A.5.3.2 Audit Log Used

A.5.3.2 Audit Log Used (Current)
Prev	A.5.3 DICOM Specific Audit Messages	Next

This message describes the event of a person or process reading a log of audit trail information.

Note

For example, an implementation that maintains a local cache of audit information that has not been transferred to a central collection point might generate this message if its local cache were accessed by a user.

Table A.5.3.2-1. Audit Log Used Message

Real-World Entities	Field Name	Opt.	Value Constraints
Event: EventIdentification	EventID	M	EV (110101, DCM, "Audit Log Used")
	EventActionCode	M	Shall be: R read
	EventDateTime	M	Not specialized.
	EventOutcomeIndicator	M	Not specialized.
	EventTypeCode	U	Not specialized.
Active Participant: ActiveParticipant Person and or process that started the Application (1..2)	UserID	M	The person or process accessing the audit trail. If both are known, then two active participants shall be included (both the person and the process).
	AlternativeUserID	U	Not specialized.
	UserName	U	Not specialized.
	UserIsRequestor	M	Not specialized.
	RoleIDCode	U	Not specialized.
	NetworkAccessPointTypeCode	U	Not specialized.
	NetworkAccessPointID	U	Not specialized.
Participant Object: ParticipantObjectIdentification Identity of the audit log (1)	ParticipantObjectTypeCode	M	Shall be: 2 System Object
	ParticipantObjectTypeCodeRole	M	Shall be: 13 Security Resource
	ParticipantObjectDataLifeCycle	U	Not specialized.
	ParticipantObjectIDTypeCode	M	Shall be: 12 URI
	ParticipantObjectSensitivity	U	Not specialized.
	ParticipantObjectID	M	The URI of the audit log.
	ParticipantObjectName	M	Shall be: Security Audit Log
	ParticipantObjectDetail	U	Not specialized.
	ParticipantObjectDescription	U	Not specialized.
	SOPClass	U	See Section A.5.2.
	Accession	U	See Section A.5.2.
	NumberOfInstances	U	See Section A.5.2.
	Instances	U	See Section A.5.2.
	Encrypted	U	See Section A.5.2.
	Anonymized	U	See Section A.5.2.
	ParticipantObjectContainsStudy	U	See Section A.5.2.