audit events
Create Audit Event
post
/organizations/{organizationId}/fhir/4/AuditEvent
A record of an event made for purposes of maintaining a security log. Typical uses include detection of intrusion attempts and monitoring for inappropriate usage.
Request
Headers
| content-type* | string | application/json|application/json+fhir | application/json |
| log-cdata | string | ||
| log-cdata-format | string | kv|json | kv |
| Authorization | string | Bearer <token> |
Params
| organizationId* | string|string | id|slug |
Body
| resourceType* | This is a AuditEvent resource | ||
| id | id | The logical id of the resource, as used in the URL for the resource. Once assigned, this value never changes. | |
| meta | Meta | The metadata about the resource. This is content that is maintained by the infrastructure. Changes to the content might not always be associated with version changes to the resource. | |
| implicitRules | uri | A reference to a set of rules that were followed when the resource was constructed, and which must be understood when processing the content. Often, this is a reference to an implementation guide that defines the special rules along with other profiles etc. | |
| language | code | The base language in which the resource is written. | |
| text | Narrative | A human-readable narrative that contains a summary of the resource and can be used to represent the content of the resource to a human. The narrative need not encode all the structured data, but is required to contain sufficient detail to make it "clinically safe" for a human to just read the narrative. Resource definitions may define what content should be represented in the narrative to ensure clinical safety. | |
| contained | array(ResourceList) | These resources do not have an independent existence apart from the resource that contains them - they cannot be identified independently, and nor can they have their own independent transaction scope. | |
| extension | array(Extension) | May be used to represent additional information that is not part of the basic definition of the resource. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. | |
| modifierExtension | array(Extension) | May be used to represent additional information that is not part of the basic definition of the resource and that modifies the understanding of the element that contains it and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer is allowed to define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself). | |
| type* | Coding | Identifier for a family of the event. For example, a menu item, program, rule, policy, function code, application name or URL. It identifies the performed function. | |
| subtype | array(Coding) | Identifier for the category of event. | |
| action | C|R|U|D|E | Indicator for type of action performed during the event that generated the audit. | |
| period | Period | The period during which the activity occurred. | |
| recorded | instant | The time when the event was recorded. | |
| outcome | 0|4|8|12 | Indicates whether the event succeeded or failed. | |
| outcomeDesc | string | A free text description of the outcome of the event. | |
| purposeOfEvent | array(CodeableConcept) | The purposeOfUse (reason) that was used during the event being recorded. | |
| agent* | array(AuditEvent_Agent) | An actor taking an active role in the event or activity that is logged. | |
| source* | AuditEvent_Source | The system that is reporting the event. | |
| entity | array(AuditEvent_Entity) | Specific instances of data or objects that have been accessed. |
Response
keyboard_arrow_down
Patch Audit Event
patch
/organizations/{organizationId}/fhir/4/AuditEvent/{resourceId}
A record of an event made for purposes of maintaining a security log. Typical uses include detection of intrusion attempts and monitoring for inappropriate usage.
Request
Headers
| content-type* | string | application/json-patch+json | application/json-patch+json |
| log-cdata | string | ||
| log-cdata-format | string | kv|json | kv |
| Authorization | string | Bearer <token> |
Params
| organizationId* | string|string | id|slug | |
| resourceId* |
Body
| resourceType* | This is a AuditEvent resource | ||
| id | id | The logical id of the resource, as used in the URL for the resource. Once assigned, this value never changes. | |
| meta | Meta | The metadata about the resource. This is content that is maintained by the infrastructure. Changes to the content might not always be associated with version changes to the resource. | |
| implicitRules | uri | A reference to a set of rules that were followed when the resource was constructed, and which must be understood when processing the content. Often, this is a reference to an implementation guide that defines the special rules along with other profiles etc. | |
| language | code | The base language in which the resource is written. | |
| text | Narrative | A human-readable narrative that contains a summary of the resource and can be used to represent the content of the resource to a human. The narrative need not encode all the structured data, but is required to contain sufficient detail to make it "clinically safe" for a human to just read the narrative. Resource definitions may define what content should be represented in the narrative to ensure clinical safety. | |
