This page is part of the FHIR Specification (v3.3.0: R4 Ballot 2). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions . Page versions: R4 R3 R2
Electronic Health Records Work Group | Maturity Level: 1 | Informative | Use Context: Any |
The official URL for this profile is:
http://hl7.org/fhir/StructureDefinition/ehrsrle-auditevent
Defines the elements to be supported within the AuditEvent resource in order to conform with the Electronic Health Record System Functional Model Record Lifecycle Event standard
This profile was published on Thu, Dec 4, 2014 00:00+1100 as a draft by Health Level Seven International (Electronic Health Record).
Description of Profiles, Differentials, Snapshots, and how the XML and JSON presentations work.
This structure is derived from AuditEvent.
This structure is derived from AuditEvent.
Name | Flags | Card. | Type | Description & Constraints |
---|---|---|---|---|
AuditEvent | 0..* | |||
type | S | 1..1 | Coding | |
subtype | S | 0..* | Coding | |
action | S | 0..1 | code | |
recorded | S | 1..1 | instant | |
purposeOfEvent | S | 0..* | CodeableConcept | |
agent | S | 1..* | BackboneElement | |
role | S | 0..* | CodeableConcept | |
reference | S | 0..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | |
userId | S | 0..1 | Identifier | |
requestor | S | 1..1 | boolean | |
location | S | 0..1 | Reference(Location) | |
policy | S | 0..* | uri | |
network | S | 0..1 | BackboneElement | |
address | S | 0..1 | string | |
type | S | 0..1 | code | |
purposeOfUse | S | 0..* | CodeableConcept | |
source | S | 1..1 | BackboneElement | |
site | S | 0..1 | string | |
identifier | S | 1..1 | Identifier | |
type | S | 0..* | Coding | |
entity | S | 0..* | BackboneElement | |
identifier | S | 0..1 | Identifier | |
reference | S | 0..1 | Reference(Resource) | |
type | S | 0..1 | Coding | |
role | S | 0..1 | Coding | |
lifecycle | S | 0..1 | Coding | |
securityLabel | S | 0..* | Coding | |
Documentation for this format |
Name | Flags | Card. | Type | Description & Constraints |
---|---|---|---|---|
AuditEvent | I | 0..* | Event record kept for security purposes | |
id | Σ | 0..1 | id | Logical id of this artifact |
meta | Σ | 0..1 | Meta | Metadata about the resource |
implicitRules | ?!Σ | 0..1 | uri | A set of rules under which this content was created |
language | 0..1 | code | Language of the resource content Binding: Common Languages (extensible) | |
text | I | 0..1 | Narrative | Text summary of the resource, for human interpretation |
contained | 0..* | Resource | Contained, inline Resources | |
extension | 0..* | Extension | Additional Content defined by implementations | |
modifierExtension | ?! | 0..* | Extension | Extensions that cannot be ignored |
type | SΣ | 1..1 | Coding | Type/identifier of event Binding: Audit Event ID (extensible) |
subtype | SΣ | 0..* | Coding | More specific type/id for the event Binding: Audit Event Sub-Type (extensible) |
action | SΣ | 0..1 | code | Type of action performed during the event Binding: AuditEventAction (required) |
period | 0..1 | Period | When the activity occurred | |
recorded | SΣ | 1..1 | instant | Time when the event was recorded |
outcome | Σ | 0..1 | code | Whether the event succeeded or failed Binding: AuditEventOutcome (required) |
outcomeDesc | Σ | 0..1 | string | Description of the event outcome |
purposeOfEvent | SΣ | 0..* | CodeableConcept | The purposeOfUse of the event Binding: PurposeOfUse (extensible) |
agent | SI | 1..* | BackboneElement | Actor involved in the event |
id | 0..1 | string | xml:id (or equivalent in JSON) | |
extension | 0..* | Extension | Additional content defined by implementations | |
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored |
type | 0..1 | CodeableConcept | How agent participated Binding: ParticipationRoleType (extensible) | |
role | S | 0..* | CodeableConcept | Agent role in the event Binding: SecurityRoleType (example) |
reference | SΣ | 0..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | Direct reference to resource |
userId | SΣ | 0..1 | Identifier | Unique identifier for the user |
altId | 0..1 | string | Alternative User id e.g. authentication | |
