performance and Details
Memory The Client's current memory use.

Subscriptions The number of Tags the Client is currently subscribed to.
User The user logged in on the Client session
Project The name of the project open in the Client session.
Address The IP Address and computer name where the Client is launched.
Uptime The total uptime of the Client session.
Last Comm The last time the Gateway communicated with the Client.
Client JVM Version The Java version that the Client is currently running on.
Related Topics ...
Vision Client Launcher
Gateway Diagnostics
Diagnosing Gateway Issues
The Diagnostics section of the Status tab holds pages that help to diagnose issues with the
Gateway. The Gateway logs can be seen here as well as information on any blocked threads within
the Gateway if something has gotten stuck. The logging system also ties into the logs in any
previous status pages.
On this page
...
Diagnosing Gateway
Issues
Execution
Logs
Execution Printing to the
Logs
The Execution page reports the status of all tasks that your Gateway runs on a schedule. Here you Mapped
can find helpful information such as the duration and execution time of an alarm journal update or Diagnostic
the average time it takes your Gateway to execute a Tag Group. Context Keys
Threads
Throughput Number of executions that come through per

second.
Total Executions Total number of times the task executed.
Delay Amount of time waiting to execute the task.
Avg. Duration Average time to run the task.
Last Duration Amount of time to run the last task.
Logs
One of the most important troubleshooting tools of the Gateway Webpage is the Logs page. This console shows errors caused by Gateway
events including things like Database or Device connections, Authentication profiles, Alarm Journals and Pipelines, and anything else that is
Gateway scoped. You can find logs in the Status tab of the Gateway Webpage under Diagnostics > Logs.
The Gateway Logs also provide a wealth of information about the running state of the Gateway. To learn more, refer to the section on Trouble
shooting the Gateway.
The Logs page is where the Gateway Console is located that allows you to see a live flow of log events in the system. The logs can be filtered
by using a search term or by date. The Settings (
) button on the right brings up a popup window that can change the logging level of certain loggers. The logs can also be exported using the
Download Logs button on the right as well.
Time Time of log.
Filter Search criteria to filter for specific tasks or events.
Min Level Dropdown menu with options: All, Trace, Debug, Info, Warn and Error.
Printing to the Logs
You can print to Gateway logs by using the system.util.getLogger() function. Below is a simple example, you can look in the appendix for
more options.
logger = system.util.getLogger("My Logger Name")

logger.warn("My Warning Message")
Mapped Diagnostic Context Keys
Mapped Diagnostic Context Keys (MDC Keys) allow you to specify a specific context, such as a particular project, and then set a logging level
for it. This will set all loggers that pertain to the specified project to the logging level. This is useful to help diagnose an issue with a specific
system within the Gateway. To use MDC Keys, click the Settings (
) button on the Logs page and navigate to the Context tab. Here, you can choose specific Key-Value pairs that match a particular system.
Selecting the Key text field will bring up a list of possible keys in your system. Once a Key has been selected, selecting the Value text field will
bring up a list of possible values that relate to the selected Key.
The Logs can also be filtered to show only logs that pertain to an MDC Key. This can be useful when altering the logging level of one or more
MDC Keys. To set an MDC Filter on the logs, simply click the Add Mapped Diagnostic Context Filter (
) button on the Logs page to open a window where MDC Key Filters can be set. The filter can be specified for all values in a Key by not
specifying a Value.
Merging to Logs
Many of the other pages in the Status tab also contain a logger that will just show logs that are relevant for that particular section. These log
views all contain a button on the right side called Merge to Logs. This button allows the current filter to be applied to the main logs page,
allowing you to still see only the logs for that section but use all of the tools available.
Threads
The Threads page allows you to see what each thread is doing in the Gateway. Their state and CPU usages are displayed to easily find
problem threads, as well as a chart of what systems are using the threads and the ability to filter the threads based on a keyword. Each
thread can be expanded to give details on what it is currently doing, and that individual thread process can be copied to the clipboard. A
thread dump can be downloaded by clicking the Download button (
) on the right of the page.
Thread Name Name of the thread.

Filter Search criteria to filter for specific threads.
CPU(%) Percentage of CPU usage.
State Current state / status of the system.
System Search criteria to filter for specific tasks or events.
Actions View thread details.
Related Topics ...
Status
Config
Config
Configuring the Gateway

The Config tab provides access to configuration options for Gateway settings. This is where most
of the settings that affect the whole Gateway are set up. We can add database and device
connections, users and roles, adjust alarm settings, set up security, create a schedule for a On this page
Gateway backup to be taken automatically at specific times, and much more. The list of Config
options on the left menu change based on what modules are installed on your Gateway. Third party
modules have settings that are not discussed on this page. ...
Configuring the
Gateway
System
Networking
Security
Databases
Alarming
Tags
OPC Client
OPC UA
Enterprise
Administration
Sequential Function
Charts
System
The System section is a sort of catch all section that can do a lot of different things. The first window is the Overview page, which is what will
first show up when navigating to the Configure tab. The Overview page only has links to other sections of the Config tab, but it is useful if you
aren't exactly sure where the setting you are looking for is located, because the Overview page lists the most common configuration changes.
Page Description
Backup/Restore The Backup/Restore page is where you can manually take a backup, and restore a previous backup. It also can
upgrade a legacy backup.
Licensing The Licensing page allows you to control any and all licenses currently activated on the Gateway. It will show all the
modules that the license is currently good for, and have some options for activating a new or additional license.
Modules The Modules page displays all currently installed modules and if they are active or not. This is where you can install a
new module or upgrade an existing module.
Projects The Projects page can easily manage all of the projects currently configured in the Gateway, with settings that
change the Name and Title, or the default database and authentication profile of the project.
Redundancy The Redundancy page is where all of Ignition's redundancy settings are configured. This is where the master and
backup nodes are configured as well as the network settings to make sure the two nodes can properly communicate.
Gateway The Gateway Settings page is where all miscellaneous settings are located. Autobackups can be configured here to
Settings happen at certain times. SSL encryption can be turned on here as well as changing roles required to access certain
parts of the Gateway for increased security.
Networking
The Networking section deals with setup and management of the Gateway Network.
Page Description
Web
Server This feature is new in Ignition version 8.0.3
Click here to check out the other new features
The Web Server page is for configuring the http and https ports, setting up the SSL / TLS certificate, redirecting traffic
through a known address, and whether or not all http traffic should be forcefully redirecting to https. If you are allowing users
to access your Gateway from outside your network (through the internet), you will need to configure the Public HTTP
Address settings.
You can find out more about SSL in Using SSL.
Gateway The Gateway Network allows you to connect multiple Gateways together over a wide area network. The Gateway's
Network connection settings can also be changed to only allow certain connections. The Gateway Settings set the basic rules for the
system.
Email The Email Settings section allows you to create an SMTP server connection in the Gateway that can be used by several
Settings different resources such as Alarm Notification and Report Schedules.
Security
Ignition provides serveral Security options to safeguard data and applications in Ignition which fall into the following categories, and are set up
in the Config section.
Page Description
Auditing Here you can set up an Audit Profile to record details about specific events that occurred.
Users This is where you set up users and roles. Security policies are defined in terms of the roles set up in the system.
and
Roles
Service A security policy can be defined for each Security Zone and is set up in Service Security. The Security Policy has four
Security sections: Alarm Notification, Alarm Status, History Provider Access, and Tag Access. They work together to define how the
local Gateway gives access to incoming Gateway connections.
Identity Identify Providers (IdP) provides a way for users to log in to Ignition using credentials stored outside of Ignition. An IdP creat
Providers es, maintains, and manages identity (login) information while providing authentication services to Ignition. This provides a
secure login that allows Ignition to use SSL and two-factor authentication (2FA).
Security Security Levels define a hierarchy for access inside a Perspective Session. This authorization system provides a way to
Levels map roles from an Identity Provider (IdP) to Ignition roles.
Security A Security Zone is a list of Gateways, Computers, or IP addresses that are defined and grouped together. This group now
Zones becomes a zone on the Gateway Network, which can have additional policies and restrictions placed on it. Security Zones
provide this functionality to the Gateway Network, limiting locations instead of people to be read-only for specific actions.
This allows for greater control over the type of information that is passing over the network, improving security and helping
to keep different areas of the business separate, while still allowing them to interconnect.
Databases
The Databases section is where database connections are set up. Databases are used in historical data logging, reporting, storing alarm
logs, and Tag storage.
Page Description
Connections Many of the advanced features of Ignition, such as the Transaction Groups and Tags Historian require a connection to an
external database, and most databases require special permissions for each computer that wants to connect. Ignition tak
es care of all of this. You create a connection to your database once, and every system in Ignition will use that central
connection. From here, you can create new database connections and edit existing connections.
Drivers JDBC drivers used in database connections are imported and configured in Drivers of the Database section.
Store and The Store-and-Forward system provides a reliable way for Ignition to store data to the database. The
Forward Store-and-Forward system settings offer a good deal of flexibility in tuning. Different types of situations and goals will
likely require different configurations.
Alarming
The Alarming section provides general alarm configuration settings to provide up-to-date status of alarms, store alarm history, build the logic
for how, why, and when alarm notifications are delivered, manage alarm notifications for user groups, and send Email, SMS, or Voice
notifications. With all these features and functions in Alarming, you can easily create alarms, and design and manage your alarm notifications
any way you choose.
Page Description
General This General setting provides of some basic alarm configuration settings.
Journal Alarm Journals are configured in the Alarming section to store basic historical information in a database about alarms that
occurred, such as their source and timestamp, associated data on the alarm, and the values of the alarm's properties at
the time the event occurred.
Notification Notification Profiles are configured in the Alarming section to allow for Email, SMS, or Voice notifications to be sent out
when an alarm event occurs.
On-Call The On-Call Roster is where you create user groups to be notified when an alarm occurs. When an alarm is triggered, it is
Rosters sent to a designated On-Call Roster where it evaluates the users schedules, and only notifies those users that have an
active schedule. Users that are off-schedule will not be notified.
Schedules Defines the times of users on-call availability and unavailability by configuring Schedules.
Tags
The Tags section is where both Realtime Tag Providers as well as Historical Tag Providers are configured. This is NOT where individual Tags
are set up.
Pages Description
History Configure the settings for each of the configured Historical Tag Providers, or create new remote or split providers.
Realtime Configure the settings for each of the configured Realtime Tag Providers,or create new standard or remote providers.
OPC Client
The OPC Client section is where connections from Ignition's internal OPC UA server to other OPC servers are located.
Pages Description
OPC Connections Configure OPC Connections to Ignition's built in OPC Server.
OPC Quick Client The OPC Quick Client allows for quick and simple testing of any OPC Connections connected to the OPC server.
OPC UA
The OPC UA Server is where Ignition's internal OPC UA server is configured.
Pages Descriptions
Device Connections This is where all device connections to our internal OPC UA server are configured.
Security Upload and trust client and server OPC UA certificates.
Server Settings Configure Ignition's internal OPC UA Server's settings.
The Enterprise Administration section controls the majority of EAM functions. Setting the Gateway to be a Controller or Agent as well as
creating Agent Tasks and managing the various Agents from the Controller Gateway can all be done in this section.
Sequential Function Charts

