Basic Audit Log Patterns (BALP)
1.1.4-current - ci-build International flag

Basic Audit Log Patterns (BALP), published by IHE IT Infrastructure Technical Committee. This guide is not an authorized publication; it is the continuous build for version 1.1.4-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/IHE/ITI.BasicAudit/ and changes regularly. See the Directory of published versions

: Audit Example of a basic SAML access token of minimal - JSON Representation

Raw json | Download

{
  "resourceType" : "AuditEvent",
  "id" : "ex-auditPoke-SAML-Min",
  "meta" : {
    "profile" : [
      🔗 "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Minimal"
    ],
    "security" : [
      {
        "system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
        "code" : "HTEST"
      }
    ]
  },
  "text" : {
    "status" : "generated",
    "div" : "<div xmlns=\"http://www.w3.org/1999/xhtml\"><p class=\"res-header-id\"><b>Generated Narrative: AuditEvent ex-auditPoke-SAML-Min</b></p><a name=\"ex-auditPoke-SAML-Min\"> </a><a name=\"hcex-auditPoke-SAML-Min\"> </a><a name=\"ex-auditPoke-SAML-Min-en-US\"> </a><p><b>type</b>: <a href=\"http://hl7.org/fhir/R4/codesystem-dicom-dcim.html#dicom-dcim-110100\">DICOM 110100</a>: Application Activity</p><p><b>subtype</b>: unknown poke: Boredom poke</p><p><b>action</b>: Read/View/Print</p><p><b>recorded</b>: 2021-12-03 09:49:00+0000</p><p><b>outcome</b>: Success</p><h3>Agents</h3><table class=\"grid\"><tr><td style=\"display: none\">-</td><td><b>Type</b></td><td><b>Who</b></td><td><b>Requestor</b></td><td><b>Policy</b></td></tr><tr><td style=\"display: none\">*</td><td><span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ParticipationType IRCP}, {https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes UserSamlAgent}\">information recipient</span></td><td>Identifier: <code>https://sts.sykehuspartner.no</code>/05086900124</td><td>true</td><td>XC4WdYS0W5bjsMGc5Ue6tClD_5U</td></tr></table><h3>Sources</h3><table class=\"grid\"><tr><td style=\"display: none\">-</td><td><b>Site</b></td><td><b>Observer</b></td><td><b>Type</b></td></tr><tr><td style=\"display: none\">*</td><td>server.example.com</td><td><a href=\"Device-ex-device.html\">Device</a></td><td><a href=\"http://terminology.hl7.org/6.0.2/CodeSystem-security-source-type.html#security-source-type-4\">Audit Event Source Type 4</a>: Application Server</td></tr></table></div>"
  },
  "type" : {
    "system" : "http://dicom.nema.org/resources/ontology/DCM",
    "code" : "110100",
    "display" : "Application Activity"
  },
  "subtype" : [
    {
      "system" : "urn:ietf:rfc:1438",
      "code" : "poke",
      "display" : "Boredom poke"
    }
  ],
  "action" : "R",
  "recorded" : "2021-12-03T09:49:00.000Z",
  "outcome" : "0",
  "agent" : [
    {
      "type" : {
        "coding" : [
          {
            "system" : "http://terminology.hl7.org/CodeSystem/v3-ParticipationType",
            "code" : "IRCP"
          },
          {
            "system" : "https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes",
            "code" : "UserSamlAgent"
          }
        ]
      },
      "who" : {
        "identifier" : {
          "system" : "https://sts.sykehuspartner.no",
          "value" : "05086900124"
        }
      },
      "requestor" : true,
      "policy" : [
        "XC4WdYS0W5bjsMGc5Ue6tClD_5U"
      ]
    }
  ],
  "source" : {
    "site" : "server.example.com",
    "observer" : {
      🔗 "reference" : "Device/ex-device"
    },
    "type" : [
      {
        "system" : "http://terminology.hl7.org/CodeSystem/security-source-type",
        "code" : "4",
        "display" : "Application Server"
      }
    ]
  }
}