name | 0..1 | string | Human-meaningful name for the agent | |
requestor | SΣ | 1..1 | boolean | Whether user is initiator |
location | S | 0..1 | Reference(Location) | Where |
policy | S | 0..* | uri | Policy that authorized event |
media | 0..1 | Coding | Type of media Binding: Media Type Code (extensible) | |
network | SI | 0..1 | BackboneElement | Logical network location for application activity |
id | 0..1 | string | xml:id (or equivalent in JSON) | |
extension | 0..* | Extension | Additional content defined by implementations | |
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored |
address | S | 0..1 | string | Identifier for the network access point of the user device |
type | S | 0..1 | code | The type of network access point Binding: AuditEventAgentNetworkType (required) |
purposeOfUse | S | 0..* | CodeableConcept | Reason given for this user Binding: PurposeOfUse (extensible) |
source | SI | 1..1 | BackboneElement | Audit Event Reporter |
id | 0..1 | string | xml:id (or equivalent in JSON) | |
extension | 0..* | Extension | Additional content defined by implementations | |
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored |
site | S | 0..1 | string | Logical source location within the enterprise |
identifier | SΣ | 1..1 | Identifier | The identity of source detecting the event |
type | S | 0..* | Coding | The type of source where event originated Binding: Audit Event Source Type (extensible) |
entity | SI | 0..* | BackboneElement | Data or objects used |
id | 0..1 | string | xml:id (or equivalent in JSON) | |
extension | 0..* | Extension | Additional content defined by implementations | |
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored |
identifier | SΣ | 0..1 | Identifier | Specific instance of object |
reference | SΣ | 0..1 | Reference(Resource) | Specific instance of resource |
type | S | 0..1 | Coding | Type of entity involved Binding: AuditEventEntityType (extensible) |
role | S | 0..1 | Coding | What role the entity played Binding: AuditEventEntityRole (extensible) |
lifecycle | S | 0..1 | Coding | Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible) |
securityLabel | S | 0..* | Coding | Security labels on the entity Binding: All Security Labels (extensible) |
name | ΣI | 0..1 | string | Descriptor for entity |
description | 0..1 | string | Descriptive text | |
query | ΣI | 0..1 | base64Binary | Query parameters |
detail | I | 0..* | BackboneElement | Additional Information about the entity |
id | 0..1 | string | xml:id (or equivalent in JSON) | |
extension | 0..* | Extension | Additional content defined by implementations | |
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored |
type | 1..1 | string | Name of the property | |
value[x] | 1..1 | string, base64Binary | Property value | |
Documentation for this format |
<!-- EHRS FM Record Lifecycle Event - Audit Event --> <AuditEvent xmlns="http://hl7.org/fhir" > <!-- from Element: extension --> <id value="[id]"/><!-- 0..1 Logical id of this artifact --> <meta><!-- 0..1 Meta Metadata about the resource --></meta> <implicitRules value="[uri]"/><!-- 0..1 A set of rules under which this content was created --> <language value="[code]"/><!-- 0..1 Language of the resource content --> <text><!-- 0..1 Narrative Text summary of the resource, for human interpretation --></text> <contained><!-- 0..* Resource Contained, inline Resources --></contained> <modifierExtension><!-- 0..* Extension Extensions that cannot be ignored --></modifierExtension> <type><!-- 1..1 Coding Type/identifier of event --></type> <subtype><!-- 0..* Coding More specific type/id for the event --></subtype> <action value="[code]"/><!-- 0..1 Type of action performed during the event --> <period><!-- 0..1 Period When the activity occurred --></period> <recorded value="[instant]"/><!-- 1..1 Time when the event was recorded --> <outcome value="[code]"/><!-- 0..1 Whether the event succeeded or failed --> <outcomeDesc value="[string]"/><!-- 0..1 Description of the event outcome --> <purposeOfEvent><!-- 0..* CodeableConcept The purposeOfUse of the event --></purposeOfEvent> <agent> 1..* BackboneElement <!