Resources
AuditEvent
Resources
AuditEvent
A record of an event made for purposes of maintaining a security log. Typical uses include detection of intrusion attempts and monitoring for inappropriate usage.
Properties
| Name | Required | Type | Description |
|---|---|---|---|
| type | Yes | Coding | Type/identifier of event |
| subtype | No | Coding[] | More specific type/id for the event |
| action | No | code | Type of action performed during the event |
| period | No | Period | When the activity occurred |
| recorded | Yes | instant | Time when the event was recorded |
| outcome | No | code | Whether the event succeeded or failed |
| outcomeDesc | No | string | Description of the event outcome |
| purposeOfEvent | No | CodeableConcept[] | The purposeOfUse of the event |
| agent | Yes | AuditEventAgent | Actor involved in the event |
| - id | No | string | Unique id for inter-element referencing |
| - extension | No | Extension[] | Additional content defined by implementations |
| - modifierExtension | No | Extension[] | Extensions that cannot be ignored even if unrecognized |
| - type | No | CodeableConcept | How agent participated |
| - role | No | CodeableConcept[] | Agent role in the event |
| - who | No | Reference<PractitionerRole / Practitioner / Organization / Device / Patient / RelatedPerson> | Identifier of who |
| - altId | No | string | Alternative User identity |
| - name | No | string | Human friendly name for the agent |
| - requestor | Yes | boolean | Whether user is initiator |
| - location | No | Reference<Location> | Where |
| - policy | No | uri[] | Policy that authorized event |
| - media | No | Coding | Type of media |
| - network | No | AuditEventAgentNetwork | Logical network location for application activity |
| - id | No | string | Unique id for inter-element referencing |
| - extension | No | Extension[] | Additional content defined by implementations |
| - modifierExtension | No | Extension[] | Extensions that cannot be ignored even if unrecognized |
| - address | No | string | Identifier for the network access point of the user device |
| - type | No | code | The type of network access point |
| - purposeOfUse | No | CodeableConcept[] | Reason given for this user |
| source | Yes | AuditEventSource | Audit Event Reporter |
| - id | No | string | Unique id for inter-element referencing |
| - extension | No | Extension[] | Additional content defined by implementations |
| - modifierExtension | No | Extension[] | Extensions that cannot be ignored even if unrecognized |
| - site | No | string | Logical source location within the enterprise |
| - observer | Yes | Reference<PractitionerRole / Practitioner / Organization / Device / Patient / RelatedPerson> | The identity of source detecting the event |
| - type | No | Coding[] | The type of source where event originated |
| entity | No | AuditEventEntity | Data or objects used |
| - id | No | string | Unique id for inter-element referencing |
| - extension | No | Extension[] | Additional content defined by implementations |
| - modifierExtension | No | Extension[] | Extensions that cannot be ignored even if unrecognized |
| - what | No | Reference<Resource> | Specific instance of resource |
| - type | No | Coding | Type of entity involved |
| - role | No | Coding | What role the entity played |
| - lifecycle | No | Coding | Life-cycle stage for the entity |
| - securityLabel | No | Coding[] | Security labels on the entity |
| - name | No | string | Descriptor for entity |
| - description | No | string | Descriptive text |
| - query | No | base64Binary | Query parameters |
| - detail | No | AuditEventEntityDetail | Additional Information about the entity |
| - id | No | string | Unique id for inter-element referencing |
| - extension | No | Extension[] | Additional content defined by implementations |
| - modifierExtension | No | Extension[] | Extensions that cannot be ignored even if unrecognized |
| - type | Yes | string | Name of the property |
| - value[x] | Yes | string, base64Binary | Property value |
Search Parameters
| Name | Type | Description | Expression |
|---|---|---|---|
| action | token | Type of action performed during the event | AuditEvent.action |
| address | string | Identifier for the network access point of the user device | AuditEvent.agent.network.address |
| agent | reference | Identifier of who | AuditEvent.agent.who |
| agent-name | string | Human friendly name for the agent | AuditEvent.agent.name |
| agent-role | token | Agent role in the event | AuditEvent.agent.role |
| altid | token | Alternative User identity | AuditEvent.agent.altId |
| date | date | Time when the event was recorded | AuditEvent.recorded |
| entity | reference | Specific instance of resource | AuditEvent.entity.what |
| entity-name | string | Descriptor for entity | AuditEvent.entity.name |
| entity-role | token | What role the entity played | AuditEvent.entity.role |
| entity-type | token | Type of entity involved | AuditEvent.entity.type |
| outcome | token | Whether the event succeeded or failed | AuditEvent.outcome |
| patient | reference | Identifier of who | AuditEvent.agent.who |
| policy | uri | Policy that authorized event | AuditEvent.agent.policy |
| site | token | Logical source location within the enterprise | AuditEvent.source.site |
| source | reference | The identity of source detecting the event | AuditEvent.source.observer |
| subtype | token | More specific type/id for the event | AuditEvent.subtype |
| type | token | Type/identifier of event | AuditEvent.type |
Inherited Properties
| Name | Required | Type | Description |
|---|---|---|---|
| id | No | string | Logical id of this artifact |
| meta | No | Meta | Metadata about the resource |
| implicitRules | No | uri | A set of rules under which this content was created |
| language | No | code | Language of the resource content |
| text | No | Narrative | Text summary of the resource, for human interpretation |
| contained | No | Resource[] | Contained, inline Resources |
| extension | No | Extension[] | Additional content defined by implementations |
| modifierExtension | No | Extension[] | Extensions that cannot be ignored |
To view the FHIR specification for this resource, see AuditEvent.