Welcome to Smile CDR
- Table of Contents 1.0
- Smile CDR Maturity Model 1.1
- Smile CDR Premium Solutions 1.2
- List of Features by Maturity 1.3
- Changelog (2022 Releases) 1.4
- Changelog (2021 Releases) 1.5
- Changelog (2020 Releases) 1.6
- Changelog (2019 Releases) 1.7
- Changelog (2018 Releases) 1.8
- Changelog (2017 Releases) 1.9
Getting Started
Installation
- Installing Smile CDR 3.0
- Docker Container Installation 3.1
- Unix Service Installation 3.2
- Tuning your Installation 3.3
- Message Brokers 3.4
- Message Broker Failure Management 3.5
- Message Broker: Kafka 3.6
- Message Broker: ActiveMQ 3.7
- Pre-Seeding Configuration and Data 3.8
- Upgrading Smile CDR 3.9
- Production Checklist 3.10
- Module Licensing 3.11
Tutorial and Tour
- Preamble and Setup 4.0
- SMART on FHIR Apps 4.1
- Processing HL7 v2.x Feeds 4.2
- Federated OAuth2/OIDC Setup 4.3
The FHIR Standard
- FHIR Introduction 5.0
- FHIR CRUD Operations 5.1
- FHIR Searching Basics 5.2
- FHIR Search: References and Includes 5.3
- FHIR Search: Custom Search Parameters 5.4
- FHIR Transactions and Batches 5.5
- FHIRPath Expressions 5.6
FHIR Storage
- Concepts in Smile CDR 6.0
- FHIR Storage Modules 6.1
- FHIR Endpoint Module 6.2
- FHIRWeb Console 6.3
- OpenAPI / Swagger Support 6.4
- FHIR Endpoint Customization 6.5
- Resource IDs 6.6
- Search Parameters 6.7
- Search Parameter Features 6.8
- Phonetic Search Parameters 6.9
- Search Parameter Tuning 6.10
- Search Parameter Reindexing 6.11
- Searching for Data 6.12
- Creating Data 6.13
- Reading Data 6.14
- Updating Data 6.15
- Deleting Data 6.16
- Binary Data 6.17
- Request Tracing and Provenance 6.18
- FHIR Versions 6.19
- Versioned Resource References 6.20
- Tags, Profiles, and Security Labels 6.21
- Clinical Quality Language (CQL) 6.22
- Partitioning and Multitenancy 6.23
- Custom Resource Types 6.24
- Batch and Scheduled Jobs 6.25
FHIR Storage (Relational)
- FHIR Storage (Relational) Module 7.0
- Resource Storage Mode 7.1
- Performance Tuning 7.2
- Lucene Indexing 7.3
- Performance and Caching 7.4
- Chained Searching and Sorting 7.5
- MegaScale 7.6
FHIR Storage (MongoDB)
Validation and Conformance
- Introduction 9.0
- Validation Support Repository 9.1
- Validation Support Repository Options 9.2
- Conformance Data 9.3
- Repository Validation 9.4
- Repository Validation: Java 9.5
- Repository Validation: Javascript 9.6
- Repository Validation: Validation Bean 9.7
- Endpoint Validation 9.8
- Packages and Implementation Guides 9.9
- Package Registry Endpoint Module 9.10
- Remote Terminology Services 9.11
- Suppressing Messages 9.12
- Validation Performance 9.13
- Automatic Provenance Injection 9.14
Terminology
- Terminology Introduction 10.0
- Uploading Codes 10.1
- Terminology and Lucene Indexing 10.2
- ValueSet Expansion 10.3
- FHIR Response Terminology Mapping 10.4
Subscription
- Introduction 11.0
- Architecture 11.1
- Channel Types 11.2
- Delivery Options 11.3
- Manual Triggering 11.4
- Topic Subscriptions 11.5
Interceptors
- Interceptors 12.0
- Starter Project 12.1
- Examples: FHIR Endpoints 12.2
- Examples: HL7v2 Endpoints 12.3
- Examples: FHIR Storage 12.4
- Examples: FHIR Gateway 12.5
- Examples: FHIR Client 12.6
- Examples: MDM 12.7
- Examples: Subscription 12.8
- Examples: Channel Import 12.9
Channel Import
Realtime Export
- Realtime Export Overview 14.0
- Realtime Export Rules Definition 14.1
- Using FHIRPath 14.2
- Debezium 14.3
Security
- Security in Smile CDR 15.0
- Authentication Protocols 15.1
