Stream: implementers
Topic: AuditEvent Creation
Vanitha (Dec 27 2018 at 07:29):
Hi All, What is the best way to implement AuditEvent either in front end application or in server side? Can any one suggest me.
Thanks in advance.
René Spronk (Dec 27 2018 at 08:54):
At least server-side, but also client-side if possible. If one has a resource constrained App based client the creation of AuditEvents may not always be possible..
John Moehrke (Dec 31 2018 at 19:14):
I would agree with Rene, but also add a clarification. "It depends on what you are using AuditEvent for..." If using it for Privacy or Security, then yes it is best to do redundant records by EVERY actor and possibly many layers within each actor. You do this redundant records primarily for Security analysis, that analysis will do broad traffic analysis looking for unusual patterns. That is, a system is watching the log at all times to understand usual patterns, thus it can tell when the server records an event but there is not redundant record by a client which seems odd and might nothing but might also indicate malicious actions.
But if you are using AuditEvent simply to record events for workflow efficiency analysis (like IHE SOLE profile), then one usually has a well defined actor that is defined to record each unique event. In this use-case one is looking for delta-time between events to find inefficiency, or things that happen out of order. Thus redundant records are not helpful.
Last updated: Apr 12 2022 at 19:14 UTC
