This is an old revision of the document!
Table of Contents
User Logging
This page serves as a high level reference guide to what .decimal logs for user interactions with our software. There are 3 difference sections detailed here:
- User Authentication for Auth0: .decimal uses Auth0 as it's user authentication service. As such Auht0 maintains the user login logs for every user.
- Customer Applications: Customer Applications include .decimal developed applications used by end clinical users that are downloaded and installed on the customer's local computers.
- decimal Direct: Users will interact with the decimal Direct website to perform certain tasks. These interactions are logged for each user. In addition, Customer Applications connect to decimal Direct and some actions of the application may be logged.
See each section below
User Authentication (Auth0)
.decimal uses Auth0 as it's user authentication service. Auth0 provides users logs including:
- Successful & Failed Logins
- Successful Logouts
- Blocked Account (after too many login attempts)
See below for example logs for common Auth0 events:
- Successful_login.json
{ "date": "2022-05-11T12:13:02.783Z", "type": "Success Exchange", "description": "", "connection_id": "", "client_id": "<REDACTED>", "client_name": "decimal Launcher", "ip": "<REDACTED>", "user_agent": "Electron 5.0.13 / Windows 10.0.0", "details": { "code": "<REDACTED>" }, "hostname": "dotdecimal.us.auth0.com", "user_id": "<REDACTED>", "user_name": "<REDACTED>", "log_id": "<REDACTED>", "_id": "<REDACTED>", "isMobile": false, "type_code": "seacft", "os": "Windows 0.0.0", "os_version": "0.0.0", "device": "Other 0.0.0", "device_version": "0.0.0" }
- Incorrect_password.json
{ "date": "2022-05-11T13:24:10.066Z", "type": "fp", "description": "Wrong email or password.", "connection": "decimal", "connection_id": "<REDACTED>", "client_id": "<REDACTED>", "client_name": "decimal Launcher", "ip": "<REDACTED>", "user_agent": "Electron 5.0.13 / Windows 10.0.0", "details": { "error": { "message": "Wrong email or password." } }, "user_id": "<REDACTED>", "user_name": "<REDACTED>", "strategy": "auth0", "strategy_type": "database", "log_id": "<REDACTED>", "_id": "<REDACTED>", "isMobile": false }
- Blocked_user.json
{ "date": "2022-05-11T13:54:35.190Z", "type": "limit_wc", "description": "User (<REDACTED>) attempted 10 consecutive logins unsuccessfully. Brute force protection is enabled for this connection, further attempts are blocked from this IP address for this user.", "connection": "decimal", "connection_id": "<REDACTED>", "client_id": "<REDACTED>", "ip": "68.202.104.120", "user_agent": "Electron 5.0.13 / Windows 10.0.0", "hostname": "dotdecimal.us.auth0.com", "user_id": "", "user_name": "<REDACTED>", "log_id": "<REDACTED>", "_id": "<REDACTED>", "isMobile": false }
Customer Applications
Customer Applications include .decimal developed applications used by end clinical users that are downloaded and installed on the customer's local computers. These may include, but are not limited to: p.d, decimal3D, decimal Launcher, and decimal eRT. See each application below for an example activity log.
p.d
p.d logs the local user activity and records the following information to it's local patient database:
| Log Item | Description |
|---|---|
| username | The username/email of the user performing the action |
| patientName | An encrypted string for the patient the log entry applies to |
| medicalRecordNumber | An encrypted string for the patient the log entry applies to |
| uniquePlanName | An encrypted string for the plan the log entry applies to |
| planName | An encrypted string for the plan the log entry applies to |
| logDate | The local date time of the log entry |
| logEvent | The event that the log entry is for |
logEvents include, but are not limited to:
- User log in
- User log out
- Plan Opens
- Plan Saves
- Plan Closes
- Orders placed to decimal Direct
- Local and DICOM AE file exports (e.g.: DICOM)
- Patient deletion
decimal3D
decimal3D logs the local user activity and records the following information to it's local patient database. This information is exportable from the Advanced menu option within the application.
| Log Item | Description |
|---|---|
| User ID | The username/email of the user performing the action |
| Action | The action the user performed |
| Date/Time | The local date time the action was performed |
Actions include, but are not limited to:
- User log in attempts
- User log in success/fail
- User log out
- View patients list
- View patient info (including patient MRN)
- Create new scans/contours
- Orders placed to decimal Direct (including beam name)
- Local and AE file exports (e.g.: DICOM)
- Patient deletion
decimal eRT
decimal eRT logs the local user activity and records the following information to it's local patient database. This information is exportable from the Organization Configuration → Export Logs block within the application.
| Log Item | Description |
|---|---|
| Hardware ID | Local Windows computer name |
| ID | The ID of the corresponding Data Type of the log entry |
| Date | The date time of the log entry |
| Log Event | The even that was logged |
| Data Type | What data caused to the log entry |
| Username | The users first and last name that caused the log entry |
Log Event's include, but are not limited to:
- Import Patients
- View Patients
- Open Patients
- Import Courses
- Update Course
- Create Plans
- Update Plans
- Clone Plans
- Open Plans
- Update Organization
- Export DICOM files locally
- Export DICOM files to AE service
- Approve Plans
- Order files to decimal Direct
- Export Reports
Data Type's include, but are not limited to:
- Application (root level interactions without a specific data to link to)
- Organization
- Patient
- Course
- Plan
- Export
- Order