-- 1..* Actor involved in the event --> <modifierExtension><!-- 0..* Extension Extensions that cannot be ignored --></modifierExtension> <type><!-- 0..1 CodeableConcept How agent participated --></type> <role><!-- 0..* CodeableConcept Agent role in the event --></role> <reference><!-- 0..1 Reference(PractitionerRole) Direct reference to resource --></reference> <userId><!-- 0..1 Identifier Unique identifier for the user --></userId> <altId value="[string]"/><!-- 0..1 Alternative User id e.g. authentication --> <name value="[string]"/><!-- 0..1 Human-meaningful name for the agent --> <requestor value="[boolean]"/><!-- 1..1 Whether user is initiator --> <location><!-- 0..1 Reference(Location) Where --></location> <policy value="[uri]"/><!-- 0..* Policy that authorized event --> <media><!-- 0..1 Coding Type of media --></media> <network> 0..1 BackboneElement <!-- 0..1 Logical network location for application activity --> <modifierExtension><!-- 0..* Extension Extensions that cannot be ignored --></modifierExtension> <address value="[string]"/><!-- 0..1 Identifier for the network access point of the user device --> <type value="[code]"/><!-- 0..1 The type of network access point --> </network> <purposeOfUse><!-- 0..* CodeableConcept Reason given for this user --></purposeOfUse> </agent> <source> 1..1 BackboneElement <!-- 1..1 Audit Event Reporter --> <modifierExtension><!-- 0..* Extension Extensions that cannot be ignored --></modifierExtension> <site value="[string]"/><!-- 0..1 Logical source location within the enterprise --> <identifier><!-- 1..1 Identifier The identity of source detecting the event --></identifier> <type><!-- 0..* Coding The type of source where event originated --></type> </source> <entity> 0..* BackboneElement <!-- 0..* Data or objects used --> <modifierExtension><!-- 0..* Extension Extensions that cannot be ignored --></modifierExtension> <identifier><!-- 0..1 Identifier Specific instance of object --></identifier> <reference><!-- 0..1 Reference(Resource) Specific instance of resource --></reference> <type><!-- 0..1 Coding Type of entity involved --></type> <role><!-- 0..1 Coding What role the entity played --></role> <lifecycle><!-- 0..1 Coding Life-cycle stage for the entity --></lifecycle> <securityLabel><!-- 0..* Coding Security labels on the entity --></securityLabel> <name value="[string]"/><!-- 0..1 Descriptor for entity --> <description value="[string]"/><!-- 0..1 Descriptive text --> <query value="[base64Binary]"/><!-- 0..1 Query parameters --> <detail> 0..* BackboneElement <!-- 0..* Additional Information about the entity --> <modifierExtension><!-- 0..* Extension Extensions that cannot be ignored --></modifierExtension> <type value="[string]"/><!-- 1..1 Name of the property --> <value[x]><!-- 1..1 string|base64Binary Property value --></value[x]> </detail> </entity> </AuditEvent>
{ // EHRS FM Record Lifecycle Event - Audit Event // from Element: extension "meta" : { Meta }, //Metadata about the resource "implicitRules" : "<uri>", //A set of rules under which this content was created "language" : "<code>", //Language of the resource content "text" : { Narrative }, //Text summary of the resource, for human interpretation "contained" : [{ Resource }], //Contained, inline Resources "modifierExtension" : [{ Extension }], //Extensions that cannot be ignored "type" : { Coding }, // R! Type/identifier of event "subtype" : [{ Coding }], //More specific type/id for the event "action" : "<code>", //Type of action performed during the event "period" : { Period }, //When the activity occurred "recorded" : "<instant>", // R! Time when the event was recorded "outcome" : "<code>", //Whether the event succeeded or failed "outcomeDesc" : "<string>", //Description of the event outcome "purposeOfEvent" : [{ CodeableConcept }], //The purposeOfUse of the event "agent" : [{ BackboneElement }], // C? R! Actor involved in the event "source" : { BackboneElement }, // C? R! Audit Event Reporter "entity" : [{ BackboneElement }] // C?Data or objects used }
This structure is derived from AuditEvent.
Differential View
This structure is derived from AuditEvent.