A Sequential Function Chart (SFC) is a series of scripts that are defined in a single location, and then called in sequential order.
Page Description
Settings This is where the SFC Settings are configured.
Related Topics ...
Gateway Settings
Security
Database Connections
Tags
Alarming
OPC UA
Sequential Function Charts
In This Section ...
Gateway Settings
Gateway Configuration
Once you have the Gateway up and running, you start by configuring some or all of the general
services in Ignition. You make the configuration changes from the Config section of the Gateway
Webpage. The different broad categories of what you can configure are as follows:
System (Overview, Backup/Restore, Licensing, Modules, Projects, Redundancy and Gate

way Settings)
Networking (Web Server, Gateway Network and Email Settings)
Security (Auditing ,Users, Roles, Service Security, Identity Providers, Security Levels, and
Security Zones)
Databases (Connections, Drivers, and Store and Forward)
Alarming (General, Journal, Notification, On-Call Rosters, and Schedules)
Tags (History and Realtime)
OPC Client (OPC Connections and OPC Quick Client)
OPC UA (Device Connections, Security, and Server Settings)
Enterprise Administration (Event Thresholds, Controller Settings, Agent Management,
License Management, and Agent Tasks)
Sequential Function Charts (Settings)
Depending on what modules you have installed, some categories may be missing.
Important Gateway Settings

The Gateway is at the heart of the Ignition software. It runs as a web server and you can access it
through a web browser. Once running, you can get various status information about the Gateway
and access important functions. You can customize the Gateway's Homepage to fit your needs. On this page
Here's a description of all the settings and list of all the their associated properties that you will
need to setup based on your Gateway configuration and preferences.
...
Gateway
Configuration
Important Gateway
Settings
Required Roles
Web-Launch
Settings
Local Client
Fallback Settings
Scheduled
Backups
Error Reporting
Settings
Multicast Settings
Gateway Property
Reference
Gateway Settings
Launch Settings
Local Vision
Client Fallback
Scheduled
Backup Settings
Error Reporting
Multicast Settings
Gateway
Scripting
Gateway Status
Pages
Systems
Connections
Diagnostics
Starting and
Stopping the
Gateway
Command-Line
Utility
Required Roles
There are several properties that are required to access certain sections of the Gateway.
Property Description
Gateway Config Role(s) Allows you to enter roles to control access to the Gateway Config section.
Status Page Role(s) Allows you to enter roles to control access to the Gateway Status section.
Home Page Role(s) Allows you to enter roles to control access to the Gateway Home section.
Designer Role(s) Allows you to enter roles to control access to the Designer.
Web-Launch Settings
Web-launching technology lets you launch a full-fledged application with zero installation just by clicking a link on a webpage. This is how
both the Designer, where you'll configure your projects, the Ignition Vision Client and Perspective Sessions, where you can view your
projects.
Local Client Fallback Settings
Ignition provides a Local Vision Client Fallback mechanism that lets you use a Gateway running on the local machine. If the Gateway is lost,
the Client can automatically retarget to a project that you specify in the local in the local Gateway.
Scheduled Backups
The Scheduled Backup Settings control the Gateway's scheduled backup system. This system is capable of automatically making a
Gateway backup and storing it to a folder path, which can be a network path.
When you enable this system, you must specify a destination folder. This can be a local folder, for example C:\backups or /var/backups
, or a network path such as \\fileserver\backups.
The scheduled backup system works on a schedule that is specified using UNIX Crontab syntax. This is a standard format for specifying a
basic schedule. The format consists of five space-separated fields, one for minute, hour, day-of-month, month, and day-of-week. The
special Gateway Configuration 72 character * means all. Slashes can be used to indicate that values should be stepped, for example, */5 in
the minutes field means "every 5 minutes", or 0:00, 0;05, 0:10, etc.
To learn more on how to schedule Gateway Backups, refer the page on Gateway Scheduled Backups.
Error Reporting Settings
When an error occurs in the Client or Designer, the users can click a link on the Details tab to report the error via email.
These settings define how the errors are reported.
Multicast Settings
These properties allow the Gateway to broadcast information about itself via multicast UDP packets. This allows the Gateway to be
discoverable by any components that are also listening to the same multicast address. For example, native client launchers listen on a
multicast address to provide a list of available Gateways on the network. Verify that the send ports and receive ports are open on the
Gateway machine in order to be able to broadcast multicast message.
Gateway Property Reference
After you launch the Gateway, you can define the high-level settings that apply to the entire Gateway by going to the Config > Gateway
Settings on the Gateway Webpage. From this page, you can use the default values or define a new setting.
Gateway Settings
System Name Is a unique name for this Ignition installation. It is used to distinguish this server from others on the network when
working with multiple Ignition installations.
System User Is the user source used to secure access to the Gateway, as well as to the Designer.
Source
Gateway Config Is a comma-separated list of roles, one of which is required to log into the Gateway's configuration section. These
Role(s) roles must be defined in the System User Source.
Status Page The required roles to access the Gateway's Status section. Leave blank to remove security restrictions for this
Role(s) section.
Home Page The required roles to access the Gateway's Home section. Leave blank to remove security restrictions for this
Role(s) section. Note that this is only used to limit the access to the homepage itself, each project has its own user source
for limiting access to the runtimes.
Designer Users must belong to one of these roles in order to have access for logging into the Designer. Multiple roles can be
Role(s) specified by separating them with commas.
Create Project Users must belong to one of these roles in order to create a new Designer project. Multiple roles can be specified by
Role(s) separating them with commas.
Global Resource The roles required to protect or modify a protected global resource such as an alarm pipeline. If blank, anyone that
Protection can log into the Designer can protect global resources.
Allow User Allows the administration of the Gateway's system user source from the Designer and Client. Unless this is enabled,
Admin anything outside of the Gateway Configure page is prevented from altering the Gateway's system user source.
Allow Designer Allows single-sign-on authentication for logging into the Designer if the Gateway user source supports it.
SSO
Use SSL
This feature was removed from Ignition in version 8.0.3
As of version 8.0.3 this setting has been moved to the Networking > Web Server page.
Forces the clients to use SSL encrypted communication when talking to the Gateway. It is highly recommended that
you purchase and install a genuine SSL certificate if you use this option. See Installing a Genuine SSL Certificate.
Persist Alarms Whether or not alarm properties such as acknowledgment should persist across Gateway restarts.
Homepage The URL this gateway will redirect to when http://ip:port/ is visited. Can either be a relative path (e.g., /web/home), or
Redirect URL fully qualified (e.g., https://inductiveautomation.com).
Launch Settings
Designer The maximum amount of memory that the Designer has access to.
Memory
Disable Disables the Direct3D rendering pipeline launched clients. Direct3D can cause performance problems with XOR
Direct3D painting. (affects clients on Windows only)
Disable Disables the DirectDraw system for launched clients. Can be useful for some video cards that don't support
DirectDraw DirectDraw well. (affects clients on Windows only)
Disable These properties affect launched Clients and Designers on Windows OS only. These flags control whether or not the
Direct3D/Disable Java Swing windowing subsystem may use Direct3D and/or DirectDraw. Disabling these features can incur a
DirectDraw performance penalty, but might be required for some video cards that have faulty DirectX drivers.
Local Vision Client Fallback
Enable Local Enables a client to fall back to a project in a local Gateway if communication is lost to the central Gateway. Note that
Fallback port 6501 must be open on the local machine.
Seconds Before The number of seconds to wait before switching to the local Gateway project after communication loss.
Failover
Fallback Project The local project to use during fallback.
Scheduled Backup Settings
Enable Enables the scheduled backup system which automatically makes backups at a scheduled time.
Scheduled
Backups
Backup Folder A path to a folder in which to put the scheduled backups.