- Authorization and Consent 15.2
- Inbound Security Module 15.3
- Local Inbound Security Module 15.4
- LDAP Inbound Security Module 15.5
- Scripted Inbound Security Module 15.6
- SAML Inbound Security Module 15.7
- Trusted Client Mode 15.8
- Roles and Permissions 15.9
- Callback Scripts 15.10
- Anonymous Access 15.11
- Consent Service 15.12
- Consent Service: JavaScript API 15.13
- Consent Service: Java API 15.14
- Security Recipes 15.15
- Two Factor Authentication 15.16
- Troubleshooting Security 15.17
SMART on FHIR
- SMART on FHIR: Introduction 16.0
- SMART: Scopes 16.1
- SMART: Auth Flows 16.2
- SMART: Endpoints 16.3
- Client Management 16.4
- OIDC Keystores 16.5
- SMART: Smile CDR Support 16.6
- SMART Outbound Security: Module 16.7
- SMART Outbound Security: Skinning 16.8
- SMART Outbound Security: Context Selection 16.9
- SMART Outbound Security: SAML Bridging 16.10
- SMART: Federated OAuth2/OIDC Login 16.11
- SMART: Application Approval/Consent 16.12
- SMART Inbound Security Module 16.13
- SMART: Session Management 16.14
- SMART: Assigning Permissions 16.15
- SMART: Access Tokens 16.16
- SMART: User Profile Information 16.17
- FHIR Client Authentication 16.18
appSphere
- Introduction 17.0
- Getting Started 17.1
- Associated Module Configurations 17.2
- Client Creation and Configuration 17.3
- Other Configurations 17.4
- Developer Portal 17.5
- App Management Console 17.6
- App Gallery 17.7
- Appendix 17.8
FHIR Gateway
FHIR Hybrid Providers
LiveBundle
- LiveBundle Overview 20.0
- LiveBundle API 20.1
- LiveBundle Rule Definition 20.2
- LiveBundle Keepers 20.3
CDS Hooks
Master Data Management
- MDM 22.0
- MDM Quickstart Guide 22.1
- MDM Rule Definition 22.2
- Using EIDs in MDM Rule Definition 22.3
- MDM Survivorship Rules 22.4
- Upgrading from the EMPI module 22.5
- MDM UI 22.6
Clinical Reasoning
IG Support
Clustering
Logging
HL7 v2.x Support
- Introduction 27.0
- Inbound Messaging 27.1
- FHIR-Based Terminology Translation 27.2
- Outbound Messaging 27.3
- Outbound Messaging: Transport 27.4
- Transactions 27.5
- Structure Definitions 27.6
- Segment Definitions 27.7
- Table Definitions 27.8
- Naming System Mapping 27.9
- Processing Results Feeds 27.10
- Protocol 27.11
CDA Exchange Module
- Introduction 28.0
- JavaScript Templates 28.1
- Rest API Operations 28.2
- Available Document and Section Types for CDA Export 28.3
- Available Document and Section Types for CDA Import 28.4
- JavaScript Hooks on CDA Import / Export 28.5
- Further Reading 28.6
Bulk Operations
Additional Features
Monitoring
Product Administration
JSON Admin Endpoints
- JSON Admin API 33.0
- Audit Log Endpoint 33.1
- Batch Job Endpoint 33.2
- Bulk Import Endpoint 33.3
- CDA Exchange Endpoint 33.4
- Metrics Endpoint 33.5
- Module Config Endpoint 33.6
- OpenID Connect Clients Endpoint 33.7
- OpenID Connect Servers Endpoint 33.8
- OpenID Connect Sessions Endpoint 33.9
- Runtime Status Endpoint 33.10
- System Config Endpoint 33.11
- Transaction Log Endpoint 33.12
- User Management Endpoint 33.13
Product Configuration
Java Execution Environment
JavaScript Execution Environment
- Introduction 36.0
- Specifying JavaScript in Configuration File 36.1
- Remote Debugging 36.2
- Converter API 36.3
- Environment API 36.4
- Exceptions API 36.5
- OAuth2 Exceptions API 36.6
- FHIR REST API 36.7
- FHIR Model API 36.8
- HL7 v2.x Mapping API 36.9
- HTTP API 36.10
- LDAP API 36.11
- Log API 36.12
- Composition Resource API 36.13
- Composition Section API 36.14