Name | Flags | Card. | Type | Description & Constraints |
---|---|---|---|---|
AuditEvent | 0..* | |||
type | S | 1..1 | Coding | |
subtype | S | 0..* | Coding | |
action | S | 0..1 | code | |
recorded | S | 1..1 | instant | |
purposeOfEvent | S | 0..* | CodeableConcept | |
agent | S | 1..* | BackboneElement | |
role | S | 0..* | CodeableConcept | |
reference | S | 0..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | |
userId | S | 0..1 | Identifier | |
requestor | S | 1..1 | boolean | |
location | S | 0..1 | Reference(Location) | |
policy | S | 0..* | uri | |
network | S | 0..1 | BackboneElement | |
address | S | 0..1 | string | |
type | S | 0..1 | code | |
purposeOfUse | S | 0..* | CodeableConcept | |
source | S | 1..1 | BackboneElement | |
site | S | 0..1 | string | |
identifier | S | 1..1 | Identifier | |
type | S | 0..* | Coding | |
entity | S | 0..* | BackboneElement | |
identifier | S | 0..1 | Identifier | |
reference | S | 0..1 | Reference(Resource) | |
type | S | 0..1 | Coding | |
role | S | 0..1 | Coding | |
lifecycle | S | 0..1 | Coding | |
securityLabel | S | 0..* | Coding | |
Documentation for this format |
Snapshot View
Name | Flags | Card. | Type | Description & Constraints |
---|---|---|---|---|
AuditEvent | I | 0..* | Event record kept for security purposes | |
id | Σ | 0..1 | id | Logical id of this artifact |
meta | Σ | 0..1 | Meta | Metadata about the resource |
implicitRules | ?!Σ | 0..1 | uri | A set of rules under which this content was created |
language | 0..1 | code | Language of the resource content Binding: Common Languages (extensible) | |
text | I | 0..1 | Narrative | Text summary of the resource, for human interpretation |
contained | 0..* | Resource | Contained, inline Resources | |
extension | 0..* | Extension | Additional Content defined by implementations | |
modifierExtension | ?! | 0..* | Extension | Extensions that cannot be ignored |
type | SΣ | 1..1 | Coding | Type/identifier of event Binding: Audit Event ID (extensible) |
subtype | SΣ | 0..* | Coding | More specific type/id for the event Binding: Audit Event Sub-Type (extensible) |
action | SΣ | 0..1 | code | Type of action performed during the event Binding: AuditEventAction (required) |
period | 0..1 | Period | When the activity occurred | |
recorded | SΣ | 1..1 | instant | Time when the event was recorded |
outcome | Σ | 0..1 | code | Whether the event succeeded or failed Binding: AuditEventOutcome (required) |
outcomeDesc | Σ | 0..1 | string | Description of the event outcome |
purposeOfEvent | SΣ | 0..* | CodeableConcept | The purposeOfUse of the event Binding: PurposeOfUse (extensible) |
agent | SI | 1..* | BackboneElement | Actor involved in the event |
id | 0..1 | string | xml:id (or equivalent in JSON) | |
extension | 0..* | Extension | Additional content defined by implementations | |
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored |
type | 0..1 | CodeableConcept | How agent participated Binding: ParticipationRoleType (extensible) | |
role | S | 0..* | CodeableConcept | Agent role in the event Binding: SecurityRoleType (example) |
reference | SΣ | 0..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | Direct reference to resource |
userId | SΣ | 0..1 | Identifier | Unique identifier for the user |
altId | 0..1 | string | Alternative User id e.g. authentication | |
name | 0..1 | string | Human-meaningful name for the agent | |
requestor | SΣ | 1..1 | boolean | Whether user is initiator |
location | S | 0..1 | Reference(Location) | Where |
policy | S | 0..* | uri | Policy that authorized event |
media | 0..1 | Coding | Type of media Binding: Media Type Code (extensible) | |
network | SI | 0..1 | BackboneElement | Logical network location for application activity |
id | 0..1 | string | xml:id (or equivalent in JSON) | |
extension | 0..* | Extension | Additional content defined by implementations | |
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored |
address | S | 0..1 | string | Identifier for the network access point of the user device |
type | S | 0..1 | code | The type of network access point Binding: AuditEventAgentNetworkType (required) |
purposeOfUse | S | 0..* | CodeableConcept | Reason given for this user Binding: PurposeOfUse (extensible) |
source | SI | 1..1 | BackboneElement | Audit Event Reporter |