Backup A UNIX 'crontab' format scheduling string representing when to make the backups.
Schedule
Retention Count The number of backups to keep in the backup folder.
Error Reporting
SMTP Server When not blank, user-reported errors are emailed using this SMTP server.
To Address The email address(es) that will receive the error notification. Separate multiple email addresses with a semicolon (;)
From Address The email address that the error notification is from.
SMTP A username for the SMTP server, if required.

Username
Change Check this box to change the existing password.

Password?
Password A password for the SMTP server, if required.
Password Re-type password for verification.
Multicast Settings
Enable Multicast Allows this Gateway to be discoverable on your local network.
Multicast IP Gateway messages are broadcast on this address.

Address
Send Port This port must be open on this machine to send multicast messages.
Receive Port This port must be open on any machine that will receive multicast messages.
Message The interval in milliseconds at which multicast messages will be sent.

Interval
Gateway Scripting
Gateway The name of the Project that gateway-scoped scripts with no project affiliation can access user script libraries in.
Scripting Project
Gateway Status Pages
You can monitor the Ignition Gateway from the Status section of the Gateway. The Status section of the Gateway Webpage provides detailed
information relating to the following parts:
Systems
Overview Provides a top-down view of many of the components of your Gateway. This view is also useful for determining what
step might be next when setting up your Ignition Gateway for the first time. You can view the status of your database
connections, device connections, OPC connections, the number of open Clients and the number of open Designers.
Performance Displays the performance status for the Ignition system such as CPU, Memory and Threads.
Alarm Shows the status details about the alarm pipelines. You can see the status of an alarm and where the alarm is in the
Pipelines pipeline.
Gateway Shows status details about all the scripts that are running in Gateway. You can see information such as their execution
Scripts status, whether the scripts are running or not, and so on.
Modules A list of installed modules, their status, as well information about their version and current license state.
Redundancy Lists information about the current state of Redundancy in Ignition. This information is only helpful when connected to
another redundant Ignition server.
Reports Displays information about the current and scheduled reports on the Gateway if you are using the Reporting module.
SFCs Displays information about SFC instances.
Tags Lists information and statistics about all configured Tag Providers as well as a view into the Tag subscription model, scan
classes, and what tags it is currently subscribed to.
Transaction Displays information about the current Transaction Groups.

Groups
Connections
Databases Displays a list of configured databases, and if they have a valid connection or not. Shows active queries, long running
queries, the number of queries a second that are running, as well as a trend showing the percentage of queries that
completed in that time.
Designers Displays information on currently running Designer sessions along with some information about each session.
Devices Displays a list of currently configured OPC UA devices and which are connected and which have a faulty connection. It
also shows how many Tags Ignition is requesting from the device along with how often it is requesting them. This
information is used to determine if the device is overloaded with too many requests too quickly, or if the device is being
under utilized.
Gateway Shows an overview of the status of all Gateways within the Gateway Network. It also provides some metrics for each
Network Gateway, giving an idea of the rate of data transfer between two Gateways, as well as a list of connection events.
Store & Displays a list of Store and Forward engines, including status, as well as the number of records currently in each Store
Forward and Forward system.
OPC Displays a list of all current OPC connections and their status.
Connections
Perspective Shows a list of current Perspective sessions and details about each session.
Sessions
Vision Shows a list of current Vision Clients and details about each client.
Clients
Diagnostics
Execution Displays a status of all tasks that your Gateway runs on a schedule, such as duration and execution time of an alarm
journal update or the average time ti takes a Gateway to execute a Tag Group.
Logs Displays errors caused by Gateway events like database or device connections, authentication profiles, alarm journals,
and pipelines. Logs include a wealth of information about the running state of the Gateway.
Threads Shows what each thread is doing in the Gateway, including their state and CPU usages.
Starting and Stopping the Gateway
After installation, the Gateway starts automatically. You can manually stop and start the service. Depending on the platform you are using, the
following is how you can manually start and stop the Gateway.
The Gateway runs as a service, so you can use your operating system's normal mechanisms to start or stop the service.
Command-Line Utility
The Gateway Command-line Utility provides a list of commands you can use to perform specific functions in the Gateway such as starting
and stopping the Gateway.
Windows
Ignition's installation directory contains start-ignition.bat and stop-ignition.bat, which can start or stop the service. Example:
C:\Program Files\Inductive Automation\Ignition> start-ignition.bat

However, you can also use Windows native service commands to control the running state of the Gateway:
net start ignition
net stop ignition
Linux
You can control the service using the ignition.sh script. It can be called with the start and stop parameters to perform the relevant
operations.
For example:
/usr/local/bin/ignition/ignition.sh start
Additionally, you can use native terminal commands to start or stop the service:
service ignition start
service ignition stop
Mac OS X
You can access the service from the install directory using the "ignition.sh" script. On a typical Mac install using the dmg installer, the full
command (without a custom location specified) is the following:
/usr/local/ignition/ignition.sh start
Related Topics ...
Config
Status
Gateway Security
Gateway Common Tasks
Email Settings
Gateway-Wide SMTP Server

