### Challenge One - Creating a Basic FHIR Audit and Logging Table.

Install the IRIS DB-API driver needed to get access IRIS for Health

In [1]:
! uv add intersystems_irispython-3.2.0-py3-none-any.whl

[2K[2mResolved [1m37 packages[0m [2min 2ms[0m[0m                                          [0m
[2mAudited [1m35 packages[0m [2min 0.09ms[0m[0m


Add pandas, numpy, and matplotlib to Python Packages for this Lesson

In [2]:
! uv add pandas numpy

[2mResolved [1m37 packages[0m [2min 1ms[0m[0m
[2mAudited [1m35 packages[0m [2min 0.02ms[0m[0m


In [3]:
%pip install matplotlib

Note: you may need to restart the kernel to use updated packages.


Import libraries

In [4]:
import os,sys
import warnings
warnings.simplefilter(action='ignore')
import iris
import pandas as pd
import numpy as np
import matplotlib.pyplot as plt
from datetime import datetime

Build connection to our demo namespace

In [5]:
connection_string = "127.0.0.1:1972/DEMO"
username = "_system"
password = "ISCDEMO"
connection = iris.connect(connection_string, username, password)

#### Check if a table exists before creating it

In [25]:
def table_exists(cur, table_name: str) -> bool:
    """
    Return True if a table with the given name exists in the namespace (any schema).
    IRIS stores unquoted identifiers in uppercase in the catalog.
    """
    cur.execute("""
        SELECT 1
        FROM INFORMATION_SCHEMA.TABLES
        WHERE UPPER(TABLE_NAME) = ?
        """, (table_name.upper(),))
    return cur.fetchone() is not None


#### Create Core Audit/Logging Table

In [26]:
## Schema: AUDIT
def create_audit_schema():
  ## use the connection we created above 
  try:
        cur = connection.cursor()
        tablename = "Audit.FHIR_LOGS"
        if table_exists(cur, tablename):
            print(f"Table {tablename} already exists.")
            return
        else:
            print(f"Table {tablename} does not exist. Creating it now...")
            table_schema = f"""CREATE TABLE {tablename} (
            log_id BIGINT AUTO_INCREMENT PRIMARY KEY,
            event_ts TIMESTAMP NOT NULL, 
            client_ip VARCHAR(64),
            kong_node VARCHAR(64),
            consumer_id VARCHAR(128), 
            consumer_username    VARCHAR(128),
            credential_type      VARCHAR(32),              
            auth_subject         VARCHAR(256),      
            scopes               VARCHAR(512),
            method               VARCHAR(10) NOT NULL, 
            status_code          INTEGER NOT NULL,
            service_name         VARCHAR(128),
            route_path           VARCHAR(512), 
            request_path         VARCHAR(1024),
            query_string         VARCHAR(2048),
            resource_type        VARCHAR(64), 
            resource_id          VARCHAR(128),
            operation            VARCHAR(32), 
            request_bytes        INTEGER,
            response_bytes       INTEGER,
            latency_ms           INTEGER,
            request_id           VARCHAR(128),  
            error_reason         VARCHAR(256),
            user_agent           VARCHAR(256)
            )
            """
            cur.execute(table_schema)
            connection.commit()
  except Exception as e:
        print("ERROR: Could not connect to InterSystems IRIS. or table creation failed.")
        print(e)
        sys.exit(1)


In [27]:
create_audit_schema()

Table Audit.FHIR_LOGS does not exist. Creating it now...


