FHIR Chat · AuditEvents in pure FHIR Servers · implementers

Stream: implementers

Topic: AuditEvents in pure FHIR Servers

view this post on Zulip Brendan Kowitz (Oct 21 2020 at 16:37):

Hi All,

I'm looking for some broader thoughts around the treatment of the AuditEvent in regards to pure FHIR Servers.
The question I have is: Should pure FHIR Servers put any default restrictions on the Restful interactions? e.g. Allow the Create interaction, but not Update or Delete?
The given scenario I've come across is that if you wanted to create an AuditEvent with a specific ID, it would require an Update with Allow Create, so it's starting to cross some interesting boundaries in the system. For a pure FHIR Server, does it make sense that this is just pure restful storage allowing all supported resource interactions?

Brendan

view this post on Zulip David Pyke (Oct 21 2020 at 16:39):

@John Moehrke

view this post on Zulip Grahame Grieve (Oct 21 2020 at 19:27):

my server does not allow delete on auditevents

view this post on Zulip Grahame Grieve (Oct 21 2020 at 19:28):

it does allow external systems to put audit events to existing and new ids.

view this post on Zulip Grahame Grieve (Oct 21 2020 at 19:28):

it's not really any different to allowing put to a new id for any other resource - see 'upsert' in the specification

view this post on Zulip John Moehrke (Oct 21 2020 at 19:33):

Audit Event is likely one where policy forbids Update and Delete. Yes.

view this post on Zulip Brendan Kowitz (Oct 22 2020 at 00:23):

Grahame Grieve said:

it's not really any different to allowing put to a new id for any other resource - see 'upsert' in the specification

Thanks for the replies. @Grahame Grieve so your server does allow updates for AuditEvents?

I guess the underlying implementation question is, should "CapabilityStatement.rest.resource.updateCreate" be allowed even if the "Update" (CapabilityStatement.rest.resource.interaction) interaction is not defined on that resource? That to me was the slightly grey area.

view this post on Zulip Brendan Kowitz (Oct 22 2020 at 00:26):

@John Moehrke in principle I also agree, the implementers question is how this is defined as capabilities in the case I want to define the ID

view this post on Zulip Grahame Grieve (Oct 22 2020 at 00:42):

it does allow it, but I probably wouldn't allow it in a production EHR. OTOH, my server also plays the role as an audit trail sink, so other systems can send it audit trail events. hence, I allow insert/update/upsert.

view this post on Zulip Grahame Grieve (Oct 22 2020 at 00:42):

Testing server...

view this post on Zulip Brendan Kowitz (Oct 22 2020 at 16:25):

Thanks Grahame, John.

view this post on Zulip Brendan Kowitz (Oct 22 2020 at 16:38):

I'm summarizing as this:
When CapabilityStatement.rest.resource.updateCreate is true, it should invert the behavior to allow creates on PUT and only allow modify when the update interaction is also present.

view this post on Zulip John Moehrke (Oct 22 2020 at 17:17):

Im not sure I understand your conclusion. I see no need for updateCreate. The .interaction already is clear on how to declare create only. if a server wants to allow updateCreate, it then it seems to be normal behavior. I am unclear on what you mean by "invert the behavior".

view this post on Zulip Brendan Kowitz (Oct 22 2020 at 18:04):

@John Moehrke perhaps it would help if you paraphrase what should happen in the case where "updateCreate = true", but update is omitted from the resource interactions?

The definition for the "create" interaction on a resource seemed clear with "Create a new resource with a server assigned id."

view this post on Zulip John Moehrke (Oct 22 2020 at 22:51):

from what I read, updateCreate says that when it is TRUE, the server will treat an Update request as if it is a Create request with the client given id value.... right?

view this post on Zulip Lokesh G S (Nov 03 2020 at 07:41):

Hi team can you please help me how to save audit events ?

view this post on Zulip Lokesh G S (Nov 03 2020 at 07:45):

My doubt is .. for suppose if i am changing the name of the organization, how should i store it in audit events? can any help me with sample

view this post on Zulip Mareike Przysucha (Nov 03 2020 at 08:47):

Regarding your remark in the "FHIR Message identifiers"-stream: It always may take some time until a question is answered as the one familiar with your topic might be out of office due to different time zones. Your question is just 1,5 hours old. Please give others time to read and think about your question. Thank you in advance.

view this post on Zulip Lokesh G S (Nov 03 2020 at 08:49):

okay @Mareike Przysucha . Actually i am trying with different people in private chat but no one responded. I am very new to his as developer implemting the tele medicine project. Wanted to know how the audit events are created? do you have any idea @Mareike Przysucha

view this post on Zulip Mareike Przysucha (Nov 03 2020 at 08:53):

I think this depends on your system. Which programming languange and framework do you use? If you use java, hapi could be an example. Could you provide more information, so that the experts can give better advice?

view this post on Zulip Lokesh G S (Nov 03 2020 at 08:55):

We doing it using fhir graphql node js @Mareike Przysucha

view this post on Zulip John Moehrke (Nov 03 2020 at 14:06):

some platforms like HAPI have built in automatic logging to AuditEvent format. Most general IT tools will log events to that platforms logging tool, using free text strings. I suspect a node.js is just going to log free text. The AuditEvent is intended to be recorded by FHIR knowledgeable applications/services and to be populated with as rich of information as is known. This level of rich audit logging is not something that can be done well by infrastructure.

view this post on Zulip Lloyd McKenzie (Nov 03 2020 at 19:48):

@Lokesh G S welcome. In general, it's better to ask questions in public rather than using private messages because there's a broader set of people who can respond. It also means that others get to benefit from both the question and the answer. Also, when asking a question, it's important to provide context - what tools you're using, what parts of the specification you've read, etc. Your original question doesn't make clear whether you've read up on the AuditEvent resource and the section in the security module that talks about audit (which should be a pre-requisite to asking anything).

view this post on Zulip Brian Postlethwaite (Nov 03 2020 at 22:51):

My server is similar to Grahames in that it permits upserts, however if the auditevent was created by the system, then it is locked. So it kinda does both - support an event sink, and local auditing.

view this post on Zulip John Moehrke (Nov 03 2020 at 22:58):

Grahame Grieve said:

it's not really any different to allowing put to a new id for any other resource - see 'upsert' in the specification

although there is an html anchor for 'upsert' it is not in any narrative, so not possible to "see" it.
https://www.hl7.org/fhir/http.html#upsert
I am just now learning this word...

view this post on Zulip Grey Faulkenberry (Apr 26 2021 at 03:44):

Question about the use of AuditEvent. I'm creating an online questionnaire application implemented in FHIR. Currently, it displays one question per screen. In addition to the actual QuestionnaireResponse, I'd like to capture how long the user spends on each screen and the total amount of time per session. Would this information best be captured as AuditEvents, or is there another resource that's more representative?

view this post on Zulip John Moehrke (Apr 26 2021 at 13:15):

The AuditEvent resource could certainly be used for this. The AuditEvent.period could be used to indicate when the form was presented, to when the form was submitted.

Last updated: Apr 12 2022 at 19:14 UTC


An HL7 Website -