On this page
In Ignition, there are several places that you might want to send an email from. Instead of setting
up a new email server connection at each one, you can add SMTP server connections in the
Gateway Config section and reference them in other places. For example, you can use a ...
pre-configured connection in any of these places:
Gateway-Wide
Alarm Notification - While the alarm notification system allows you to set up an Email SMTP Server
Notification Profile that is separate from the SMTP Profile, you can instead choose to use Setting up an
the settings configured in the SMTP Profile. SMTP Server
Report Schedules - When Scheduling an Email Action in a report, the Action requires a SMTP Profile
configured SMTP Profile before the report can be emailed out. Settings
system.net.sendEmail() - Instead of manually entering in values for the SMTP server
inside each of your scripts, this function can instead use the settings from an existing
SMTP Profile.
Once your SMTP Profile is set up, you only need to reference the name of the connection and
Ignition will take care of the rest.
Setting up an SMTP Server
The Email Settings page allows you to configure an SMTP server connection that can be used by
several different resources in the Gateway. This means that instead of setting up an SMTP server
connection within each resource (i.e., Alarm Notification Profile, Reports, etc.), you can configure
them once here, and have those resources all use the same SMTP server. You can find the Email
Settings in the Configure section of the Gateway under the Networking heading. Here, you can
create a new SMTP Profile, or manage your existing profiles.
SMTP Profile Settings
Below is a list of properties available on an SMTP server connection.
Property Name Property Description
Name The name of the SMTP profile.
Description A description of the SMTP profile.
Hostname Hostname of the SMTP server to send email

through.
Port Port SMTP service is running on.
Use SSL/TLS port Connect using SSL/TLS. Default is false.
Use STARTTLS Enable use of the STARTTLS command,

allowing the connection to be upgraded to an
SSL or TLS connection if supported by the
server. This is not necessary for connections
that are already SSL/TLS. Ignored when Use
SMTP Profile is checked. Default is false.
Username The username the Gateway will use when

authenticating against the mailserver. This is
only required if the SMTP server expects
authentication.
Password The password the Gateway will use when

authenticating against the mailserver. This is
only required if the SMTP server expects
authentication.
Advanced Properties
SMTP Timeout Timeout (in milliseconds) to use when

connecting to, reading from, and writing to the
SMTP server. Default is 10,000.
Debug Mode Enabled Enable email session debugging. Information

is printed to standard output (wrapper.log). De
fault is false.
Web Server Settings
This feature is new in Ignition version 8.0.3

On this page
The Web Server page is for configuring the HTTP and HTTPS ports, setting up the SSL / TLS certif ...
icate, redirecting traffic through a known address, and whether or not all HTTP traffic should be
forcefully redirecting to HTTPS. SSL/TLS Settings
HTTP and HTTPS
If you are allowing users to access your Gateway from outside your network (through the internet), Settings
you will need to configure the Public HTTP Address settings. Public HTTP Addres
s settings
SSL/TLS Settings
View details of an SSL certificate details, export keys, remove the installed SSL certificate, and transition to a CA-signed Certificate. For more
information, see Using SSL
HTTP and HTTPS Settings

HTTP Settings
HTTP Port The port to which Ignition will listen for incoming HTTP traffic. Example: 8088
HTTPS Settings
HTTPS Port The port to which Ignition will listen for incoming HTTPS traffic. Example: 8043
Force Secure When enabled, and if SSL / TLS is enabled, all http traffic will be redirected to its https counterpart.
Redirect (Default: disabled)
Included Cipher Whitelist of included cipher suites for clients connecting to Ignition using SSL/TLS.
Suites
Excluded Cipher Blacklist of excluded cipher suites for clients connecting to Ignition using SSL/TLS. Takes precedence over
Suites allowed cipher suites.
Public HTTP Address settings
If you are allowing users to access your Gateway from outside your network (through the internet), you will need to configure the Public HTTP
Address settings.
1. ..
2. ...
Public HTTP Address
Auto Detect To specify an explicit HTTP address that Vision Clients and Perspective Sessions will use, turn this off. Most users will
HTTP Address leave autodetect on.
(Default: enabled)
Public Address The public facing address that Vision Clients and Perspective Sessions must use to connect. If Force Secure Redirect
is enabled, redirected connections will use this address.Example: yourcompany.com
Public HTTP The public facing HTTP port that Vision Clients and Perspective Sessions must use to connect .Example: 80
Port
Public HTTPS The public facing HTTPS port that Vision Clients and Perspective Sessions must use to connect. If Force Secure
Port Redirect is enabled, redirected connections will use this port. Example: 443
Gateway Backup and Restore
Gateway Backups vs Project Exports

It is a good idea to create backups anytime you make changes to Ignition. There are two main
On this page
types of backups available in Ignition: Gateway backups and Project exports. You can choose to
backup up everything, or be selective about what you want to backup and restore. Ignition is ...
designed to be architecture agnostic or compatible across all platforms. This is particularly helpful
when you want to restore your Gateway on a new machine or platform. Gateway Backups
vs Project Exports
Gateway backups are all inclusive and Project exports are simply a backup of individual projects. Gateway Backup
Whether it is a Gateway backup or Project export, it's always good practice to create backups and Restore
regularly when making changes to Ignition. This page discusses the making Gateway backups and Gateway Backup
restoring from a Gateway backup. To learn more about project backups and restoring projects, Gateway Restore
refer to the Project Export and Import page.

Creating Gateway backups and restoring from a Gateway backup are super easy in Ignition.
Gateway backups are all inclusive, and typically takes less than a minute to run. It includes
everything you find in the Ignition Gateway Webpage. Everything gets backed up - all your projects,
Gateway settings, authentication profiles, Tags, database connections, OPC and device Project Backup vs.
connections, alarm pipelines, scripts, sequential function charts, reports, and Image Managment
Library (i.e., png, jpg, and jpeg files). The only data that is not included in a Gateway backup is Ignition Gateway
data stored in other programs such as SQL databases, PLC programs, other files you manually Backup
added to the install directory, and any additional files you may be using. This information needs to
be backed up separately.
Watch the Video
You have the option of creating a Gateway backup and restoring a backup from the Gateway
Webpage or Gateway Command-line Utility. We recommend using Gateway Webpage since it's
much easier. Even better, is to set up scheduled backups to run on a regular schedule.
Gateway Backup
The easiest way to create a backup of the Gateway is using the Gateway Webpage. Let's give it a
try!
Making Ignition
1. Go to the Config tab of the Gateway Webpage, and click on System > Backup/Restore.
2. The System Backup/Restore page will be displayed. Make sure the Backup tab is
Gateway Backups
selected, then click Download Backup.
Watch the Video
3. By default, this downloads a .gwbk file extension to your local file system in your Downlo
ads folder.
The Gateway Backup default filename will look like GatewayName_Ignition-backup-YYYYMMDD-HHMM.gwbk where YYYYMM
DD-HHMM is the timestamp of when it was created.
In Windows and Linux, you can use the command-line utility to create a Gateway backup. To run the Command-line Utility, open a shell and
enter the command below. Note: If you want to add a timestamp, you need to enter the date and time in the filename. Refer to the Command-
line Utility page for a complete list of 'gwcmd' options.
gwcmd -b C:\Backups\Ignition\IgnitionBackup.gwbk
Gateway Restore
Restoring a Gateway backup is just as easy as backing it up and can also be done from the Gatew
ay Webpage.
When you perform a Gateway Restore, ALL of the server's current configuration will be
permanently lost! Restoring a Gateway backup overwrites all of the existing settings Restoring Ignition
including your projects. There is no merge option for a Gateway backup. We recommend Gateway Backups
you always make a backup of the existing server immediately before performing a
Gateway Restore. Watch the Video
1. Go to the Config tab and click on System > Backup/Restore.
2. The System Backup/Restore screen will be displayed. Click on the Restore tab. Read carefully through the restoration settings, and
check the ones you wish to enable.
Restore Disabled Checkbox

If you check the Restore Disabled box, all projects, project resources, notifications, alarm journals, database connections,
OPC connections, devices, scripts and third party modules will be disabled upon restart.
3. Click Choose File, then navigate to your Gateway backup file (*.gwbk). By default, all your Gateway backup files are saved in your
Downloads folder unless you select another folder location to choose an exisiting Gateway Backup file (*.gwbk) to restore.
If you downloaded a Gateway Backup and are trying to Restore it, you must have a .gwbk file type. Often, Internet
Explorer will change the extension from .gwbk to .zip when the backup is downloaded. The correct format for a
downloaded backup is "Ignition-backup-YYYYMMDD-HHMM.gwbk" where YYYYMMDD-HHMM is the timestamp.
4. Choose your Ignition backup file (.gwbk), and click Open.

