Versions Compared

Old Version 6

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

Description

The Audit Logger service.  Used/required by various other services to transmit Audit Records to an Audit Record Repository using the BSD Syslog Protocol according to . Identifies Audit Source in emitted Audit Log Messages formatted according the new RFC-3881 based schema of the IHE ITI Audit Trail and Node Authentication Profile and the Radiology Audit Trail Option described in RAD TF-3 III 5.1. The Audit Record Repository can be provided by a standalone, third-party application, or by dcm4chee's Audit Record Repository Service.

Dependencies

Attributes

...

#AuditSourceID
Anchor

...

AuditSourceID
AuditSourceID

Identifier of this application as source where the event originated.

Format: Unique identifier text string, at least within the Audit Enterprise Site ID.

Default Value: DCM4CHEE local host name

...

#AuditEnterpriseSiteID
Anchor

...

AuditEnterpriseSiteID
AuditEnterpriseSiteID

Logical source location within the healthcare enterprise network, e.g., a hospital or other provider location within a multi-entity provider group.

Format: Unique identifier text string within the healthcare enterprise. May be unvalued (='-') when the audit-generating application is uniquely identified by Audit Source ID.

Default Value: localhost -

...

#AuditSourceTypeCodes
Anchor

...

AuditSourceTypeCodes

...

UDP port of the audit record repository.

Default Value: 4000

...

Facility used for the audit record repository. Possible values are: kern, user, mail, daemon, auth, syslog, lpr, news, ucp, cron, authpriv, ftp, local0, local1, local2, local3, local4, local5, local6, local7

Default Value: authpriv

...

Limit message format to IHE Year 4 XML schema. Skip proprietary extensions.

Default Value: false

...

Audit logs for DICOM Storage, Query and Retrieve are supressed if this list contains the AE title of the initator of the operation. Separate multiple AE titles with a \ (backslash).
NONE = Do not supress audit logs according the initiator AE title.

Default Value: DCM4CHEE

...

Disable reverse DNS lookup to get Host name for remote application. => Use only IP to identify remote hosts in emitted Audit messages.

Default Value: false

...

Emit ActorConfig audit messages.

Default Value: true

...

Emit PatientRecord audit messages.

Default Value: true

...

Emit LogProcedureRecord audit messages.

Default Value: true

...

Emit LogStudyDeleted audit messages.

Default Value: true

...

Emit ActorStartStop audit messages.

Default Value: true

...

Emit BeginStoringInstances Audit Messages.

Default Value: true

...

Emit DicomQuery audit messages.

Default Value: true

...

Emit InstancesSent audit messages.

Default Value: true

...

Emit SecurityAlert audit messages.

Default Value: true

...

Emit UserAuthenticated audit messages.

Default Value: true

...

Emit Export audit messages.

Default Value: true

...

The class name of the MBean

...

The status of the MBean

...

The status of the MBean in text form

Operations

...

Standard MBean lifecycle method

...

The start lifecycle operation

...

The stop lifecycle operation

...

The destroy lifecycle operation

...

The detyped lifecycle operation (for internal use only)

...

Used internally

...

Used internally

...

Used internally

...

Used internally

...

Used internally

...

Used internally

...

Used internally

...

Used internally

...

Used internally

...

Used internally

...

AuditSourceTypeCodes

Code specifying the type of source where event originated.

Codes:

Value

Meaning

1

End-user interface

2

Data acquisition device or instrument

3

Web server process tier in a multi-tier system

4

Application server process tier in a multi-tier system

5

Database server process tier in a multi-tier system

6

Security server, e.g., a domain controller

7

ISO level 1-3 network component

8

ISO level 4-6 operating software

9

External source, other or unknown type

Multiple values separated by comma (',') can be specified.

Default Value: 4

#ProcessID
Anchor
ProcessID
ProcessID

Used to identify this application instance as Active Participant in emitted Audit Messages.

Format: Text string

Default Value: System Property app.pid or alternatively extracted from java.lang.management.RuntimeMXBean#getName()

#ProcessName
Anchor
ProcessName
ProcessName

Used to identify this application as Active Participant in emitted Audit Messages.

Format: Text string

Default Value: System Property app.name

#LocalAETitles
Anchor
LocalAETitles
LocalAETitles

List of AE titles supported by this application, separated by
(backslash).

Default Value: DCM4CHEE

#EnableDNSLookups
Anchor
EnableDNSLookups
EnableDNSLookups

Enables reverse DNS lookups to identify remote hosts by their host name - instead of their IP address - in emitted Audit Messages.

Default Value: false

#IncludeXMLDeclaration
Anchor
IncludeXMLDeclaration
IncludeXMLDeclaration

Determines, if emitted Audit Messages starts with <?xml version="1.0" encoding="UTF-8"?> or if the XML declaration is skipped.

Default Value: false

#TimezonedDateTime
Anchor
TimezonedDateTime
TimezonedDateTime

Determines, if the Event Date/Time in emitted Audit Messages includes the time-zone offset to Coordinated Universal Time (UTC).

Default Value: true

#UtcDateTime
Anchor
UtcDateTime
UtcDateTime

Determines, if the Event Date/Time in the emitted Audit Messages is given as Coordinated Universal Time (UTC).

Default Value: false

#QualifyHostname
Anchor
QualifyHostname
QualifyHostname

Determines, if host names included in the emitted Audit Messages shall be fully qualified.

Default Value: false

#EncodeUserIsRequestorTrue
Anchor
EncodeUserIsRequestorTrue
EncodeUserIsRequestorTrue

Determines, if attribute UserIsRequestor="true" of element <ActiveParticipant> in the emitted Audit Messages is explicit.

Default Value: false

#ConfigurationDirectory
Anchor
ConfigurationDirectory
ConfigurationDirectory

Directory which contains configuration files xxx-xmbean.xml, which list service attributes, for which changes are audited by Security Alert messages. A relative path name is resolved relative to archive-install-directory/server/default/.

Default Value: conf/dcm4chee-auditlog

#IHEYr4
Anchor
IHEYr4
IHEYr4

Used to distinguish this RFC 3881 compliant Audit Logger Service from the preceding Audit Logger Service, which creates Audit Messages according the Provisional XML Schema definition of the IHE Basic Security Integration Profile.

Operations

#auditApplicationStart
Anchor
auditApplicationStart
auditApplicationStart

Emits Application Start Audit Message.

#auditApplicationStop
Anchor
auditApplicationStop
auditApplicationStop

Emits Application Stop Audit Message.

Notifications