Skip to main content


A record of an event made for purposes of maintaining a security log. Typical uses include detection of intrusion attempts and monitoring for inappropriate usage.


id0..1stringLogical id of this artifact
meta0..1MetaMetadata about the resource
implicitRules0..1uriA set of rules under which this content was created
language0..1codeLanguage of the resource content
text0..1NarrativeText summary of the resource, for human interpretation
contained0..*ResourceContained, inline Resources
extension0..*ExtensionAdditional content defined by implementations
modifierExtension0..*ExtensionExtensions that cannot be ignored
type1..1CodingType/identifier of event
subtype0..*CodingMore specific type/id for the event
action0..1codeType of action performed during the event
period0..1PeriodWhen the activity occurred
recorded1..1instantTime when the event was recorded
outcome0..1codeWhether the event succeeded or failed
outcomeDesc0..1stringDescription of the event outcome
purposeOfEvent0..*CodeableConceptThe purposeOfUse of the event
agent1..*BackboneElementActor involved in the event
source1..1BackboneElementAudit Event Reporter
entity0..*BackboneElementData or objects used

Search Parameters

actiontokenType of action performed during the eventAuditEvent.action
addressstringIdentifier for the network access point of the user
agentreferenceIdentifier of whoAuditEvent.agent.who
agent-namestringHuman friendly name for the
agent-roletokenAgent role in the eventAuditEvent.agent.role
altidtokenAlternative User identityAuditEvent.agent.altId
datedateTime when the event was recordedAuditEvent.recorded
entityreferenceSpecific instance of resourceAuditEvent.entity.what
entity-namestringDescriptor for
entity-roletokenWhat role the entity playedAuditEvent.entity.role
entity-typetokenType of entity involvedAuditEvent.entity.type
outcometokenWhether the event succeeded or failedAuditEvent.outcome
patientreferenceIdentifier of whoAuditEvent.agent.who
policyuriPolicy that authorized eventAuditEvent.agent.policy
sitetokenLogical source location within the
sourcereferenceThe identity of source detecting the
subtypetokenMore specific type/id for the eventAuditEvent.subtype
typetokenType/identifier of eventAuditEvent.type