Skip to main content

Audit Database

Health Connect Cloud has a read-only audit database, represented by the table %SYS.Audit, that allows you to review events that occur in the InterSystems IRIS instance of your service. These events can either be initiated by a user or by the system. The contents of the database are refreshed every 15 minutes, so a database query may not return the newest events. Old events are purged after 31 days.

All actions performed by a user in the Management Portal are logged in the audit database, for example, when a user logs in or out, or when a production is started or stopped. Some actions performed in the Cloud Services Portal also generate an event (or events) in the database, such as when a production or an SSL/TLS configuration is created. Creating a Connect User does not generate an event, as the user is created in Cognito, but logging into the Management Portal for the first time creates the user in the InterSystems IRIS instance, and an event is logged in the database. Actions performed in the Cloud Services Portal that do not affect the instance, such as creating a firewall rule, are not logged in the database.

To view the audit database:

  1. Log in to the Management Portal. (See System Management page.)

  2. In the Management Portal, change your namespace to REPO.

  3. Go to System Explorer > SQL.

  4. On the Execute Query tab, type a query on table %SYS.Audit, such as the following, which displays the 100 most recent events in the database:

    SELECT TOP 100
ClientIPAddress, Description, Event, EventData, EventSource, EventType, Namespace, Status, UTCTimeStamp, UserInfo, Username
FROM %SYS.Audit
ORDER BY UTCTimeStamp DESC

To see the full list of columns in the audit database, on the SQL page, check the System box, and then expand the table %SYS.Audit in the left column.

Note:

The Authentication column can not be queried.


Previous sectionConfigure HealthShare Health Connect Cloud Productions
FeedbackOpens in a new tab