Basic Audit Log Patterns (BALP), published by IHE IT Infrastructure Technical Committee. This guide is not an authorized publication; it is the continuous build for version 1.1.4-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/qligier/ITI.BasicAudit/ and changes regularly. See the Directory of published versions
: Audit Example of a basic SAML access token of minimal - TTL Representation
Raw ttl | Download
@prefix fhir: <http://hl7.org/fhir/> .
@prefix owl: <http://www.w3.org/2002/07/owl#> .
@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
@prefix xsd: <http://www.w3.org/2001/XMLSchema#> .
# - resource -------------------------------------------------------------------
a fhir:AuditEvent ;
fhir:nodeRole fhir:treeRoot ;
fhir:id [ fhir:v "ex-auditPoke-SAML-Min"] ; #
fhir:meta [
( fhir:profile [
fhir:v "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Minimal"^^xsd:anyURI ;
fhir:link <https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Minimal> ] ) ;
( fhir:security [
fhir:system [ fhir:v "http://terminology.hl7.org/CodeSystem/v3-ActReason"^^xsd:anyURI ] ;
fhir:code [ fhir:v "HTEST" ] ] )
] ; #
fhir:text [
fhir:status [ fhir:v "generated" ] ;
fhir:div "<div xmlns=\"http://www.w3.org/1999/xhtml\"><p class=\"res-header-id\"><b>Generated Narrative: AuditEvent ex-auditPoke-SAML-Min</b></p><a name=\"ex-auditPoke-SAML-Min\"> </a><a name=\"hcex-auditPoke-SAML-Min\"> </a><a name=\"ex-auditPoke-SAML-Min-en-US\"> </a><p><b>type</b>: <a href=\"http://hl7.org/fhir/R4/codesystem-dicom-dcim.html#dicom-dcim-110100\">DICOM 110100</a>: Application Activity</p><p><b>subtype</b>: unknown poke: Boredom poke</p><p><b>action</b>: Read/View/Print</p><p><b>recorded</b>: 2021-12-03 09:49:00+0000</p><p><b>outcome</b>: Success</p><h3>Agents</h3><table class=\"grid\"><tr><td style=\"display: none\">-</td><td><b>Type</b></td><td><b>Who</b></td><td><b>Requestor</b></td><td><b>Policy</b></td></tr><tr><td style=\"display: none\">*</td><td><span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ParticipationType IRCP}, {https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes UserSamlAgent}\">information recipient</span></td><td>Identifier: <code>https://sts.sykehuspartner.no</code>/05086900124</td><td>true</td><td>XC4WdYS0W5bjsMGc5Ue6tClD_5U</td></tr></table><h3>Sources</h3><table class=\"grid\"><tr><td style=\"display: none\">-</td><td><b>Site</b></td><td><b>Observer</b></td><td><b>Type</b></td></tr><tr><td style=\"display: none\">*</td><td>server.example.com</td><td><a href=\"Device-ex-device.html\">Device</a></td><td><a href=\"http://terminology.hl7.org/6.0.2/CodeSystem-security-source-type.html#security-source-type-4\">Audit Event Source Type 4</a>: Application Server</td></tr></table></div>"
] ; #
fhir:type [
fhir:system [ fhir:v "http://dicom.nema.org/resources/ontology/DCM"^^xsd:anyURI ] ;
fhir:code [ fhir:v "110100" ] ;
fhir:display [ fhir:v "Application Activity" ]
] ; #
fhir:subtype ( [
fhir:system [ fhir:v "urn:ietf:rfc:1438"^^xsd:anyURI ] ;
fhir:code [ fhir:v "poke" ] ;
fhir:display [ fhir:v "Boredom poke" ]
] ) ; #
fhir:action [ fhir:v "R"] ; #
fhir:recorded [ fhir:v "2021-12-03T09:49:00.000Z"^^xsd:dateTime] ; #
fhir:outcome [ fhir:v "0"] ; #
fhir:agent ( [
fhir:type [
( fhir:coding [
fhir:system [ fhir:v "http://terminology.hl7.org/CodeSystem/v3-ParticipationType"^^xsd:anyURI ] ;
fhir:code [ fhir:v "IRCP" ] ] [
fhir:system [ fhir:v "https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes"^^xsd:anyURI ] ;
fhir:code [ fhir:v "UserSamlAgent" ] ] ) ] ;
fhir:who [
fhir:identifier [
fhir:system [ fhir:v "https://sts.sykehuspartner.no"^^xsd:anyURI ] ;
fhir:value [ fhir:v "05086900124" ] ] ] ;
fhir:requestor [ fhir:v "true"^^xsd:boolean ] ;
( fhir:policy [ fhir:v "XC4WdYS0W5bjsMGc5Ue6tClD_5U"^^xsd:anyURI ] )
] ) ; #
fhir:source [
fhir:site [ fhir:v "server.example.com" ] ;
fhir:observer [
fhir:reference [ fhir:v "Device/ex-device" ] ] ;
( fhir:type [
fhir:system [ fhir:v "http://terminology.hl7.org/CodeSystem/security-source-type"^^xsd:anyURI ] ;
fhir:code [ fhir:v "4" ] ;
fhir:display [ fhir:v "Application Server" ] ] )
] . #