5. Click Restore at the bottom of the System Backup/Restore screen. The Gateway stops while restoring the backup file. When
restoring is complete, the Gateway restarts itself to apply the restored settings. The Gateway Webpage is refreshed and your
projects are loaded and your whole Gateway is restored in less than a minute.
In Windows and Linux, you can use the command-line utility to restore a Gateway backup. To run the Command-line Utility, open a shell and
enter the command below. Refer to the Command-line Utility page for a complete list of 'gwcmd' options.
gwcmd -s C:\Backups\Ignition\IgnitionBackup.gwbk
Related Topics ...
Gateway Scheduled Backups

Project Export and Import
Exporting and Importing Tags
In This Section ...
You never know when a disaster is about to happen, and scheduled backups can get you out of a
bad situation. Ignition will automatically create Gateway backups based on whatever schedule you
want, and save them wherever you need, even on another server. Just fill in a few settings and On this page
Ignition will do the rest.
Once you have regular scheduled backups setup, make sure to secure them too! If you have your ...
IT department regularly save files to an off-site location, it's easy to add these scheduled Gateway
backups to the list. UNIX Crontab
To Setup Scheduled
Backups
UNIX Crontab
The scheduled backup system works on a schedule that is specified using UNIX Crontab syntax. T
his is a standard format for specifying a basic schedule. The format consists of five
space-separated fields, one for minute, hour, day-of-month, month, and day-of-week as shown
below. The special Gateway Configuration 72 character * means all. Slashes can be used to
indicate that values should be stepped, for example, */5 in the minutes field means "every 5
minutes", or 0:00, 0:05, 0:10, etc.
Crontab Format and Ranges Setting up

Minutes - (0 - 59) Automatic Gateway
Hour - (0 - 23)
Day of the Month - (1 - 31) Backups
Month - (1 - 12)
Day of the Week - (0 - 6) (0 to 6 is Sunday to Saturday Watch the Video
Here are some examples using Crontab formatting:
Examples
015** Once a month, on the 5th day at 1am
5**** Once an hour, on the :05 minute. 0:05, 1:05,

2:05, etc.
30 5 * * 1 Every Monday at 5:30am
* 6-14 * * * Every minute, but only between 6am and 2pm
*/5 8-17 * * 1-5 Every 5 minutes between 8am and 5pm but
only during the week (1-5). 0=Sunday,
1=Monday, etc.
*/15 * * * * Every 15 minutes, on the quarter-hour. 0:15,

0:30, 0:45; 1:00, 1:15, etc.
To Setup Scheduled Backups
Gateway backups can be created automatically in Ignition. You can set up a schedule to perform scheduled Gateway backups in the
Gateway Webpage. The following is an example of setting up a daily Gateway backup schedule.
1. Go to the Config tab of Gateway Webpage, and under System select Gateway Settings.
2. On the Gateway Settings page, scroll down to the middle of the page to the Scheduled Backup Settings section.
The properties in this section allow you to enable and set the backup schedule.
3. Select the checkbox for Enable Scheduled Backups.

This enables the scheduled backups to execute at a scheduled time.
4. In Backup Folder, type a path to a folder where the backups will be saved. For example, you can type:
\\computer\share\backup
The path to a folder where the backups are to be saved can be a local folder ( C:\backups) or a network path (\\computer\shar
e\backup) as shown in the image above.
5. In Backup Schedule, type a UNIX crontab scheduling string to specify when you want to make the backups.
For example, the code below makes a backup at 15 minutes and 1 hour after midnight, every day, every month, and every day of the
week (1:15am every day).
15 1 * * *
6.
6. In Retention Count, specify the number of most recent backups kept in the backup folder. For example, you can specify 14 if you
want to only keep the last 14 backups. After 14 backups, the oldest backup will be deleted and the new one will be saved.
7. Click Save Changes at the bottom of the page.

Now, the Gateway will automatically make backups for you based on the schedule of your settings.
Scheduled Backup Errors

If something is wrong with the scheduled backup system, Ignition will store error messages to the Gateway logs.
Related Topics ...

Project backup and restoring from a project backup is referred to as Project Export and Import. Proj
ects are exported individually, and only include project-specific elements shown in the list below.
They do not include Gateway resources, like database connections, Tag Providers, Tags, and
alarm pipelines. The exported file (.zip ) is used to restore / import a project.
On this page
The resources listed below are included in a project export. ...
Alarm Pipelines - project alarm pipelines only Project Export
Named Queries - project named queries only Export a Project
Perspective Properties - page configuration, project properties and session properties from the Gateway
Perspective Views Webpage
Project Properties Export a Project
Reports - project reports only from the Designer
Sequential Function Charts - project SFCs only Project Import
Transaction Groups - project transaction groups only Import a Project
Vision Client Tags from the Gateway
Vision Windows Webpage
Vision Templates Import a Project
Client Event Scripts from the Designer
Gateway Event Scripts
There are two primary ways to export and import a project:
Gateway Webpage - exports and imports the entire project.

Designer - exports and imports only those resources that are selected.
This page describes how to create a project export and import a project from an exported file.
Making Project
Backups
Watch the Video
Project Export
A Project Export is a little smaller and takes even less time to run than a Gateway backup! Once you have an exported file of your project,
you can take it to any other Gateway and merge it in with the other projects. This makes it simple to keep a development server and push
your projects after you complete them. The Enterprise Administration Module can even do this for you. You can perform a project export from
two locations, the Gateway Webpage and the Designer. This secton describes how to create a project export from the Gateway Webpage
and the Designer.
Inherited Resources not included in an Project Export

When a project is exported, you don't get any inherited resources with your export. However, once a new project is imported to a
Gateway, you can configure that project to inherit from another project. To learn more, go to the Project Inheritance page.
Export a Project from the Gateway Webpage
Making an export from the Gateway Webpage, exports the entire project to a (.zip file). The exported file only includes resources from the
project. Notably missing from the project export are any Gateway resources, even if they are presented in the Designer such as Ignition Tags,
SFCs, alarm pipelines, and raster images (i.e., png, jpg, and jpeg files).
Before Exporting a Project

To be safe, before you export a project, we also recommend backing up your Tags, database connections, and anything else you
might be using separately since these items are not included in the project export.
1. Go to the Config tab of the Gateway Webpage, and click on System > Projects.
2. The Projects screen will be displayed and you can see your existing projects.
To the right of project name, click the More button and select Export. This exports your project as a .zip file. The exported file will
have the project name, date, and a 4 digit unique number followed by the file extension (i.e., Compressor_2019-03-21_1123.zip).
3. By default, the .zip file is saved in your web browser's default Downloads folder. This export of the project can be imported to any
other instance of Ignition that is running the same version or later.
Export a Project from the Designer
When making a project export from the Designer, you get to choose which project resources are added to the export file. The export does not
include any Gateway resources. When restoring a project export in the Designer, you also get to choose which project resources are restored
into the currently open project from the exported .zip file.
1. From the Designer, go to the top menubar, click on the File menu and select Export.
2. The Export screen will be displayed and you'll see a list of project resources to export. By default, all project resources are selected.
2.
Unselect any resources you don't want to include in the export.
3. Click Export. This opens a Save dialog window. Select a folder and click Save.
4. This export of the project can be imported to any other instance of Ignition that is running the same version or later.
Project Import
When you restore / import a project from an exported file in the Gateway Webpage, it will be merged into your existing Gateway. If there is a
naming collision, you have the option of renaming the project or overwriting the project. Project exports can also be restored / imported in the
Designer. This will even allow you to select which parts of the project import you want to include and will merge them into the currently open
project.
Import a Project from the Gateway Webpage
When restoring a project from the Gateway Webpage, Ignition imports the entire project from an exported file.
1. Go to the Config tab of the Gateway Webpage, and click on System > Projects.
2. The Projects screen will be displayed and you can see your existing projects. At the bottom of the screen, click the Import
project... link.
3. A second Projects screen will open. Click on Choose File, find your exported .zip file from your browser, and then click Open.
4. Enter the Project Name. If there is already a project with the same name, the Import button will be grayed out preventing you from
importing the file. The system gives you the option to Rename the project you want to import, or Overwrite the existing project.
5. Click Import.
6. If you are importing a new project, you will see your new project added to the list along with the other projects.
Import a Project from the Designer
When restoring a project from the Designer, you can select the entire project or parts of the project, and merge them into the one you are
currently working on. Ignition will let you choose which resources to import.
1. In Designer, select File > Import.

