Aidbox automatically logs all auth, API, database, and network events, so in most cases basic audit logs may be derived from Aidbox logs.
In rare cases, Aidbox logs are not enough for auditing. For instance, you'd like to track business-relevant events that happen outside of Aidbox control.
{% hint style="info" %} Example. You may use the same patient search operation
GET /Patient?_sort=-lastUpdated&_count=100
to show it on UI and for making reports. And from an audit perspective, you may consider it as different events. {% endhint %}
In this case, you may consider two options Aidbox provides.
Aidbox provides comprehensive FHIR API for AuditEvent from FHIR Security ecosystem.
{% content-ref url="audit-logging.md" %} audit-logging.md {% endcontent-ref %}
Aidbox allows you to enhance logs with your data and push your logs into Aidbox stream along with its internal logs.
{% content-ref url="../observability/logging-and-audit/extending-access-logs.md" %} extending-access-logs.md {% endcontent-ref %}