User Logging

User Logging

This page serves as a high level reference guide to what .decimal logs for user interactions with our software. There are 3 different sections detailed here for the use cases of user logging:

User Authentication for Auth0: .decimal uses Auth0 as its user authentication service. As such Auht0 maintains the user login logs for every user.
Customer Applications: Customer Applications include .decimal developed applications used by end clinical users that are downloaded and installed on the customer's local computers.
decimal Direct: Users will interact with the decimal Direct website to perform certain tasks. These interactions are logged for each user. In addition, Customer Applications connect to decimal Direct and some actions of the application may be logged.

User Authentication (Auth0)

Note: This section is applicable to Auth0 user logins only.

Auth0 user logins use the user's email as the user name. If your username is not an email you have a legacy login and this section is not applicable.

.decimal uses Auth0 as its user authentication service. Auth0 logs user actions including:

Successful & Failed Logins
Successful Logouts
Blocked Account (after too many login attempts)

Note: These logs are not directly accessible by end users, but may be provided by .decimal staff upon request.

See below for example logs for common Auth0 events:

Successful_login.json

{
    "date": "2022-05-11T12:13:02.783Z",
    "type": "Success Exchange",
    "client_id": "<REDACTED>",
    "client_name": "decimal Launcher",
    "ip": "<REDACTED>",
    "user_agent": "Electron 5.0.13 / Windows 10.0.0",
    "hostname": "dotdecimal.us.auth0.com",
    "user_id": "<REDACTED>",
    "user_name": "<REDACTED>",
    "isMobile": false,
}

Incorrect_password.json

{
    "date": "2022-05-11T13:24:10.066Z",
    "description": "Wrong email or password.",
    "connection": "decimal",
    "client_name": "decimal Launcher",
    "ip": "<REDACTED>",
    "user_agent": "Electron 5.0.13 / Windows 10.0.0",
    "details": {
    "error": {
      "message": "Wrong email or password."
    }
    },
    "user_id": "<REDACTED>",
    "user_name": "<REDACTED>",
    "isMobile": false
}

Blocked_user.json

{
    "date": "2022-05-11T13:54:35.190Z",
    "description": "User (<REDACTED>) attempted 10 consecutive logins unsuccessfully. Brute force protection is enabled for this connection, further attempts are blocked from this IP address for this user.",
    "connection": "decimal",
    "connection_id": "<REDACTED>",
    "client_id": "<REDACTED>",
    "ip": "<REDACTED>",
    "user_agent": "Electron 5.0.13 / Windows 10.0.0",
    "hostname": "dotdecimal.us.auth0.com",
    "user_id": "",
    "user_name": "<REDACTED>",
    "isMobile": false
}

Customer Applications

Customer Applications include .decimal developed applications used by end clinical users that are downloaded and installed on the customer's local computers. These may include, but are not limited to: p.d, decimal3D, decimal Launcher, and decimal eRT. See each application below for an example activity log.

p.d

p.d logs the local user activity and records the following information to its local application database:

Log Item	Description
username	The username/email of the user performing the action
patientName	An encrypted string for the patient the log entry applies to
medicalRecordNumber	An encrypted string for the patient's MRN the log entry applies to
uniquePlanName	An encrypted string for the plan the log entry applies to
planName	An encrypted string for the plan the log entry applies to
logDate	The local date time of the log entry
logEvent	The event that the log entry is for. logEvents include, but are not limited to: -User log in -User log out -Plan Open -Plan Save -Plan Close -Order placed to decimal Direct -Local and DICOM AE file export (e.g.: DICOM) -Patient deletion

If on p.d 5.4.5 or later these logs may be exported from the About menu within p.d to the designated Data folder in the p.d settings. A new Logs folder will be created that contain the unencrypted user logs.
Otherwise these logs may be exported to a local text file only by a .decimal administrator. For assistance exporting the logs please contact .decimal support.

decimal3D

decimal3D logs the local user activity and records the following information to its local application database. This information is exportable from the Advanced menu option within the application.

Log Item	Description
User ID	The username/email of the user performing the action
Action	The action the user performed (see below for an itemized list)
Date/Time	The local date time the action was performed. Actions include, but are not limited to: -User log in attempts -User log in success/fail -User log out -View patients list -View patient info (including patient MRN) -Create new scans/contours -Orders placed to decimal Direct (including beam name) -Local and AE file exports (e.g.: DICOM) -Patient deletion

decimal eRT

decimal eRT logs the local user activity and records the following information to its local patient database. This information is exportable from the Organization Configuration → Export Logs block within the application.

Log Item	Description
Hardware ID	Local Windows computer name
ID	The ID of the corresponding Data Type of the log entry
Date	The date time of the log entry
Log Event	The event that was logged. Log Event's include, but are not limited to: -Import Patients -View Patients -Open Patients -Import Courses -Update Course -Create Plans -Update Plans -Clone Plans -Open Plans -Update Organization -Export DICOM files locally -Export DICOM files to AE service -Approve Plans -Order files to decimal Direct -Export Reports
Data Type	What data caused to the log entry. Data Type's include, but are not limited to: -Application (root level interactions without a specific data to link to) -Organization -Patient -Course -Plan -Export -Order
Username	The users first and last name that caused the log entry

decimal Direct

Users will interact with the decimal Direct website to perform certain tasks. For each logged interaction in Direct the following is recorded:

Log Item	Description
UserID	Internal .decimal user ID that links to a user
Log Route	The API route (i.e.: action taken) for the log
Parameters	The parameters of the action
TimeStamp	The data time (as Eastern Time) of the action

See below for the outline of what user interactions are recorded.

Normal User Interactions

A normal user interaction includes any non-elevated user tasks that are performed. Normal user interactions that are logged include:

Log Category	Log Event
Login (legacy non-Auth0 users only)	Login attempt
Login (legacy non-Auth0 users only)	Login success/fail
Ordering	Order File Upload
Ordering	Order Placed
User Preferences	Email Notifications Changed
User Preferences	Password changed (legacy non-Auth0 users only)

Manager Interactions

A manager user interaction includes any elevated user tasks that are performed by the site manager within the Management pages. Manager user interactions that are logged include:

Log Event	Captured Data
Site Management	Site Info (address) Update
Application Management	Version Change
User Management	User Add
	User Remove
	User Info Edit
	User Permissions Edit

Application Integrations

Other .decimal applications that connect to decimal Direct and .decimal logs some integration connections for diagnostic trouble shooting. These interactions include and capture:

Log Event	Captured Data
Application Login	User
	Date Time
	Site ID
	Application
Website Legacy User Login	User
Website Legacy User Login	Date Time
Website Auth0 User Login	User
Website Auth0 User Login	Date Time

Table of Contents