Audit Log
The Smile CDR audit log is responsible for creating a record of user access to the system, including:
The responsibility of the audit log is to bind these events to a specific user account. Note that user accounts marked as a Service Account will not generate audit log entries.
The audit log is a part of the Smile CDR Cluster Manager module, and runs on every node in a cluster. Configuration for the cluster manager is stored in the Node Configuration Properties File.
The following properties may be used to control the Audit Log.
smilecdr-audit
. The default value is false. If set to true, all audit log entries will be written to the queue. If the Smile CDR Message Broker is Kafka, then the audit messages are written to a topic called smilecdr.audit
.The following snippet may be added to your configuration properties file to completely disable the audit log.
module.clustermgr.config.audit_log.db.enabled=false
module.clustermgr.config.audit_log.broker.enabled=false
Audit log messages written to the queue or topic have a format similar to the following example:
{
"endpointModuleId" : "fhir_endpoint",
"endpointNodeId" : "unit_test_node",
"remoteAddress" : "127.0.0.1",
"targetModules" : [ ],
"targetResources" : [ {
"persistenceModuleModuleId" : "persistence",
"persistenceModuleNodeId" : "unit_test_node",
"resourceId" : "Patient/1",
"resourceVersion" : 1
} ],
"targetUsers" : [ ],
"timestamp" : "2019-11-18T11:08:36.479-05:00",
"typeCode" : "FHIR_VREAD",
"typeDisplay" : "FHIR Resource Instance Read (Version-specific)",
"typeSystem" : "https://smilecdr.com/ns/CodeSystem/CdrAuditEvents",
"username" : "ADMIN",
"userModuleId" : "local_security",
"userNodeId" : "unit_test_node",
"authenticatedUserType" : "USER"
}