id | 0..1 | string | xml:id (or equivalent in JSON) | |
extension | 0..* | Extension | Additional content defined by implementations | |
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored |
site | S | 0..1 | string | Logical source location within the enterprise |
identifier | SΣ | 1..1 | Identifier | The identity of source detecting the event |
type | S | 0..* | Coding | The type of source where event originated Binding: Audit Event Source Type (extensible) |
entity | SI | 0..* | BackboneElement | Data or objects used |
id | 0..1 | string | xml:id (or equivalent in JSON) | |
extension | 0..* | Extension | Additional content defined by implementations | |
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored |
identifier | SΣ | 0..1 | Identifier | Specific instance of object |
reference | SΣ | 0..1 | Reference(Resource) | Specific instance of resource |
type | S | 0..1 | Coding | Type of entity involved Binding: AuditEventEntityType (extensible) |
role | S | 0..1 | Coding | What role the entity played Binding: AuditEventEntityRole (extensible) |
lifecycle | S | 0..1 | Coding | Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible) |
securityLabel | S | 0..* | Coding | Security labels on the entity Binding: All Security Labels (extensible) |
name | ΣI | 0..1 | string | Descriptor for entity |
description | 0..1 | string | Descriptive text | |
query | ΣI | 0..1 | base64Binary | Query parameters |
detail | I | 0..* | BackboneElement | Additional Information about the entity |
id | 0..1 | string | xml:id (or equivalent in JSON) | |
extension | 0..* | Extension | Additional content defined by implementations | |
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored |
type | 1..1 | string | Name of the property | |
value[x] | 1..1 | string, base64Binary | Property value | |
Documentation for this format |
XML Template
<!-- EHRS FM Record Lifecycle Event - Audit Event --> <AuditEvent xmlns="http://hl7.org/fhir" > <!-- from Element: extension --> <id value="[id]"/><!-- 0..1 Logical id of this artifact --> <meta><!-- 0..1 Meta Metadata about the resource --></meta> <implicitRules value="[uri]"/><!-- 0..1 A set of rules under which this content was created --> <language value="[code]"/><!-- 0..1 Language of the resource content --> <text><!-- 0..1 Narrative Text summary of the resource, for human interpretation --></text> <contained><!-- 0..* Resource Contained, inline Resources --></contained> <modifierExtension><!-- 0..* Extension Extensions that cannot be ignored --></modifierExtension> <type><!-- 1..1 Coding Type/identifier of event --></type> <subtype><!-- 0..* Coding More specific type/id for the event --></subtype> <action value="[code]"/><!-- 0..1 Type of action performed during the event --> <period><!-- 0..1 Period When the activity occurred --></period> <recorded value="[instant]"/><!-- 1..1 Time when the event was recorded --> <outcome value="[code]"/><!-- 0..1 Whether the event succeeded or failed --> <outcomeDesc value="[string]"/><!-- 0..1 Description of the event outcome --> <purposeOfEvent><!-- 0..* CodeableConcept The purposeOfUse of the event --></purposeOfEvent> <agent> 1..* BackboneElement <!-- 1..* Actor involved in the event --> <modifierExtension><!-- 0..* Extension Extensions that cannot be ignored --></modifierExtension> <type><!-- 0..1 CodeableConcept How agent participated --></type> <role><!-- 0..* CodeableConcept Agent role in the event --></role> <reference><!-- 0..1 Reference(PractitionerRole) Direct reference to resource --></reference> <userId><!-- 0..1 Identifier Unique identifier for the user --></userId> <altId value="[string]"/><!-- 0..1 Alternative User id e.g. authentication --> <name value="[string]"/><!-- 0..1 Human-meaningful name for the agent --> <requestor value="[boolean]"/><!-- 1..1 Whether user is initiator --> <location><!-- 0..1 Reference(Location) Where --></location> <policy value="[uri]"/><!-- 0..* Policy that authorized event --> <media><!-- 0..1 Coding Type of media --></media> <network> 0..1 BackboneElement <!-- 0..1 Logical network location for application activity --> <modifierExtension><!-- 0..* Extension Extensions that cannot be ignored --></modifierExtension> <address value="[string]"/><!-- 0..1 Identifier for the network access point of the user device --> <type value="[code]"/><!