Differences

This shows you the differences between two versions of the page.

--- support:user_logging [2022/05/11 15:11] – [Normal User Interactions] dpatenaude
+++ support:user_logging [2022/05/24 19:20] (current) – [p.d] dpatenaude
@@ Line 1: / Line 1: @@
 ====== User Logging ======
-This page serves as a high level reference guide to what .decimal logs for user interactions with our software. There are 3 difference sections detailed here:
+This page serves as a high level reference guide to what .decimal logs for user interactions with our software. There are 3 different sections detailed here for the use cases of user logging:
-  - **[[support:user_logging#user_authentication_auth0|User Authentication for Auth0]]:** .decimal uses [[https://auth0.com/|Auth0]] as it's user authentication service. As such Auht0 maintains the user login logs for every user.
+  - **[[support:user_logging#user_authentication_auth0|User Authentication for Auth0]]:** .decimal uses [[https://auth0.com/|Auth0]] as its user authentication service. As such Auht0 maintains the user login logs for every user.
   - **[[support:user_logging#customer_applications|Customer Applications]]:** Customer Applications include .decimal developed applications used by end clinical users that are downloaded and installed on the customer's local computers.
   - **[[support:user_logging#decimal_direct|decimal Direct]]:** Users will interact with the decimal Direct website to perform certain tasks. These interactions are logged for each user. In addition, Customer Applications connect to decimal Direct and some actions of the application may be logged.
@@ Line 15: / Line 15: @@
-.decimal uses [[https://auth0.com/|Auth0]] as it's user authentication service. Auth0 provides users logs including:
+.decimal uses [[https://auth0.com/|Auth0]] as its user authentication service. Auth0 logs user actions including:
   * Successful & Failed Logins
   * Successful Logouts
   * Blocked Account (after too many login attempts)
+Note: These logs are not directly accessible by end users, but may be provided by .decimal staff upon request.
 See below for example logs for common Auth0 events:
@@ Line 26: / Line 28: @@
     "date": "2022-05-11T12:13:02.783Z",
     "type": "Success Exchange",
-    "description": "",
-    "connection_id": "",
     "client_id": "<REDACTED>",
     "client_name": "decimal Launcher",
     "ip": "<REDACTED>",
     "user_agent": "Electron 5.0.13 / Windows 10.0.0",
-    "details":
-    {
-        "code": "<REDACTED>"
-    },
     "hostname": "dotdecimal.us.auth0.com",
     "user_id": "<REDACTED>",
     "user_name": "<REDACTED>",
-    "log_id": "<REDACTED>",
-    "_id": "<REDACTED>",
     "isMobile": false,
-    "type_code": "seacft",
-    "os": "Windows 0.0.0",
-    "os_version": "0.0.0",
-    "device": "Other 0.0.0",
-    "device_version": "0.0.0"
 }
 </code>
@@ Line 53: / Line 42: @@
 {
     "date": "2022-05-11T13:24:10.066Z",
-    "type": "fp",
     "description": "Wrong email or password.",
     "connection": "decimal",
-    "connection_id": "<REDACTED>",
-    "client_id": "<REDACTED>",
     "client_name": "decimal Launcher",
     "ip": "<REDACTED>",
@@ Line 68: / Line 54: @@
     "user_id": "<REDACTED>",
     "user_name": "<REDACTED>",
-    "strategy": "auth0",
-    "strategy_type": "database",
-    "log_id": "<REDACTED>",
-    "_id": "<REDACTED>",
     "isMobile": false
 }
@@ Line 80: / Line 62: @@
 {
     "date": "2022-05-11T13:54:35.190Z",
-    "type": "limit_wc",
     "description": "User (<REDACTED>) attempted 10 consecutive logins unsuccessfully. Brute force protection is enabled for this connection, further attempts are blocked from this IP address for this user.",
     "connection": "decimal",
     "connection_id": "<REDACTED>",
     "client_id": "<REDACTED>",
-    "ip": "68.202.104.120",
+    "ip": "<REDACTED>",
     "user_agent": "Electron 5.0.13 / Windows 10.0.0",
     "hostname": "dotdecimal.us.auth0.com",
     "user_id": "",
     "user_name": "<REDACTED>",
-    "log_id": "<REDACTED>",
-    "_id": "<REDACTED>",
     "isMobile": false
 }
@@ Line 104: / Line 83: @@
 ==== p.d ====
-p.d logs the local user activity and records the following information to it's local patient database:
+p.d logs the local user activity and records the following information to its local application database:
 ^ Log Item ^ Description ^
 | username | The username/email of the user performing the action |
 | patientName | An encrypted string  for the patient the log entry applies to |
-| medicalRecordNumber | An encrypted string for the patient the log entry applies to |
+| medicalRecordNumber | An encrypted string for the patient's MRN the log entry applies to |
 | uniquePlanName | An encrypted string for the plan the log entry applies to |
 | planName | An encrypted string for the plan the log entry applies to |
 | logDate | The local date time of the log entry |
-| logEvent | The event that the log entry is for |
+| logEvent | The event that the log entry is for. logEvents include, but are not limited to: \\ -User log in \\ -User log out \\ -Plan Open \\ -Plan Save \\ -Plan Close \\ -Order placed to decimal Direct \\ -Local and DICOM AE file export (e.g.: DICOM) \\ -Patient deletion |
-logEvents include, but are not limited to:
+  * If on p.d 5.4.5 or later these logs may be exported from the About menu within p.d to the designated Data folder in the p.d settings. A new Logs folder will be created that contain the unencrypted user logs.
-  * User log in
+  * Otherwise these logs may be exported to a local text file only by a .decimal administrator. For assistance exporting the logs please contact .decimal support.