- TransactionBuilder API 36.15
- Util API 36.16
- UUID API 36.17
- XML API 36.18
- Callback Models 36.19
Database Administration
- Database Design 37.0
- Database Connection Pool 37.1
- Setting Up PostgreSQL 37.2
- Troubleshooting PostgreSQL 37.3
- Setting Up MySQL 37.4
- Setting Up MariaDB 37.5
- Setting Up Oracle 37.6
- Setting Up SQL Server (MSSQL) 37.7
- AWS IAM Authentication 37.8
Localization
Smile CDR CLI (smileutil)
- Introduction 39.0
- Bulk Import 39.1
- Create FHIR Package 39.2
- Execute Script Function 39.3
- Export ConceptMap to CSV 39.4
- HL7 v2.x Analyze Flat File 39.5
- HL7 v2.x Transmit Flat File 39.6
- Import CSV to ConceptMap 39.7
- Map and Upload CSV Bulk Import File 39.8
- Migrate Database 39.9
- Clear Database Migration Lock 39.10
- Module Config Properties Export 39.11
- Reindex Terminology 39.12
- Synchronize FHIR Servers 39.13
- Upgrade H2 Database File 39.14
- Upload Bundle Files 39.15
- Upload CSV Bulk Import File 39.16
- Upload Sample Dataset 39.17
- Upload Terminology 39.18
- Generate Realtime Export Schema 39.19
- Validate FHIR Resources 39.20
Modules
- JSON Admin API 40.0
- Web Admin Console 40.1
- CDA Exchange 40.2
- Channel Import 40.3
- Cluster Manager 40.4
- CQL 40.5
- Audit Log Persistence 40.6
- Transaction Log Persistence 40.7
- Digital Quality Measures (DQM) 40.8
- Documentation Templates and Rules (DTR) 40.9
- Enterprise Master Patient Index 40.10
- CDS Hooks Endpoint 40.11
- FHIR Gateway Endpoint 40.12
- FHIR REST Endpoint (All Versions) 40.13
- FHIR REST Endpoint (DSTU2 - Deprecated) 40.14
- FHIR REST Endpoint (DSTU3 - Deprecated) 40.15
- FHIR REST Endpoint (R4 - Deprecated) 40.16
- FHIRWeb Console 40.17
- HL7 v2.x Listening Endpoint 40.18
- HL7 v2.x Sending Endpoint 40.19
- Hybrid Providers Endpoint 40.20
- Package Registry Endpoint 40.21
- Subscription Websocket Endpoint 40.22
- ETL Importer 40.23
- MDM 40.24
- MDM UI 40.25
- Narrative Generator 40.26
- FHIR Storage (DSTU2 RDBMS) 40.27
- FHIR Storage (R3 RDBMS) 40.28
- FHIR Storage (R4 RDBMS) 40.29
- FHIR Storage (R5 RDBMS) 40.30
- FHIR Storage (Mongo) 40.31
- Realtime Export 40.32
- LDAP Inbound Security 40.33
- Local Inbound Security 40.34
- SAML Inbound Security 40.35
- Scripted Inbound Security 40.36
- SMART Inbound Security 40.37
- SMART Outbound Security 40.38
- SMART App Host 40.39
- Subscription Matcher (All FHIR Versions) 40.40
- Subscription Matcher (DSTU2 - Deprecated) 40.41
- Subscription Matcher (DSTU3 - Deprecated) 40.42
- Subscription Matcher (R4 - Deprecated) 40.43
- appSphere 40.44
- Payer to Payer 40.45
- Amazon HealthLake Outbound REST Connector 40.46
- License 40.47
- Camel 40.48
Configuration Categories
- Web Admin Console Settings 41.0
- appSphere 41.1
- Payer Config 41.2
- Initial appSphere Seeding 41.3
- Authentication Callback Scripts 41.4
- Auth: General for APIs 41.5
- User Authentication 41.6
- Auth: HTTP Basic 41.7
- Auth: OpenID Connect 41.8
- Browser Syntax Highlighting 41.9
- Camel 41.10
- Capability Statement (metadata) 41.11
- Care Gaps 41.12
- CDA Generation 41.13
- CDA Import 41.14
- CDA JavaScript Execution Scripts 41.15
- CDS Hooks Definitions 41.16
- Channel Import 41.17
- Channel Retry 41.18
- Kafka 41.19
- Cluster Manager Maintenance 41.20
- Message Broker 41.21
- Cluster Level Security 41.22
- CQL 41.23
- Credentials 41.24
- Cross-Origin Resource Sharing (CORS) 41.25
- Database 41.26
- Da Vinci Health Record Exchange 41.27
- DQM 41.28
- DTR 41.29
- Email Configuration 41.30
- MDM UI 41.31