2. The dialog screen will open, select the project export file (.zip) from the default folder, and click Open.
3. By default, all resources are selected. Unselect the resources from the project that you do not want to import. Click the Import button
.
4. If there are any conflicts when importing your project resources, a dialog box will appear and ask you to either Overwrite, Overwrite
All, Skip, Skip All, Rename the affected items, or Cancel. Once all conflicts are resolved, Save your project.
Related Topics ...
Gateway Backups and Restore

Project Inheritance
Ignition can export and import Tag configurations to and from the JSON (JavaScript Object
Notation) file format. You can import XML (Extensible Markup Language) or CSV (Comma
Separated Value) file formats as well, but Ignition will convert them to JSON format. Tag files can
be edited directly in any editor and changes made to the Tag structure outside of the Designer. The
importing and exporting feature also becomes really important if you have a Tag database that you
exported from a legacy system that you want to import into an Ignition database.
To Export and Import Tags On this page
1. In the Designer, go to the Tag Browser, and select the Tags folder to export all your
Tags. You can also select an individual folder that contains Tags you want to export. You ...
can even export individual Tags as long the individual Tags are in the same folder.
To Export and
Import Tags
Tag File Formats
Exporting UDTs and UDT Instances JSON Format
If you select a UDT instance to export, the UDT is not automatically included. If XML Format
you want the UDT, you will need to do a separate export of the UDT so you have CSV Format
both the UDT and the UDT instance. JSON Example
XML Example
2. On the Tag Browser toolbar, click the Export
icon to export your Tags.
Importing and
Exporting Tags
Watch the Video
3. The Save window will open. Specify the folder where you want to save your exported Tag
files, and then click Save. Ignition will export Tags to a .json file.
4. To Import Tags, click on the Import
icon to display the Open window. Specify the folder you want to import your Tags from,
4.
and choose a previously exported file either .json, .xml, or .csv file type. Once the .xml
and .csv files are imported they will be converted to .json format.
You have the option to Abort, Overwrite, Rename, or Ignore if an exact match is
found when importing.
Tag File Formats
Ingition supports exporting Tags into XML and JSON file formats, but the default is JSON. You can import Tags in XML or CSV format, then it
will be automatically converted to JSON format.
JSON Format
JSON or JavaScript Object Notation is a language-independent open data format. It's easy for humans to read and write. Exporting and
importing Tags in the JSON format is simple and reliable. You can easily edit Tag definitions and configuration settings within the JSON file.
XML Format
Extensible Markup Language (XML) is a markup language that defines a set of rules to encode documents. XML is easy for software to read
and export, therefore, exporting Tags to an XML format results in simple and reliable transport of all Tag configuration settings.
The XML format is best for cases where you are interested in transferring Tag definitions and configurations from one Gateway to another.
However, it is not optimized for directly editing its contents. Modern variations of Microsoft Excel can open and display the contents of an XML
file. You can also open the contents of the XML file in Notepad or another text editor, edit the contents, and import the XML file back into
Ignition.
CSV Format
CSV file format does not support exporting Tags, only JSON or XML. The CSV formatted file can only be used to import Tags.
There are many configuration settings for Tags than what is displayed in a JSON or XML export file. The Tag export feature only
exports the configuration properties that have been edited in at least one of the Tags in the selected export folder. Therefore, to
ensure the desired configuration setting is available in the export file, at least one Tag within the selected export folder must have
that configuration property changed.
JSON Example
In this example, we exported all Tags in our Tag Browser (with the exception of the Motor UDT). The following Tags were exported.
C Temp - Expression Tag with an Alarm
F Temp - Memory Tag with History Settings
OPC - OPC Tag
Motor 1 - UDT Instance
The following exported Tag file is in JSON format. As you browse through the JSON file, you will see the Tag properties and configuration
settings for each of the four Tags listed above.
JSON Example File
Exported Tags in JSON Format

{
"name": "",
"tagType": "Provider",
"tags": [
{
"valueSource": "expr",
"expression": "(5/9) * ({[~]F Temp} - 32)",
"dataType": "Float4",
"sourceTagPath": "[ExportTags]F Temp",
"name": "C Temp",
"tagType": "AtomicTag"
},
{
"valueSource": "opc",
"opcItemPath": "ns\u003d1;s\u003d[Generic]_Meta:Sine/Sine0",
"name": "OPC",
"tagType": "AtomicTag",
"opcServer": "Ignition OPC UA Server"
},
{
"name": "Motor 1",
"typeId": "Motor UDT",
"parameters": {
"MotorNumber": "1"
},
"tagType": "UdtInstance",
"tags": [
{
"name": "Amps",
},
{
"name": "HOA",
}
]
},
{
"name": "_types_",
"tagType": "Folder",
"tags": [
{
"name": "Motor UDT",
"parameters": {
"MotorNumber": ""
},
"tagType": "UdtType",
"tags": [
{
"opcItemPath": {
"bindType": "parameter",
"binding": "ns\u003d1;s\u003d[Dairy]_Meta:Overview/Motor {MotorNumber}/Amps"
},
"dataType": "Int4",
"name": "Amps",
},
{
"opcItemPath": {
"bindType": "parameter",
"binding": "ns\u003d1;s\u003d[Dairy]_Meta:Overview/Motor {MotorNumber}/HOA"
},
"dataType": "Int4",
"name": "HOA",
}
]
}
]
},
{
"valueSource": "memory",
"historyProvider": "MySQL",
"dataType": "Float4",
"alarms": [
{
"mode": "OutsideValues",
"setpointA": 25.0,
"setpointB": 75.0,
"name": "Alarm"
}
],
"name": "F Temp",
"historyEnabled": true,
"value": 98.6,
"sampleMode": "TagGroup"
}
]
}
XML Example
In this example, we exported the same four Tags from our Tag Browser, that were also used in the JSON example, in XML format. As you
browse through the XML file, you will see the Tag properties and configuration settings for each of the same four Tags.
XML Example File
Exported Tags in XML Format

<Tags MinVersion="8.0.0">
<Tag name="" type="Provider">
<Tag name="C Temp" type="AtomicTag">
<Property name="valueSource">expr</Property>
<Property name="expression">(5/9) * ({[~]F Temp} - 32)</Property>
<Property name="dataType">4</Property>
<Property name="sourceTagPath">[ExportTags]F Temp</Property>
</Tag>
<Tag name="OPC" type="AtomicTag">
<Property name="valueSource">opc</Property>
<Property name="opcItemPath">ns=1;s=[Generic]_Meta:Sine/Sine0</Property>
<Property name="opcServer">Ignition OPC UA Server</Property>
</Tag>
<Tag name="Motor 1" type="UdtInstance">
<Property name="typeId">Motor UDT</Property>
<Parameters>
<Property name="MotorNumber" type="String">1</Property>
</Parameters>
<Tag name="Amps" type="AtomicTag">
</Tag>
<Tag name="HOA" type="AtomicTag">
</Tag>
</Tags>
</Tag>
<Tag name="_types_" type="Folder">
<Tag name="Motor UDT" type="UdtType">
<Parameters>
<Property name="MotorNumber" type="String"></Property>
</Parameters>
<Tag name="Amps" type="AtomicTag">
<Property name="opcItemPath">{bindType=parameter,
binding=ns=1;s=[Dairy]_Meta:Overview/Motor {MotorNumber}/Amps}</Property>
</Tag>
<Tag name="HOA" type="AtomicTag">
<Property name="opcItemPath">{bindType=parameter,
binding=ns=1;s=[Dairy]_Meta:Overview/Motor {MotorNumber}/HOA}</Property>
</Tag>
</Tags>
</Tag>
</Tags>
</Tag>
<Tag name="F Temp" type="AtomicTag">
<Property name="valueSource">memory</Property>
<Property name="historyProvider">MySQL</Property>
<CompoundProperty name="alarms">
<PropertySet>
<Property name="mode">5</Property>
<Property name="setpointA">25.0</Property>
<Property name="setpointB">75.0</Property>
<Property name="name">Alarm</Property>
</PropertySet>
</CompoundProperty>
<Property name="historyEnabled">true</Property>
<Property name="value">98.6</Property>
<Property name="sampleMode">2</Property>
</Tag>
</Tags>
</Tag>
</Tags>
Related Topics ...
Tag Data Types