### Create functions to return a Correct Basic Auth Header

In [9]:
import base64

def basic_auth_b64(username: str, password: str) -> str:
    """
    Return the Base64-encoded string for HTTP Basic auth (username:password).
    Example output: 'X1NZU1RFTTpJU0NERU1P'
    """
    raw = f"{username}:{password}".encode("utf-8")
    return base64.b64encode(raw).decode("ascii")

def basic_auth_header(username: str, password: str) -> str:
    """
    Return the full Authorization header value for HTTP Basic auth.
    Example output: 'Basic X1NZU1RFTTpJU0NERU1P'
    """
    return f"Basic {basic_auth_b64(username, password)}"

In [10]:
print (basic_auth_header("demo-user2","ISCDEMO"))

Basic ZGVtby11c2VyMjpJU0NERU1P


In [11]:
print (basic_auth_header("_SYSTEM","ISCDEMO"))

Basic X1NZU1RFTTpJU0NERU1P


### Run the python program that interfaces KONG logging with IRIS for Health (SQL Audit.fhir_log)

#### First set up the environment

In [4]:
! uv add fastapi

[2mResolved [1m37 packages[0m [2min 18ms[0m[0m
[2mAudited [1m35 packages[0m [2min 2ms[0m[0m


In [5]:
import os, sys

# 👇 CHANGE THIS to the folder that actually contains konglog_ingest.py
PROJECT_DIR = os.path.expanduser("/Users/pjamieso/VanderbiltLocalFHIRTraining/Lesson36")   # e.g. /Users/you/path/to/Lesson36

if PROJECT_DIR not in sys.path:
    sys.path.insert(0, PROJECT_DIR)


In [6]:
import sys, sysconfig
print("Python:", sys.executable)
print("site-packages:", sysconfig.get_paths()["purelib"])

Python: /Library/Frameworks/Python.framework/Versions/3.11/bin/python3
site-packages: /Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/site-packages


In [7]:
%pip install -q fastapi "uvicorn[standard]" intersystems-irispython python-dotenv requests


Note: you may need to restart the kernel to use updated packages.


In [8]:
import konglog_ingest
from konglog_ingest import app
print("Loaded from:", konglog_ingest.__file__)

Loaded from: /Users/pjamieso/VanderbiltLocalFHIRTraining/Lesson36/konglog_ingest.py


In [9]:
import os

# -- set your lab env --
os.environ["IRIS_CONNECTION_STRING"] = "127.0.0.1:1972/DEMO"
os.environ["IRIS_USER"] = "_SYSTEM"
os.environ["IRIS_PASSWORD"] = "ISCDEMO"
os.environ["IRIS_LOG_TABLE"] = "AUDIT.fhir_logs"
os.environ["LOG_BEARER_TOKEN"] = "fhirdemotoken"

# optional (nice for debugging)
os.environ["INGEST_DEBUG"] = "true"
os.environ["TS_AS_TEXT"] = "true"
os.environ["FHIR_BASE_PREFIXES"] = "/fhir,/r4,/fhir/r4"

# Import AFTER env is set
from konglog_ingest import app

### Run the FHIR logging app

In [11]:
import threading, time, requests, uvicorn
server = uvicorn.Server(uvicorn.Config(app, host="0.0.0.0", port=8082, log_level="info"))
t = threading.Thread(target=server.run, daemon=True)
t.start()

# quick health probe
for _ in range(20):
    try:
        r = requests.get("http://127.0.0.1:8082/healthz", timeout=0.5)
        print("Health:", r.status_code, r.text)
        break
    except Exception:
        time.sleep(0.25)

INFO:     Started server process [63337]
INFO:     Waiting for application startup.
INFO:     Application startup complete.
ERROR:    [Errno 48] error while attempting to bind on address ('0.0.0.0', 8082): address already in use
INFO:     Waiting for application shutdown.
INFO:     Application shutdown complete.


Health: 200 {"ok":true}


### Here is how to stop the server

In [13]:
server.should_exit = True
t.join(timeout=5)
print("Ingest server stopped.")

Ingest server stopped.