-- 0..1 The type of network access point --> </network> <purposeOfUse><!-- 0..* CodeableConcept Reason given for this user --></purposeOfUse> </agent> <source> 1..1 BackboneElement <!-- 1..1 Audit Event Reporter --> <modifierExtension><!-- 0..* Extension Extensions that cannot be ignored --></modifierExtension> <site value="[string]"/><!-- 0..1 Logical source location within the enterprise --> <identifier><!-- 1..1 Identifier The identity of source detecting the event --></identifier> <type><!-- 0..* Coding The type of source where event originated --></type> </source> <entity> 0..* BackboneElement <!-- 0..* Data or objects used --> <modifierExtension><!-- 0..* Extension Extensions that cannot be ignored --></modifierExtension> <identifier><!-- 0..1 Identifier Specific instance of object --></identifier> <reference><!-- 0..1 Reference(Resource) Specific instance of resource --></reference> <type><!-- 0..1 Coding Type of entity involved --></type> <role><!-- 0..1 Coding What role the entity played --></role> <lifecycle><!-- 0..1 Coding Life-cycle stage for the entity --></lifecycle> <securityLabel><!-- 0..* Coding Security labels on the entity --></securityLabel> <name value="[string]"/><!-- 0..1 Descriptor for entity --> <description value="[string]"/><!-- 0..1 Descriptive text --> <query value="[base64Binary]"/><!-- 0..1 Query parameters --> <detail> 0..* BackboneElement <!-- 0..* Additional Information about the entity --> <modifierExtension><!-- 0..* Extension Extensions that cannot be ignored --></modifierExtension> <type value="[string]"/><!-- 1..1 Name of the property --> <value[x]><!-- 1..1 string|base64Binary Property value --></value[x]> </detail> </entity> </AuditEvent>
JSON Template
{ // EHRS FM Record Lifecycle Event - Audit Event // from Element: extension "meta" : { Meta }, //Metadata about the resource "implicitRules" : "<uri>", //A set of rules under which this content was created "language" : "<code>", //Language of the resource content "text" : { Narrative }, //Text summary of the resource, for human interpretation "contained" : [{ Resource }], //Contained, inline Resources "modifierExtension" : [{ Extension }], //Extensions that cannot be ignored "type" : { Coding }, // R! Type/identifier of event "subtype" : [{ Coding }], //More specific type/id for the event "action" : "<code>", //Type of action performed during the event "period" : { Period }, //When the activity occurred "recorded" : "<instant>", // R! Time when the event was recorded "outcome" : "<code>", //Whether the event succeeded or failed "outcomeDesc" : "<string>", //Description of the event outcome "purposeOfEvent" : [{ CodeableConcept }], //The purposeOfUse of the event "agent" : [{ BackboneElement }], // C? R! Actor involved in the event "source" : { BackboneElement }, // C? R! Audit Event Reporter "entity" : [{ BackboneElement }] // C?Data or objects used }
Alternate definitions: Master Definition (XML, JSON), Schematron
Path | Name | Conformance | ValueSet |
AuditEvent.language | Common Languages | extensible | Common Languages |
AuditEvent.type | Audit Event ID | extensible | Audit Event ID |
AuditEvent.subtype | Audit Event Sub-Type | extensible | Audit Event Sub-Type |
AuditEvent.action | AuditEventAction | required | AuditEventAction |
AuditEvent.outcome | AuditEventOutcome | required | AuditEventOutcome |
AuditEvent.purposeOfEvent | PurposeOfUse | extensible | PurposeOfUse |
AuditEvent.agent.type | ParticipationRoleType | extensible | ParticipationRoleType |
AuditEvent.agent.role | SecurityRoleType | example | SecurityRoleType |
AuditEvent.agent.media | Media Type Code | extensible | Media Type Code |
AuditEvent.agent.network.type | AuditEventAgentNetworkType | required | AuditEventAgentNetworkType |
AuditEvent.agent.purposeOfUse | PurposeOfUse | extensible | PurposeOfUse |
AuditEvent.source.type | Audit Event Source Type | extensible | Audit Event Source Type |
AuditEvent.entity.type | AuditEventEntityType | extensible | AuditEventEntityType |
AuditEvent.entity.role | AuditEventEntityRole | extensible | AuditEventEntityRole |
AuditEvent.entity.lifecycle | ?ext | extensible | object-lifecycle-events |
AuditEvent.entity.securityLabel | All Security Labels | extensible | All Security Labels |