Enabling Diagnostic Logging in Azure API for FHIR®

Publicado em 29 outubro, 2019

Principal Program Manager

Access to Diagnostic Logs is essential for any healthcare service where being compliant with regulatory requirements (like HIPAA) is a must. The feature in Azure API for FHIR that makes this happen is Diagnostic settings in the Azure Portal UI. For details on how Azure Diagnostic Logs work, please refer to the Azure Diagnostic Log documentation.

At this time, service is emitting the following fields in the Audit Log: 

Field Name 

Type  

Notes
TimeGenerated DateTime Date and Time of the event.

OperationName   

String  
CorrelationId   String  
RequestUri   String The request URI.
FhirResourceType   String The resource type the operation was executed for.
StatusCode   Int   The HTTP status code (e.g., 200).
ResultType   String   The available value currently are ‘Started’, ‘Succeeded’, or ‘Failed.’
OperationDurationMs Int   The milliseconds it took to complete the request.
LogCategory   String The log category. We are currently emitting 'AuditLogs' for the value.
CallerIPAddress   String The caller's IP address.
CallerIdentityIssuer   String   Issuer
CallerIdentityObjectId   String   Object_Id
CallerIdentity   Dynamic   A generic property bag containing identity information.
Location   String The location of the server that processed the request (e.g., South Central US).

How do I get to my Audit Logs?

To enable diagnostic logging in Azure API for FHIR, navigate to Diagnostic settings in the Azure Portal. Here you will see standard UI that all services use for emitting diagnostic logging.

Diagnostic Settings

There are three ways to get to the diagnostic:

  • Archive to the Storage Account for auditing or manual inspection.
  • Stream to Event Hub for ingestion by third-party service or custom analytics solutions, such as Power BI.
  • Stream to Log Analytics workspace in Azure Monitor.

Please note, it may take up to 15 minutes for the first Logs to show in Log Analytics.

For more information on how to work with Diagnostic Logs, please refer to Diagnostic Logs documentation.

Conclusion

Having access to Diagnostic Logs is essential for monitoring service and providing compliance reports. Azure API for FHIR allows you to do this through Diagnostic Logs.

FHIR® is the registered trademark of HL7 and is used with the permission of HL7.