-  * User log out
-  * Plan Opens
-  * Plan Saves
-  * Plan Closes
-  * Orders placed to decimal Direct
-  * Local and DICOM AE file exports (e.g.: DICOM)
-  * Patient deletion
 ==== decimal3D ====
-[[decimal3d:decimal3d|decimal3D]] logs the local user activity and records the following information to it's local patient database. This information is exportable from the Advanced menu option within the application.
+[[decimal3d:decimal3d|decimal3D]] logs the local user activity and records the following information to its local application database. This information is exportable from the Advanced menu option within the application.
 ^ Log Item ^ Description ^
 | User ID | The username/email of the user performing the action |
-| Action  | The action the user performed |
+| Action  | The action the user performed (see below for an itemized list) |
-| Date/Time | The local date time the action was performed |
+| Date/Time | The local date time the action was performed. Actions include, but are not limited to: \\ -User log in attempts\\ -User log in success/fail\\ -User log out\\ -View patients list\\ -View patient info (including patient MRN)\\ -Create new scans/contours\\ -Orders placed to decimal Direct (including beam name)\\ -Local and AE file exports (e.g.: DICOM)\\ -Patient deletion |
-Actions include, but are not limited to:
-  * User log in attempts
-  * User log in success/fail
-  * User log out
-  * View patients list
-  * View patient info (including patient MRN)
-  * Create new scans/contours
-  * Orders placed to decimal Direct (including beam name)
-  * Local and AE file exports (e.g.: DICOM)
-  * Patient deletion
 ==== decimal eRT ====
-[[electronrt:electronrt|decimal eRT]] logs the local user activity and records the following information to it's local patient database. This information is exportable from the Organization Configuration -> Export Logs block within the application.
+[[electronrt:electronrt|decimal eRT]] logs the local user activity and records the following information to its local patient database. This information is exportable from the Organization Configuration -> Export Logs block within the application.
 ^ Log Item ^ Description ^
@@ Line 153: / Line 114: @@
 | ID | The ID of the corresponding Data Type of the log entry |
 | Date | The date time of the log entry |
-| Log Event | The even that was logged |
+| Log Event | The event that was logged. Log Event's include, but are not limited to: \\ -Import Patients\\ -View Patients\\ -Open Patients\\ -Import Courses\\ -Update Course\\ -Create Plans\\ -Update Plans\\ -Clone Plans\\ -Open Plans\\ -Update Organization\\ -Export DICOM files locally\\ -Export DICOM files to AE service\\ -Approve Plans\\ -Order files to decimal Direct\\ -Export Reports|
-| Data Type | What data caused to the log entry |
+| Data Type | What data caused to the log entry. Data Type's include, but are not limited to: \\ -Application (root level interactions without a specific data to link to)\\ -Organization\\ -Patient\\ -Course\\ -Plan\\ -Export\\ -Order |
 | Username | The users first and last name that caused the log entry |
-Log Event's include, but are not limited to:
-  * Import Patients
-  * View Patients
-  * Open Patients
-  * Import Courses
-  * Update Course
-  * Create Plans
-  * Update Plans
-  * Clone Plans
-  * Open Plans
-  * Update Organization
-  * Export DICOM files locally
-  * Export DICOM files to AE service
-  * Approve Plans
-  * Order files to decimal Direct
-  * Export Reports
-Data Type's include, but are not limited to:
-  * Application (root level interactions without a specific data to link to)
-  * Organization
-  * Patient
-  * Course
-  * Plan
-  * Export
-  * Order
 -----------------------------------------------------------------
@@ Line 186: / Line 123: @@
 ===== decimal Direct =====
-Users will interact with the decimal Direct website to perform certain tasks.
+Users will interact with the decimal Direct website to perform certain tasks. For each logged interaction in Direct the following is recorded:
-For each logged interaction in Direct the following is recorded:
 ^ Log Item ^ Description ^
@@ Line 196: / Line 131: @@
 | TimeStamp | The data time (as Eastern Time) of the action |
+See below for the outline of what user interactions are recorded.
 ==== Normal User Interactions ====
 A normal user interaction includes any non-elevated user tasks that are performed. Normal user interactions that are logged include:
-  * **Login** (legacy non-Auth0 users only)
-    * Login attempt
-    * Login success/fail
-  * **Ordering**
-    * Order File Upload
-    * Order Placed
-  * **User Preferences**
-    * Email Notifications
-    * Password change (legacy non-Auth0 users only)
+^ Log Category ^ Log Event ^
+| Login (legacy non-Auth0 users only) | Login attempt |
+| ::: | Login success/fail |
+| Ordering | Order File Upload |
+| ::: | Order Placed |
+| User Preferences | Email Notifications Changed |
+| ::: | Password changed (legacy non-Auth0 users only) |
 ==== Manager Interactions ====
+A manager user interaction includes any elevated user tasks that are performed by the site manager within the Management pages. Manager user interactions that are logged include:
+^ Log Event ^ Captured Data ^
+| Site Management | Site Info (address) Update |
+| Application Management | Version Change |
+| User Management | User Add |
+| ::: | User Remove |
+| ::: | User Info Edit |
+| ::: | User Permissions Edit |
 ==== Application Integrations ====
+Other .decimal applications that connect to decimal Direct and .decimal logs some integration connections for diagnostic trouble shooting. These interactions include and capture:
+^ Log Event ^ Captured Data ^
+| Application Login | User |
+| ::: | Date Time |
+| ::: | Site ID |
+| ::: | Application |
+| Website Legacy User Login | User |
+| ::: | Date Time |
+| Website Auth0 User Login | User |
+| ::: | Date Time |