Short Description
Send an audit messages to a Audit Record Repository
Goal
This test verifies the required
steps for a Secure Node or Secure Application send an Audit Message to an Audit
Record Repository.
Tested Components
- Secure Node or Secure Application (SN or SA)
- Audit Record Repository (ARR)
Prerequisite
A Secure Node
or Secure Application must send audit messages to a vendor's Audit Record Repository using
the SYSLOG protocol; a tool is not a valid partner for this test
Which Audit-Message XSD Schema is required? :
·
More
Information to the DICOM schema can be found here.
Description
The purpose of the ATNA_Logging test is for your ATNA Secure Node or Secure Application to send one or more audit messages to an Audit Record Repository.
The type of audit message depends on the nature of the Secure Node/Application.
The top priority for audit testing would be an event that involves access to a Document that would result in an audit message that includes a Patient ID.
If the Secure Node or Secure Application does not generate an audit message that includes a patient ID, we will accept a different audit message.
Only SYSLOG UDP or SYSLOG TLS over TCP is allowed
Evidence
The verification of the audit messages that are exchanged in this test is not necessary.
That kind of verification is already done in the ATNA_Questionnaire test.
Evidence provided by the SN/SA:
- XML of the Audit Message send
- If you can trigger a non-message action (Login/Logout) please attach this XML too
Evidence provided by the ARR:
- If the ARR has a User Interface please present the received audit messages.
- Otherwise the ARR is asked to paste log evidence, database evidence, or a screen capture
Evaluation
In order to verify the test the Connectathon monitor will ask the following:
• The monitor will be able to confirm that what was sent by the SN and SA has been received and stored on the ARR.