#### Let's create a simple request that uses Basic Auth so we can create a log entry

In [19]:
import requests
import json

# --- Request setup ---
url = "http://127.0.0.1:8000/fhir/Patient/2"  # via Kong proxy
headers = {
    "Authorization": "Basic ZGVtby11c2VyMjpJU0NERU1P",  # base64(username:password)
    "Accept": "*/*",
    "content-type": "application/fhir+json",
    "Accept-Encoding": "gzip, deflate, br",
}

# --- Send request ---
try:
    resp = requests.get(url, headers=headers, timeout=15)
    print("Status:", resp.status_code)
    # show a couple of useful headers
    for k in ["Content-Type", "X-Kong-Request-Id", "X-Kong-Response-Latency", "Server"]:
        if k in resp.headers:
            print(f"{k}: {resp.headers[k]}")

    # Pretty-print JSON if possible, otherwise show text
    try:
        data = resp.json()
        print("\nJSON body:")
        print(json.dumps(data, indent=2))
    except ValueError:
        print("\nText body:")
        print(resp.text[:2000])  # avoid dumping extremely large responses

except requests.RequestException as e:
    print("Request error:", e)


Status: 200
Content-Type: application/fhir+json; charset=UTF-8
X-Kong-Request-Id: 9f6c9a4010bdfe09d0e1b21975eec754
Server: Apache

JSON body:
{
  "resourceType": "Patient",
  "id": "2",
  "text": {
    "status": "generated",
    "div": "<div xmlns=\"http://www.w3.org/1999/xhtml\">Generated by <a href=\"https://github.com/synthetichealth/synthea\">Synthea</a>.Version identifier: synthea-java .   Person seed: -3172650690484696193  Population seed: 1597764932523</div>"
  },
  "extension": [
    {
      "url": "http://hl7.org/fhir/StructureDefinition/patient-mothersMaidenName",
      "valueString": "Elouise Rowe"
    },
    {
      "url": "http://hl7.org/fhir/StructureDefinition/patient-birthPlace",
      "valueAddress": {
        "city": "Weston",
        "state": "Massachusetts",
        "country": "US"
      }
    },
    {
      "url": "http://synthetichealth.github.io/synthea/disability-adjusted-life-years",
      "valueDecimal": 1.018126792983423
    },
    {
      "url": "http://synt

### Make a connection to the Audit.FHIR_Logs table and retrieve all rows

In [20]:
sql = "SELECT * FROM Audit.FHIR_LOGS"
auditLogFrame = pd.read_sql(sql, connection)

#### Check on the first five values in the auditLogFrame

In [21]:
auditLogFrame.head()

Unnamed: 0,log_id,event_ts,client_ip,kong_node,consumer_id,consumer_username,credential_type,auth_subject,scopes,method,...,query_string,resource_type,resource_id,operation,request_bytes,response_bytes,latency_ms,request_id,error_reason,user_agent
0,1,2025-09-26 17:33:02.268,192.168.65.1,kong-1,feb11aa1-cfb7-4509-9f06-756c7c0cfe6d,demo-user2,,demo-user2,,GET,...,,Patient,2,read,247,1653,66,9f6c9a4010bdfe09d0e1b21975eec754,,python-requests/2.32.3


#### Let's try a different request with A API Key in Kong

In [None]:
import requests
import json

# --- Request setup ---
url = "http://127.0.0.1:8000/fhir/Patient/2"  # via Kong proxy
headers = {
    "Accept": "*/*",
    "content-type": "application/fhir+json",
    "Accept-Encoding": "gzip, deflate, br",
    "apikey": "random-demo-key"
}

# --- Send request ---
try:
    resp = requests.get(url, headers=headers, timeout=15)
    print("Status:", resp.status_code)
    # show a couple of useful headers
    for k in ["Content-Type", "X-Kong-Request-Id", "X-Kong-Response-Latency", "Server"]:
        if k in resp.headers:
            print(f"{k}: {resp.headers[k]}")

    # Pretty-print JSON if possible, otherwise show text
    try:
        data = resp.json()
        print("\nJSON body:")
        print(json.dumps(data, indent=2))
    except ValueError:
        print("\nText body:")
        print(resp.text[:2000])  # avoid dumping extremely large responses

except requests.RequestException as e:
    print("Request error:", e)

#### Notice that the request was unauthorized. Let's see what that looks like in the Audit.FHIR_LOGS

In [None]:
sql = "SELECT * FROM Audit.FHIR_LOGS"
auditLogFrame = pd.read_sql(sql, connection)