| contained | array(ResourceList) | These resources do not have an independent existence apart from the resource that contains them - they cannot be identified independently, and nor can they have their own independent transaction scope. | |
| extension | array(Extension) | May be used to represent additional information that is not part of the basic definition of the resource. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. | |
| modifierExtension | array(Extension) | May be used to represent additional information that is not part of the basic definition of the resource and that modifies the understanding of the element that contains it and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer is allowed to define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself). | |
| type* | Coding | Identifier for a family of the event. For example, a menu item, program, rule, policy, function code, application name or URL. It identifies the performed function. | |
| subtype | array(Coding) | Identifier for the category of event. | |
| action | C|R|U|D|E | Indicator for type of action performed during the event that generated the audit. | |
| period | Period | The period during which the activity occurred. | |
| recorded | instant | The time when the event was recorded. | |
| outcome | 0|4|8|12 | Indicates whether the event succeeded or failed. | |
| outcomeDesc | string | A free text description of the outcome of the event. | |
| purposeOfEvent | array(CodeableConcept) | The purposeOfUse (reason) that was used during the event being recorded. | |
| agent* | array(AuditEvent_Agent) | An actor taking an active role in the event or activity that is logged. | |
| source* | AuditEvent_Source | The system that is reporting the event. | |
| entity | array(AuditEvent_Entity) | Specific instances of data or objects that have been accessed. |
Response
keyboard_arrow_down
Read Audit Event
get
/organizations/{organizationId}/fhir/4/AuditEvent/{resourceId}
Request
Headers
| content-type* | string | application/json|application/json+fhir | application/json |
| log-cdata | string | ||
| log-cdata-format | string | kv|json | kv |
| Authorization | string | Bearer <token> |
Params
| organizationId* | string|string | id|slug | |
| resourceId* |
Response
keyboard_arrow_down
Read History Audit Event
get
/organizations/{organizationId}/fhir/4/AuditEvent/{resourceId}/_history
Request
Headers
| content-type* | string | application/json|application/json+fhir | application/json |
| log-cdata | string | ||
| log-cdata-format | string | kv|json | kv |
| Authorization | string | Bearer <token> |
Query params
| _count | string | ||
| _since | string |
Params
| organizationId* | string|string | id|slug | |
| resourceId* |
Response
keyboard_arrow_down
Read Version Audit Event
get
/organizations/{organizationId}/fhir/4/AuditEvent/{resourceId}/_history/{versionId}
Request
Headers
| content-type* | string | application/json|application/json+fhir | application/json |
| log-cdata | string | ||
| log-cdata-format | string | kv|json | kv |
| Authorization | string | Bearer <token> |
Params
| organizationId* | string|string | id|slug | |
| resourceId* | |||
| versionId* |
Response
keyboard_arrow_down
Remove Audit Event
delete
/organizations/{organizationId}/fhir/4/AuditEvent/{resourceId}
Request
Headers
| content-type* | string | application/json|application/json+fhir | application/json |
| log-cdata | string | ||
| log-cdata-format | string | kv|json | kv |
| Authorization | string | Bearer <token> |
Params
| organizationId* | string|string | id|slug | |
| resourceId* |
Response
keyboard_arrow_down
Search Get Audit Event
get
/organizations/{organizationId}/fhir/4/AuditEvent
Request
Headers
| content-type* | string | application/json|application/json+fhir | application/json |
| log-cdata | string | ||
| log-cdata-format | string | kv|json | kv |
| Authorization | string | Bearer <token> |
Query params
| _id | string | ||
| _language | string | ||
| action | string | ||
| address | string | ||
| agent | string | ||
| agent-name | string | ||
| agent-role | string | ||
| altid | string | ||
| date | string | ||
| entity | string | ||
| entity-name | string | ||
| entity-role | string | ||
| entity-type | string | ||
| outcome | string | ||
| patient | string | ||
| policy | string | ||
| site | string | ||
| source | string | ||
| subtype | string | ||
| type | string |
Params
| organizationId* | string|string | id|slug |
Response
keyboard_arrow_down
Search History Audit Event
get
/organizations/{organizationId}/fhir/4/AuditEvent/_history
Request
Headers
| content-type* | string | application/json|application/json+fhir | application/json |
| log-cdata | string | ||
| log-cdata-format | string | kv|json | kv |
| Authorization | string | Bearer <token> |
Query params
| _count | string | ||
| _since | string |
Params
| organizationId* | string|string | id|slug |
Response
keyboard_arrow_down
Search Post Audit Event
post
/organizations/{organizationId}/fhir/4/AuditEvent/_search
A record of an event made for purposes of maintaining a security log. Typical uses include detection of intrusion attempts and monitoring for inappropriate usage.
