Access to Diagnostic Logs is essential for any healthcare service where being compliant with regulatory requirements (like HIPAA) is a must. The feature in Azure API for FHIR that makes this happen is Diagnostic settings in the Azure Portal UI. For details on how Azure Diagnostic Logs work, please refer to the Azure Diagnostic Log documentation.
At this time, service is emitting the following fields in the Audit Log:
|TimeGenerated||DateTime||Date and Time of the event.|
|RequestUri||String||The request URI.|
|FhirResourceType||String||The resource type the operation was executed for.|
|StatusCode||Int||The HTTP status code (e.g., 200).|
|ResultType||String||The available value currently are ‘Started’, ‘Succeeded’, or ‘Failed.’|
|OperationDurationMs||Int||The milliseconds it took to complete the request.|
|LogCategory||String||The log category. We are currently emitting 'AuditLogs' for the value.|
|CallerIPAddress||String||The caller's IP address.|
|CallerIdentity||Dynamic||A generic property bag containing identity information.|
|Location||String||The location of the server that processed the request (e.g., South Central US).|
How do I get to my Audit Logs?
To enable diagnostic logging in Azure API for FHIR, navigate to Diagnostic settings in the Azure Portal. Here you will see standard UI that all services use for emitting diagnostic logging.
There are three ways to get to the diagnostic:
- Archive to the Storage Account for auditing or manual inspection.
- Stream to Event Hub for ingestion by third-party service or custom analytics solutions, such as Power BI.
- Stream to Log Analytics workspace in Azure Monitor.
Please note, it may take up to 15 minutes for the first Logs to show in Log Analytics.
For more information on how to work with Diagnostic Logs, please refer to Diagnostic Logs documentation.
Having access to Diagnostic Logs is essential for monitoring service and providing compliance reports. Azure API for FHIR allows you to do this through Diagnostic Logs.
FHIR® is the registered trademark of HL7 and is used with the permission of HL7.
Source: Azure Blog Feed