#### Get the last three rows in the auditLogFrame

In [None]:
auditLogFrame.tail(3)

#### Correct the Kong Path the API Plugin applies to and try again

In [22]:
import requests
import json

# --- Request setup ---
url = "http://127.0.0.1:8000/fhir/Patient/2"  # via Kong proxy
headers = {
    "Accept": "*/*",
    "content-type": "application/fhir+json",
    "Accept-Encoding": "gzip, deflate, br",
    "apikey": "random-demo-key"
}

# --- Send request ---
try:
    resp = requests.get(url, headers=headers, timeout=15)
    print("Status:", resp.status_code)
    # show a couple of useful headers
    for k in ["Content-Type", "X-Kong-Request-Id", "X-Kong-Response-Latency", "Server"]:
        if k in resp.headers:
            print(f"{k}: {resp.headers[k]}")

    # Pretty-print JSON if possible, otherwise show text
    try:
        data = resp.json()
        print("\nJSON body:")
        print(json.dumps(data, indent=2))
    except ValueError:
        print("\nText body:")
        print(resp.text[:2000])  # avoid dumping extremely large responses

except requests.RequestException as e:
    print("Request error:", e)

Status: 200
Content-Type: application/fhir+json; charset=UTF-8
X-Kong-Request-Id: 493d6a5f5683e12ca663ae1e96538959
Server: Apache

JSON body:
{
  "resourceType": "Patient",
  "id": "2",
  "text": {
    "status": "generated",
    "div": "<div xmlns=\"http://www.w3.org/1999/xhtml\">Generated by <a href=\"https://github.com/synthetichealth/synthea\">Synthea</a>.Version identifier: synthea-java .   Person seed: -3172650690484696193  Population seed: 1597764932523</div>"
  },
  "extension": [
    {
      "url": "http://hl7.org/fhir/StructureDefinition/patient-mothersMaidenName",
      "valueString": "Elouise Rowe"
    },
    {
      "url": "http://hl7.org/fhir/StructureDefinition/patient-birthPlace",
      "valueAddress": {
        "city": "Weston",
        "state": "Massachusetts",
        "country": "US"
      }
    },
    {
      "url": "http://synthetichealth.github.io/synthea/disability-adjusted-life-years",
      "valueDecimal": 1.018126792983423
    },
    {
      "url": "http://synt

#### Get the Audit.FHIR_LOGS and the last three rows in the frame

In [23]:
sql = "SELECT * FROM Audit.FHIR_LOGS"
auditLogFrame = pd.read_sql(sql, connection)
auditLogFrame.tail(3)

Unnamed: 0,log_id,event_ts,client_ip,kong_node,consumer_id,consumer_username,credential_type,auth_subject,scopes,method,...,query_string,resource_type,resource_id,operation,request_bytes,response_bytes,latency_ms,request_id,error_reason,user_agent
0,1,2025-09-26 17:33:02.268,192.168.65.1,kong-1,feb11aa1-cfb7-4509-9f06-756c7c0cfe6d,demo-user2,,demo-user2,,GET,...,,Patient,2.0,read,247,1653,66,9f6c9a4010bdfe09d0e1b21975eec754,,python-requests/2.32.3
1,11,2025-09-26 18:53:58.505,192.168.65.1,kong-1,9e143d46-016f-4564-bfda-2dd120ff413f,demo-user,,bd03c9a5-ea19-4a2b-b2ca-5c5a201dbbed,,GET,...,,Patient,,search,244,27141,83,5c009a0e95d4952096aac5138aa50c64,,vscode-restclient
2,12,2025-09-26 20:01:17.510,192.168.65.1,kong-1,9e143d46-016f-4564-bfda-2dd120ff413f,demo-user,,bd03c9a5-ea19-4a2b-b2ca-5c5a201dbbed,,GET,...,,Patient,2.0,read,225,1653,64,493d6a5f5683e12ca663ae1e96538959,,python-requests/2.32.3