Request
Headers
| content-type* | string | application/json|application/x-www-form-urlencoded | application/json |
| log-cdata | string | ||
| log-cdata-format | string | kv|json | kv |
| Authorization | string | Bearer <token> |
Query params
| _id | string | ||
| _language | string | ||
| action | string | ||
| address | string | ||
| agent | string | ||
| agent-name | string | ||
| agent-role | string | ||
| altid | string | ||
| date | string | ||
| entity | string | ||
| entity-name | string | ||
| entity-role | string | ||
| entity-type | string | ||
| outcome | string | ||
| patient | string | ||
| policy | string | ||
| site | string | ||
| source | string | ||
| subtype | string | ||
| type | string |
Params
| organizationId* | string|string | id|slug |
Body
| resourceType* | This is a AuditEvent resource | ||
| id | id | The logical id of the resource, as used in the URL for the resource. Once assigned, this value never changes. | |
| meta | Meta | The metadata about the resource. This is content that is maintained by the infrastructure. Changes to the content might not always be associated with version changes to the resource. | |
| implicitRules | uri | A reference to a set of rules that were followed when the resource was constructed, and which must be understood when processing the content. Often, this is a reference to an implementation guide that defines the special rules along with other profiles etc. | |
| language | code | The base language in which the resource is written. | |
| text | Narrative | A human-readable narrative that contains a summary of the resource and can be used to represent the content of the resource to a human. The narrative need not encode all the structured data, but is required to contain sufficient detail to make it "clinically safe" for a human to just read the narrative. Resource definitions may define what content should be represented in the narrative to ensure clinical safety. | |
| contained | array(ResourceList) | These resources do not have an independent existence apart from the resource that contains them - they cannot be identified independently, and nor can they have their own independent transaction scope. | |
| extension | array(Extension) | May be used to represent additional information that is not part of the basic definition of the resource. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. | |
| modifierExtension | array(Extension) | May be used to represent additional information that is not part of the basic definition of the resource and that modifies the understanding of the element that contains it and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer is allowed to define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself). | |
| type* | Coding | Identifier for a family of the event. For example, a menu item, program, rule, policy, function code, application name or URL. It identifies the performed function. | |
| subtype | array(Coding) | Identifier for the category of event. | |
| action | C|R|U|D|E | Indicator for type of action performed during the event that generated the audit. | |
| period | Period | The period during which the activity occurred. | |
| recorded | instant | The time when the event was recorded. | |
| outcome | 0|4|8|12 | Indicates whether the event succeeded or failed. | |
| outcomeDesc | string | A free text description of the outcome of the event. | |
| purposeOfEvent | array(CodeableConcept) | The purposeOfUse (reason) that was used during the event being recorded. | |
| agent* | array(AuditEvent_Agent) | An actor taking an active role in the event or activity that is logged. | |
| source* | AuditEvent_Source | The system that is reporting the event. | |
| entity | array(AuditEvent_Entity) | Specific instances of data or objects that have been accessed. |
Response
keyboard_arrow_down
Update Audit Event
put
/organizations/{organizationId}/fhir/4/AuditEvent/{resourceId}
A record of an event made for purposes of maintaining a security log. Typical uses include detection of intrusion attempts and monitoring for inappropriate usage.
Request
Headers
| content-type* | string | application/json|application/json+fhir | application/json |
| log-cdata | string | ||
| log-cdata-format | string | kv|json | kv |
| Authorization | string | Bearer <token> |
Params
| organizationId* | string|string | id|slug | |
| resourceId* |
Body
| resourceType* | This is a AuditEvent resource | ||
| id | id | The logical id of the resource, as used in the URL for the resource. Once assigned, this value never changes. | |
| meta | Meta | The metadata about the resource. This is content that is maintained by the infrastructure. Changes to the content might not always be associated with version changes to the resource. | |
| implicitRules | uri | A reference to a set of rules that were followed when the resource was constructed, and which must be understood when processing the content. Often, this is a reference to an implementation guide that defines the special rules along with other profiles etc. | |
| language | code | The base language in which the resource is written. | |
| text | Narrative | A human-readable narrative that contains a summary of the resource and can be used to represent the content of the resource to a human. The narrative need not encode all the structured data, but is required to contain sufficient detail to make it "clinically safe" for a human to just read the narrative. Resource definitions may define what content should be represented in the narrative to ensure clinical safety. | |
| contained | array(ResourceList) | These resources do not have an independent existence apart from the resource that contains them - they cannot be identified independently, and nor can they have their own independent transaction scope. | |
| extension | array(Extension) | May be used to represent additional information that is not part of the basic definition of the resource. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. | |
| modifierExtension | array(Extension) | May be used to represent additional information that is not part of the basic definition of the resource and that modifies the understanding of the element that contains it and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer is allowed to define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself). | |
| type* | Coding | Identifier for a family of the event. For example, a menu item, program, rule, policy, function code, application name or URL. It identifies the performed function. | |
| subtype | array(Coding) | Identifier for the category of event. | |
| action | C|R|U|D|E | Indicator for type of action performed during the event that generated the audit. | |
| period | Period | The period during which the activity occurred. | |
| recorded | instant | The time when the event was recorded. | |
| outcome | 0|4|8|12 | Indicates whether the event succeeded or failed. | |
| outcomeDesc | string | A free text description of the outcome of the event. | |
| purposeOfEvent | array(CodeableConcept) | The purposeOfUse (reason) that was used during the event being recorded. | |
| agent* | array(AuditEvent_Agent) | An actor taking an active role in the event or activity that is logged. | |
| source* | AuditEvent_Source | The system that is reporting the event. | |
| entity | array(AuditEvent_Entity) | Specific instances of data or objects that have been accessed. |
Response
keyboard_arrow_down