- ETL Import: CSV Properties 41.32
- ETL Import: Source 41.33
- FHIR Binary Storage 41.34
- FHIR Bulk Operations 41.35
- Capability Statement 41.36
- FHIR Configuration 41.37
- Consent Service 41.38
- FHIR Endpoint Conversion 41.39
- Interceptors 41.40
- FHIR Endpoint Partitioning 41.41
- Resource Providers 41.42
- FHIR Endpoint Security 41.43
- Endpoint Terminology 41.44
- FHIR Gateway Configuration 41.45
- FHIR Interceptors 41.46
- LiveBundle Service 41.47
- FHIR MDM Server 41.48
- FHIR Performance 41.49
- FHIR Performance Tracing 41.50
- FHIR Realtime Export 41.51
- Repository Validation 41.52
- FHIR Resource Types 41.53
- FHIR REST Endpoint 41.54
- FHIR Search 41.55
- Custom Resource Types 41.56
- IG Support 41.57
- MegaScale 41.58
- FHIR Storage Module Scheduled Tasks 41.59
- FHIR Validation Services 41.60
- FHIR Storage Package Registry 41.61
- FHIR Storage Partitioning 41.62
- Versioned References 41.63
- FHIR Subscription Delivery 41.64
- FHIR Subscription Persistence 41.65
- Amazon HealthLake REST Endpoint 41.66
- HL7 v2.x Mapper - Contained Resource 41.67
- HL7 v2.x Mapper - DG1 41.68
- HL7 v2.x Mapper - Forced Namespace Mode 41.69
- HL7 v2.x Mapper - General 41.70
- HL7 v2.x Mapper - Medications 41.71
- HL7 v2.x Mapper - OBR 41.72
- HL7 v2.x to FHIR Mapper - OBSERVATION Group 41.73
- HL7 v2.x to FHIR Mapper - ORDER_OBSERVATION Group 41.74
- HL7 v2.x Mapper - PID 41.75
- HL7 v2.x Mapper - PV1 41.76
- Listener Interceptors 41.77
- HL7 v2.x Listener Script 41.78
- HL7 v2.x MLLP Listener 41.79
- HL7 v2.x MLLP Sender 41.80
- FHIR to HL7 v2.x Mapper Script 41.81
- HL7 v2.x Outbound Mapping 41.82
- Da Vinci Health Record Exchange (HRex) 41.83
- HTTP Access Log 41.84
- HTTP Listener 41.85
- HTTP Request Pool 41.86
- HTTP Security 41.87
- Hybrid Providers Definitions 41.88
- Initial User Seeding 41.89
- JavaScript Execution Environment 41.90
- JSON Web KeySet (JWKS) 41.91
- LDAP Authentication 41.92
- Smile CDR License 41.93
- Lucene FullText Indexing 41.94
- MDM 41.95
- Narrative Generator 41.96
- OpenID Connect Token Validation 41.97
- OpenID Connect (OIDC) 41.98
- Payer to Payer 41.99
- Privacy Security Notice 41.100
- Provenance Injection 41.101
- Realtime Export 41.102
- Endpoint Validation: Request Validating 41.103
- Scheduler Configuration 41.104
- Search Parameter Seeding 41.105
- SAML Provider 41.106
- Security Inbound Script 41.107
- Inbound SMART on FHIR Authentication 41.108
- Inbound SMART on FHIR Endpoints 41.109
- OAuth2/OIDC Federation 41.110
- SMART Callback Script 41.111
- Cross-Organizational Data Access Profile 41.112
- SMART Login Skin 41.113
- SMART Login Terms of Service 41.114
- SMART Authorization 41.115
- SMART Definitions Seeding 41.116
- Sessions 41.117
- Two Factor Authentication 41.118
- TLS / SSL (Encryption) 41.119
- Transaction Log 41.120
- Trusted Client 41.121
- User Self Registration 41.122
Product Reference
Amazon HealthLake Outbound REST Connector
Premium
Appendix
Table of Contents
Audit Log
26.1Audit Log
The Smile CDR audit log is responsible for creating a record of user access to the system, including:
- Accesses (both read and write) to the FHIR Endpoints
- Accesses (both read and write) to the Web Admin Console and JSON Admin API
- User authentication against security endpoints
- Configuration changes
The responsibility of the audit log is to bind these events to a specific user account. Note that user accounts marked as a Service Account will not generate audit log entries.