Tag Properties
The Gateway Command-line Utility provides a list of commands you can use to perform specific
functions in the Gateway. The Gateway Command-line Utility or 'gwcmd' provides basic
commands, such as triggering System Commissioning (resetting the main password), changing the On this page
Gateway's port, restarting the Gateway, and more.
...
A note to our legacy users... Options
Older versions of Ignition featured a visual Gateway Control Utility or GCU that could
start and stop the Ignition service. This visual element of the GCU, as well as the ability
to start and stop the service have since been removed in Igntion 8.0. For more
information on starting or stopping the service, please see the Gateway Settings page.
More information on the older version of the GCU can be found in Deprecated Features
of the user manual.
Command-line Utility Options

Gateway
Command-line
The Gateway command-line utility supports Windows, Linux, and Mac OS platforms. The 'gwcmd' Utility
only runs on the same machine as the Ignition Gateway and requires administrative privileges.
Watch the Video
To run the Gateway Command-line Utility, open a command shell and type: gwcmd <option>. This example uses the Windows platform:
1. Open the Command Prompt with admin privileges. In the search bar, enter cmd then right click next to the Command Prompt to
select Run as administrator.
2. Any time you run any of the Gateway command utility options, you need to run them from the director that Ignition is installed in. The
default install directory is: C:/Program Files/Inductive Automation/Ignition.
3. From here, you can enter any of the command options listed in the table below. This example is of a Gateway backup using the
following command: gwcmd -b "C:/Gateway Backups/Backup_190108.gwbk".
Using spaces in a file path

When using spaces in a file path name, use quotation marks around the full path name, as shown in the example above.
Forward or backward slashes can be used to separate folders. The file path includes the disk name, folder path, and file
name.
4. The above command created a Gateway Backup on the C drive, in the Gateway Backups folder with a file name of
Backup_190108.gwbk. The image below shows all the commands used in Steps 2 and 3.
The available 'gwcmd' options are listed in the table below.
Options Description
-a,-–activate Creates an activation_request.txt file that can be used to request a license.ipl file from the
<CDk-key> Offline Inductive Automation website. You must specify the CD-key to use for activation. The activation_request
activation .txt file is saved in the current directory.
-b,--backup <new Downloads a Gateway backup.gwbk file and saves the file to the specified path. The path can be either an
filepath> absolute path or a relative path.
You will be prompted whether it is OK to overwrite the file if another .gwbk file with the same name already
exists. You can override with the -y option to force the file to always be overwritten.
-c,--clearks
Clears the gateway's SSL / TLS setup. The gateway's SSL / TLS connector will be immediately shut down.
-e, --exportks
<new filepath> This feature is new in Ignition version 8.0.3
Exports the gateway's SSL key store in PKCS12 format and saves to the specified path.
-f,
--exportpk<new This feature is new in Ignition version 8.0.3
filepath>
Exports the private key from the gateway's SSL key store in PEM format and saves to the specified path.
-g,--reloadks
Reloads the Gateway's SSL keystore from disk. Any update to the keystore will be automatically applied to
any new connections.
-h,--help Shows the usage for this command.
-i,--info Retrieves server status and port information from the Gateway if it is running.
-k,--port <new Changes the Gateway http port.

port>
-l,--sslport <new Changes the Gateway https port.

port>
-n, --nocrypt

Add to the export private key command to not encrypt the private key.
-o,--name
Specifies a Gateway name while restoring a backup. Additionally, the -y command now skips prompts
asking for a Gateway name override.
-p,--passwd Retriggers System Commissioning, allowing a password change for the initial user.
-r,--restart Restarts the Gateway.
-s,--restore Restores a Gateway backup (.gwbk) file.
-t,--tdump Performs a thread dump in the Gateway and prints the dump to the command-line.
-u,--unactivate Creates an unactivation_message.txt file that you can use to unactivate a license via the Inductive
Offline Automation website. The unactivation_message.txt file is saved in the current directory.
unactivation
-w,--uselicense <li Applies a license.ipl file that was downloaded from the Inductive Automation website. You must supply
cense.ipl path> the location of the license.ipl file. If it is in the current directory, use license.ipl for the location.
-y,--promptyes Automatically answers yes to any prompt that may appear in the above commands, such as permission to
overwrite an existing file.
Related Topics ...
System Commissioning
Gateway Common Tasks
Here are a few common tasks for jump starting your initial Gateway setup, and managing and
securing your Ignition Gateway.
On this page
Restricting the Gateway
...
You can set up security for the Gateway Webpage sections and the Designer. The Gateway can Restricting the
use any existing authentication profile independent of any projects. Each of the Status, Home, and Gateway
Config pages can be restricted by role. Outside of logging into a Client, the Designer as well can To Setup Security
require a special role. for the Gateway
Enabling SSL
Here is where you should start thinking about your security policy. Roles play an important part.
To Turn On SSL
Roles allow you to provide access to different areas of the Gateway (and project). We recommend
When Using SSL
that you create separate roles for the Gateway Config Page, Status Page, Home Page, and
Designer so that individual users only have access to specified areas where they will be working.
To Setup Security for the Gateway
1. Go to the Config section of the Gateway.
2. Choose System > Gateway Settings from the menu on the left.
The Gateway Settings page is displayed.
3. Enter the roles the user must have in order to access the Gateway Config Roles, Status Locking the
Page Roles, Home Page Roles, and Designer Roles. Gateway
Each option can accept any number of roles as long as they are separated by commas.
Also, if the option is blank, any user can log in.
Watch the Video
I think this whole section is invalid once 8.0.3 ships ??
Enabling SSL
Requiring SSL
To enhance security in Ignition, you may opt to enable SSL encryption. This will affect
all communication to and from the Gateway that is done over the HTTP protocol. This includes not Watch the Video
only browsers interacting with the Gateway's web interface, but all Vision Client communication as
well. Turning on SSL will encrypt all data sent over HTTP. This protects your installation from
anyone "snooping" the data as it passes over the network. This may be important if data
transferred between the Gateway and Clients is sensitive in nature. This also helps to thwart a
security vulnerability known as "session hijacking".
To Turn On SSL
1. Go to the Config section of the Gateway.
2. Choose System > Gateway Settings from the menus on the left.
3. Select the checkbox for Use SSL, and click on Save Changes at the very bottom of the
page.
After SSL is enabled, all Clients, Designers, and web browsers are redirected to the SSL port if
they try to use the standard HTTP port. By default, the SSL port is 8043. You can change it to
the standard SSL port of 443. To change the port, use the command-line utility, or recommission
the system. If you are using a firewall, make sure to open the appropriate ports.
You can now setup Ignition to use HTTP Strict Transport Security (HSTS) policy. To do this, there
needs to be a change made to the 'ignition.conf' file and the Gateway needs to be setup to use
SSL.
-Dignition.https.sts.maxAge="47474747"
-Dignition.https.sts.includeSubDomains="true/false"
Each of those lines need to be added as a Java Additional Parameter to the 'ignition.conf' file. Each
parameter needs to be added as the next available uncommented parameter in the list of
parameters. So if the last uncommented parameter is 4, then these lines should be added like the
following:
wrapper.java.additional.5=-Dignition.https.sts.maxAge="47474747"
wrapper.java.additional.6=-Dignition.https.sts.includeSubDomains=
"true/false"
Once these have been added and Use SSL turned on, the Gateway can be restarted, at which
point it will be using HSTS properly.
Do not place those parameters in the 'ignition.conf' file without turning on Use SSL. If Us
e SSL is not turned on, those parameters may prevent your Gateway from starting.
When Using SSL

Ignition supports using SSL communications to the Gateway Webpage as well as Client/Designer communication with the Gateway. It is
highly recommended that you purchase an SSL certificate from a certificate authority if you turn this feature on. The procedures for how to
Install a Genuine SSL Certificate are below.

