Admin Audit Events Overview - hmislk/hmis GitHub Wiki

Audit Events — Overview and Viewing

Overview

The Audit Events system records a timestamped log of who changed what, and when, across key entities in HMIS. Every create, update, activate, and deactivate operation on departments, institutions, and other managed entities writes an audit event. This provides full traceability for compliance, troubleshooting, and governance.

When to Use

  • Investigating when a department was deactivated and who did it
  • Verifying that a configuration change was made
  • Compliance audits requiring change history
  • Tracing the source of an unexpected system state

What Is Audited

The following events are captured:

Action Example Event
Create "Create Department"
Update "Update Department"
Delete "Delete Department"
Activate "Activate Department"
Deactivate "Deactivate Department"

Similar event types exist for institutions, sites, and other audited entities.

Person (practitioner) demographic edits are also audited: editing a Staff, Doctor, or Consultant's underlying Person record raises a createPerson or updatePerson event with before/after values for name, date of birth, NIC, and other demographic fields. See Audit Trail on Practitioner Records for details.

Navigating to Audit Events

All audit events (system-wide): Navigate to AdministrationManage Metadata → Data Administration → All Audit Events

Department-specific:

  1. Click AdministrationManage InstitutionsDepartments
  2. Select a department
  3. Click History from the action buttons

Institution-specific: Navigate to Institution management and click History on the selected institution

Site-specific: From Site Management, select a site and click History

The Audit Event Table

Each audit event record shows:

Column Description
ID Internal record identifier
Date / Time When the event occurred
Action The event type — colour-coded: green=Create, yellow=Update, red=Delete, teal=Activate, grey=Deactivate
User The username of the person who made the change
Changes A diff showing what fields changed and their before/after values
Status Completed (green), Failed (red), or Pending (yellow)
IP Address Network address of the device used

Click Refresh Events to reload the latest events.

Filtering and Searching

The audit table supports pagination. Click column headings to sort. The table loads with 20 events per page by default; use the paginator to change to 10, 50, or 100 per page.

Department Audit Details

When viewing department audit events, the top section shows the department's current state:

  • Name, Code
  • Status (Active / Inactive badge)
  • Department Type
  • Institution and Site
  • Total number of audit events

Technical Notes (Admin/Developer)

Audit events are stored as AuditEvent entities. The eventTrigger field holds the action name. The difference field holds a diff string comparing old and new values. The webUserId field stores who made the change (resolved to a name via webUserController.findWebUserNameWithTitleById()). AuditEventApplicationController handles async logging via @Asynchronous EJB. departmentController.fillDepartmentAuditEvents() loads department-specific events.

Related Features