Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

Description

The Audit Logger service.  Used/Required by various other services to transmit Audit Records to an Audit Record Repository using the BSD Syslog Protocol according . Identifies Audit Source in emitted Audit Log Messages formatted according the new RFC-3881 based schema of the IHE ITI Audit Trail and Node Authentication Profile and the Radiology Audit Trail Option described in RAD TF-3 III 5.1. The Audit Record Repository can be provided by a standalone, third-party application, or by dcm4chee's Audit Record Repository Service.

Dependencies

Attributes

...

#AuditSourceID

ActorName

Actor Name in audit log messages.

AuditRepositoryHostname

Hostname of audit record repository.

AuditRepositoryPort

UDP port of the audit record repository.

AuditRepositoryFacility

Facility used for the audit record repository. Possible values are: kern, user, mail, daemon, auth, syslog, lpr, news, ucp, cron, authpriv, ftp, local0, local1, local2, local3, local4, local5, local6, local7

StrictIHEYr4

Limit message format to IHE Year 4 XML schema. Skip proprietary extensions.

SupressLogForAETitles

Audit logs for DICOM Storage, Query and Retrieve are supressed if this list contains the AE title of the initator of the operation. Separate multiple AE titles with a \ (backslash). NONE = Do not supress audit logs according the initiator AE title.

DisableHostLookup

Disable reverse DNS lookup to get Host name for remote application. => Use only IP to identify remote hosts in emitted Audit messages.

LogActorConfig

Emit ActorConfig audit messages.

LogPatientRecord

Emit PatientRecord audit messages.

LogProcedureRecord

Emit LogProcedureRecord audit messages.

LogStudyDeleted

Emit LogStudyDeleted audit messages.

LogActorStartStop

Emit ActorStartStop audit messages.

LogBeginStoringInstances

Emit BeginStoringInstances Audit Messages.

LogDicomQuery

Emit DicomQuery audit messages.

LogInstancesSent

Emit InstancesSent audit messages.

LogSecurityAlert

Emit SecurityAlert audit messages.

LogUserAuthenticated

Emit UserAuthenticated audit messages.

LogExport

Emit Export audit messages.

Name

The class name of the MBean

State

The status of the MBean

StateString

The status of the MBean in text form

Operations

create

Standard MBean lifecycle method

start

The start lifecycle operation

stop

The stop lifecycle operation

destroy

The destroy lifecycle operation

jbossInternalLifecycle

The detyped lifecycle operation (for internal use only)

logUserAuthenticated

Used internally

logActorConfig

Used internally

logStudyDeleted

Used internally

logPatientRecord

Used internally

logProcedureRecord

Used internally

logInstancesStored

Used internally

logInstancesSent

Used internally

logDicomQuery

Used internally

logSecurityAlert

Used internally

logExport

Used internally

logExport

Anchor
AuditSourceID
AuditSourceID

Identifier of this application as source where the event originated.

Format: Unique identifier text string, at least within the Audit Enterprise Site ID.

Default Value: local host name

#AuditEnterpriseSiteID
Anchor
AuditEnterpriseSiteID
AuditEnterpriseSiteID

Logical source location within the healthcare enterprise network, e.g., a hospital or other provider location within a multi-entity provider group.

Format: Unique identifier text string within the healthcare enterprise. May be unvalued (='-') when the audit-generating application is uniquely identified by Audit Source ID.

Default Value: -

#AuditSourceTypeCodes
Anchor
AuditSourceTypeCodes
AuditSourceTypeCodes

Code specifying the type of source where event originated.

Codes:

Value

Meaning

1

End-user interface

2

Data acquisition device or instrument

3

Web server process tier in a multi-tier system

4

Application server process tier in a multi-tier system

5

Database server process tier in a multi-tier system

6

Security server, e.g., a domain controller

7

ISO level 1-3 network component

8

ISO level 4-6 operating software

9

External source, other or unknown type

Multiple values separated by comma (',') can be specified.

Default Value: 4

#ProcessID
Anchor
ProcessID
ProcessID

Used to identify this application instance as Active Participant in emitted Audit Messages.

Format: Text string

Default Value: System Property app.pid or alternatively extracted from java.lang.management.RuntimeMXBean#getName()

#ProcessName
Anchor
ProcessName
ProcessName

Used to identify this application as Active Participant in emitted Audit Messages.

Format: Text string

Default Value: System Property app.name

#LocalAETitles
Anchor
LocalAETitles
LocalAETitles

List of AE titles supported by this application, separated by
(backslash).

Default Value: DCM4CHEE

#EnableDNSLookups
Anchor
EnableDNSLookups
EnableDNSLookups

Enables reverse DNS lookups to identify remote hosts by their host name - instead of their IP address - in emitted Audit Messages.

Default Value: false

#IncludeXMLDeclaration
Anchor
IncludeXMLDeclaration
IncludeXMLDeclaration

Determines, if emitted Audit Messages starts with <?xml version="1.0" encoding="UTF-8"?> or if the XML declaration is skipped.

Default Value: false

#TimezonedDateTime
Anchor
TimezonedDateTime
TimezonedDateTime

Determines, if the Event Date/Time in emitted Audit Messages includes the time-zone offset to Coordinated Universal Time (UTC).

Default Value: true

#UtcDateTime
Anchor
UtcDateTime
UtcDateTime

Determines, if the Event Date/Time in the emitted Audit Messages is given as Coordinated Universal Time (UTC).

Default Value: false

#QualifyHostname
Anchor
QualifyHostname
QualifyHostname

Determines, if host names included in the emitted Audit Messages shall be fully qualified.

Default Value: false

#EncodeUserIsRequestorTrue
Anchor
EncodeUserIsRequestorTrue
EncodeUserIsRequestorTrue

Determines, if attribute UserIsRequestor="true" of element <ActiveParticipant> in the emitted Audit Messages is explicit.

Default Value: false

#ConfigurationDirectory
Anchor
ConfigurationDirectory
ConfigurationDirectory

Directory which contains configuration files xxx-xmbean.xml, which list service attributes, for which changes are audited by Security Alert messages. A relative path name is resolved relative to archive-install-directory/server/default/.

Default Value: conf/dcm4chee-auditlog

#IHEYr4
Anchor
IHEYr4
IHEYr4

Used to distinguish this RFC 3881 compliant Audit Logger Service from the preceding Audit Logger Service, which creates Audit Messages according the Provisional XML Schema definition of the IHE Basic Security Integration Profile.

Operations

#auditApplicationStart
Anchor
auditApplicationStart
auditApplicationStart

Emits Application Start Audit Message.

#auditApplicationStop
Anchor
auditApplicationStop
auditApplicationStop

Emits Application Stop Audit Message.

Notifications