The audit log is a part of the Smile CDR Cluster Manager module, and runs on every node in a cluster. Configuration for the cluster manager is stored in the Node Configuration Properties File.
26.1.1Audit Log Configuration
The following properties may be used to control the Audit Log.
- audit_log.db.enabled – Controls whether the audit log will be written to the database. The default value is true. If set to false, no new entries will be written to the database (existing entries are not deleted simply by modifying this setting).
- audit_log.broker.enabled – Controls whether the audit log will be written to a message broker queue named
smilecdr-audit. The default value is false. If set to true, all audit log entries will be written to the queue. If the Smile CDR Message Broker is Kafka, then the audit messages are written to a topic calledsmilecdr.audit. - audit_log.request_headers_to_store – Controls which request headers Smile CDR will extract and store along with the audit event. If left empty, no headers will be stored.
26.1.2Disabling the Audit Log
The following snippet may be added to your configuration properties file to completely disable the audit log.
module.clustermgr.config.audit_log.db.enabled=false
module.clustermgr.config.audit_log.broker.enabled=false
26.1.3Broker Audit Log
Audit log messages written to the queue or topic have a format similar to the following example:
{
"endpointModuleId" : "fhir_endpoint",
"endpointNodeId" : "unit_test_node",
"remoteAddress" : "127.0.0.1",
"targetModules" : [ ],
"targetResources" : [ {
"persistenceModuleModuleId" : "persistence",
"persistenceModuleNodeId" : "unit_test_node",
"resourceId" : "Patient/1",
"resourceVersion" : 1
} ],
"targetUsers" : [ ],
"timestamp" : "2019-11-18T11:08:36.479-05:00",
"typeCode" : "FHIR_VREAD",
"typeDisplay" : "FHIR Resource Instance Read (Version-specific)",
"typeSystem" : "https://smilecdr.com/ns/CodeSystem/CdrAuditEvents",
"username" : "ADMIN",
"userModuleId" : "local_security",
"userNodeId" : "unit_test_node",
"authenticatedUserType" : "USER"
}
26.1.4Audit Module
It is recommended to split the audit log away from your primary Cluster Manager database. This is possible by creating a module of type AUDIT_LOG_PERSISTENCE. Creating such a module will permit you to define a database separate from your Cluster Manager database. One reason for doing this is to reduce traffic on your primary Cluster Manager database, but there are potential security and retention reasons as well. Below is a diagram showing the relationship between the Cluster Manager and the Audit Log Persistence module, and how audit logs are propagated throughout the system.
The following example has a Cluster Manager module, along with two Audit Log Persistence modules. The Web Admin module is there to show that it is possible to have multiple Audit Log Persistence modules, and that the Web Admin module can query any of them.
Note that there are a few minor differences between this separate module's audit logs, and the Cluster Manager's audit logs.
- The
Audit Log Persistencemodule does not contain database constraints on the client PID or user PID fields of the Audit Logs. These fields are later populated with cluster manager data upon viewing. - The
Audit Log Persistencemodule does not support sending messages to a broker. We plan to provide a newAUDIT_LOG_BROKERmodule type in the future to support this.
Cluster Manager in conjunction with Audit Modules
If any Audit modules are defined, the cluster manager will stop writing audit logs to its own database, favouring instead writing to each available Audit module. This behaviour can be changed by enabling the audit_log.db.always_write_to_clustermgr property on the Cluster Manager. If this is enabled, the Cluster Manager will continue to write audit logs to its own database, in addition to any Audit modules that are defined.
Viewing Audit Logs on alternate modules.
When viewing the Web Admin console's Audit Log page, you must now select an audit module to view.