The procedures for how to Install a Genuine SSL Certificate are covered in Using SSL.
(Delete the expand panel below once 8.0.3 ships)
Installing a Genuine SSL Certificate

When you turn on SSL in Ignition, the web browser uses what is called a "self-signed" certificate. This gives you the encryption benefits of
SSL, but not the identity validation, and it isn't a "real" certificate. This is why a web browser will display nasty warnings to users that they
shouldn't trust the website.
We are not able to ship a real certificate with Ignition because SSL certificates have to be purchased individually from a certificate
authority, such as Verisign, GoDaddy, or Comodo.
This guide shows you how to purchase and install a real SSL certificate from a certificate authority and install it in Ignition. You'll need to
be comfortable executing command-line programs to complete this guide. The examples in this guide assume a Windows environment,
but the general procedure would be identical in Linux.
1. Install the Java Development Kit (JDK).

There are some command-line tools you'll need to use to create a certificate request and to install your certificate. These tools
come with the Java Development Kit (JDK). It is likely that you only have the Java Runtime Environment (JRE) installed. Go to ht
tp://java.oracle.com and click on Java SE. Download the Java SE 6 JDK and install it.
2. Open a command prompt.

Open a command prompt from Start > Run > cmd and change directory into your JDK tools directory.
cd C:\Program Files\Java\jdk1.6.0_24\bin
3. Create your keystore.

SSL certificates for Ignition are stored in a file called a keystore. You'll need to create your own keystore file with a certificate
in it before you can purchase the SSL certificate.
a. Enter the following command:

keytool -genkey -alias tomcat -keyalg RSA -keysize 2048 -keystore C:\ssl.key
You can put the file wherever you want for now, but you should call it ssl.key.
b. At the prompt, enter a password. Use the password: ignition
c. At the prompt, you are asked for your first and last name. Do not use your first and last name. This value must be
one of the following for your Ignition Gateway:
i. Fully Qualified Domain Name, for example, secure.yourdomain.com

ii. Public IP address, for example, 202.144.8.10
iii. Full Server Name of your internal server, for example, scadaserver
iv. Private IP address, for example, 192.168.0.1
d. At the prompt, you are asked for information about your company. Input all data accurately, as the certificate authority
needs to verify this information.
e. Lastly, at the prompt, you are asked for the password for alias <tomcat>. Press RETURN to use the same password
as the keystore file.
4. Generate a Certificate Signing Request.

You have a keystore file named ssl.key at the root of your C:\ drive (or wherever you specified it to be in step 3a).
In your command prompt window, enter this command:

keytool -certreq -alias tomcat -file C:\csr.txt -keystore C:\ssl.key
It will prompt you for the keystore password (ignition). You now have a certificate request file at C:\csr.txt
5. Buy the SSL certificate.

Now you need to get your SSL certificate signed by a certificate authority. When you go to a certificate authority (Verisign,
GoDaddy, Comodo, and so on), they'll ask for your CSR, which is the csr.txt file that you created in step 4. Typically they'll
ask you to paste your CSR into their web form. Open csr.txt in Notepad, and copy-and-paste it into the certificate authority's
form.
If prompted what software generated the CSR, choose Tomcat or Java. After the certificate authority processed your payment
and reviewed your CSR, they will send you your certificate via email.
6.
6. Install the SSL certificate.
After your SSL certificate has been emailed to you, follow the instructions provided for installing the certificate into a Java
keystore. Your certificate authority provides these instructions. The following is the procedure for installing a Comodo SSL
certificate, provided as an example:
a. Extract the certificate files that were emailed to you, in this example they were extracted to C:\cert
b. Install the root certificate with the following command:

keytool -import -trustcacerts -alias root -file C:\cert\AddTrustExternalCARoot.crt
-keystore C:\ssl.key
c. Install the COMODO intermediate certificate:

keytool -import -trustcacerts -alias INTER -file
C:\cert\COMODOHigh-AssuranceSecureServerCA.crt -keystore C:\ssl.key
d. Install your server's certificate:

keytool -import -trustcacerts -alias tomcat -file C:\cert\192_168_1_7.crt -keystore
C:\ssl.key
7. Replace Ignition's default keystore.

You now have a keystore file at C:\ssl.key that holds your SSL certificate. The certificate alias is tomcat and the password
is ignition. You can now replace the keystore file that ships with Ignition with your file. Make a backup of the file at C:\Pro
gram Files\Inductive Automation\Ignition\tomcat\ssl.key and replace it with your keystore file. You need to
restart the Ignition service after replacing this file.
Make sure your SSL port is allowed through your server's firewall. The default SSL port is 8043, and can be changed to the
standard SSL port (443) through the Gateway Control Utility (GCU).
If you have a redundant installation, you'll need to repeat this procedure on your backup server and buy a second certificate for
it.
Related Topics ...
Security
Security in Perspective
Security in Vision
In This Section ...
Gateway Memory Allocation
On the Gateway Webpage go to the Status tab, Systems > Performance. The Memory section
shows memory being used and the maximum amount of memory allocated. You can change the
amount of memory (RAM) dedicated to the Gateway service by editing the Ignition configuration ig On this page
nition.conf file.
...
To Change the
Memory Allocation
Changing Gateway
Memory Allocation
Watch the Video
It is always important to know how much memory is available for your system. We recommend at
least 4GB (4096MB) on a production server, but a test installation can get away with half that or
less. If you have other programs that may use a lot of the memory (and starve Ignition), then you
might want to increase the Initial Heap Size or move those programs to a different computer.
To Change the Memory Allocation
1. Go to the install directory and find the ignition.conf file.
Windows OS: this is typically found at Program Files > Inductive Automation > Ignition
> data.
Linux based OS: the file can be found at /etc/ignition
2. Open the ignition.conf file and scroll halfway down to Maximum Java Heap Size (in
MB).
3. Change the max memory value to whatever you would like. Keep in mind that the value is
in Megabytes. For example, to set the Gateway to use 4GB of memory, change
wrapper.java.maxmemory=2048
to
wrapper.java.maxmemory=4096
4. Save the ignition.conf file.
5. Restart the Gateway. Read about starting and stopping the service on the Gateway
Settings page.
If there is not enough memory in the system, Ignition will not start up and you need to go
back to the ignition.conf file and change the max memory to the lower number as
before.
When Ignition is restarted, you can verify that the memory allocation is updated by going to the Sta
tus page, and select Systems > Performance to check the numbers shown for Memory
(used/max).

Ignition Gateway

Uploaded by

Copyright:

Available Formats

Ignition Gateway

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ignition Gateway

Uploaded by

Copyright:

Available Formats

1. Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Related Topics ...

Your Gateway at a Glance

Related Topics ...

In This Section ...

Status of Gateway Connections

Related Topics ...

In This Section ...

EAM Agent Connections

EAM Number of connected agents out of the number of configured agents.

Default Group and all groups

Gateway Name of the Agent.

Status Current status of the Agent connection.

Last Name of the event last recorded with the Agent.

Valid Connections Number of valid connections.

Total Throughput Number of queries and their status.

Name Name of the query.

Driver Name of the driver.

Status Current status of the database connection.

Database Connection Details

Database Stats - Stats about the database connection

Connections Number of database connections out of configured databases.

Active Queries - A list of currently active queries

Query Currently running queries.

Started When the query was started.

Actions The ability to cancel a query.

Longest Recent Queries - A list of the longest running queries.

Query Displays the actual query.

Duration Amount of time the query ran.

Started When the query started running.

Related Topics ...

Active Number of active Designer connections.

Filter Search criteria to filter for specific designer sessions.

View The number of designer sessions to preview.

Id Designer session id number.

User Name of the user logged into the Designer.

Project Name of project the user is currently working on.

Status If the Designer is actively connected or not.

Memory Current memory usage for the session.

User Name of the user logged into the Designer.

Project Name of project the user is currently working on.

Memory Current memory usage for the session.

Timezone Local time of the user.

Live Values Toggle switch to turn live values on or off.

Time Time of log.

Message Message for the log.

Connected Devices Number of devices connected out of configured devices.

Name Name of the device.

Driver Name of the device driver.

Status Current device status.

Editor notes are only visible to logged in users

Editor notes are only visible to logged in users

Related Topics ...

Connections - Gateway Network

Gateway Network Page

Remote Gateway Name of the Remote Gateway connection.

Status Current state of the Gateway Network Connection.

Fault Count Number of errors.

Gateway Name Name of the Remote Gateway.

Outgoing Msg/Sec The number of outgoing messages per second.