Hi OpenMrs community!
I am Chinmay Chaudhari , a GSOC applicant working on the Extend Audit Log Module project .
What I’m working on
The currrent module tracks only create , update and delete (CUD) operations using Hibernate Envers. I am proposing to extend it to include:
- Read/View Auditing — track when users view patient records using Spring AOP
- Security Event Tracking — capture login,logout and failed login attempts using Spring Security Events
- Admin Action Tracking — record Global Property changes using Spring Application Events
- Clinical Working Auditing — track orders and encounters using Spring AOP
- Extended REST API — new endpoints for each event category
My approach
- Use Spring AOP to intercept service-layer methods (like getPatient())
- Use Spring Security Events for authentication tracking
- Use Spring Application Events for admin actions
Each event type will have its own service, DAO and table,separate from the existing Envers layer
Current progress
- Analyzed the existing module and codebase
- Drafted the GSoC proposal
- Designed architecture
- Started working on PoC
I would appreciate any feedback on this approach.