.png)
InterSystems IRIS for Health™ is the world’s first and only data platform engineered specifically for the rapid development of healthcare applications to manage the world’s most critical data. It includes powerful out-of-the-box features: transaction processing and analytics, an extensible healthcare data model, FHIR-based solution development, support for healthcare interoperability standards, and more. All enabling developers to realize value and build breakthrough applications, fast. Learn more.
Hello, guys!
I'm facing a problem when I compile my code in Atelier (version 1.3) when connected to an Iris Community instance in Docker container.
When compiling, the code is synchronized with the server correctly, however, in the IDE, the code is inserted into the class again.
Class after compile:
Hey Developers,
Check out the latest video on InterSystems IRIS for Health Data Platform:
Hello,
I am using a class based on %UnitTest.TestProduction to test Health Connect production.
I read in Class Reference IRIS for UNIX 2020.1:
Note: This class is not intended to be used in InterSystems IRIS instances.
Why should this not be used in IRIS? I have not seen any difference using this with HealthConnect 2017 or IRIS 2020.1
Prior to IRIS, using ECP to share databases under heavy I/O load has known latency issues (in our environment), which pretty much restricted using shared database with relatively static or slow-changing data. In IRIS, will sharding mitigate the latency issue and allow any table to be shared?
David
Hi Community,
We're pleased to invite you to join the upcoming "How Technology Supports Patient Adherence to Specialty Medicines" webinar on July 15 at 12:00 PM EDT!
Join a team from RxMx to learn how its Chameleon platform – built on InterSystems IRIS for Health – helps clinicians who are administering new specialty medicines to their patients, meet the needs of this industry.
Join this webinar to learn:
I have a couple of questions regarding /api/monitor and configuring it to use with SAM. In our environment we only expose port 443, so even though I define the Web Application to use unauthenticated, SAM is unable to make a connection. Is there any alternatives to get this working?
Also, even if there is a way to configure using port 443, unauthenticated access will never fly in our environment. Are there any plans to enhance SAM so it you use OAuth or even mutual TLS?
Dave
Hi Community!
Welcome the new video from Global Summit 2019 on InterSystems Developers YouTube:
Hi,
We are using IRIS, and have some systems that we send data to that cannot accept messages with certain fields larger than a particular size.
Is there any way to utilize the schema to truncate any fields that are larger than the entered data?
I've tried just setting the max lengths and doing the transform, but it puts in the entire string, and can't find a topic for it.
There are a large number of fields that need to be truncated, so it would be ideal to get it to respect the hl7 schema maximum lengths.
ie for the XPN name fields, each name may not be larger than 20 characters.
so the name:
Hi Everyone,
I am using IRIS for health in two different machines. In want to export the data from Machine 1 IRIS instance in which license is expired already.
In Machine 2 i activated new license. Now i need to import the Machine 1 IRIS data into Machine 2 IRIS.
Thanks,
Karthikeyan G
AWS has officially released their second-generation Arm-based Graviton2 processors and associated Amazon EC2 M6g instance type, which boasts up to 40% better price performance over current generation Intel Xeon based M5 instances.
A few months ago, InterSystems participated in the M6g preview program, and we ran a few benchmarks with InterSystems IRIS that showed compelling results. This led us to support ARM64 architectures for the first time.
Now you can try InterSystems IRIS and InterSystems IRIS for Health on Graviton2-based Amazon EC2 M6g instances for yourselves through the AWS Marketplace!
Good day all -
I am attempting to use the Data Transformation Builder (for ease of use for my other engineers) to build up a web service request object to send to an outbound operation. The source is a custom persistent class (extends Ens.Response, %JSON.Adaptor) and has serialized sub-class data elements and the request object is a custom persistent class (extends Ens.Request, %JSON.Adaptor.)
I have a code tag that performs some logic in a DTL, and want to add to it the ability to find the number of substrings delimited by a dollar sign ($) within a particular string. I have tried the following which compiles just fine, but generates an error when testing in the Data Transformation Builder.
ERROR <Ens>ErrException: <SUBSCRIPT>zTransform+985^LH.IAMON.IAMONORU1XsformDTC2.1 *DCOUNT() Encoded subscript 1 > 511 bytes -- logged as '-' number - @' set lineCount = DCOUNT(reportBody,"$")'
Hi All,
I created Object Gateway. Earlier it was able to open but now it raising below error while trying to open. Can anybody assist how to make this to show list of Object Gateway which has been created already.
ERROR #5001: <ILLEGAL VALUE>zGatewayState+11^%Net.Remote.ObjectGateway.1
SOURCE ELEMENT: %ZEN.Component.pane ()
Thanks,
Asif
Hey Developers,
We're pleased to invite you to join the next InterSystems IRIS 2020.1 Tech Talk: Using InterSystems Managed FHIR Service in the AWS Cloud on June 30 at 10:00 AM EDT!
In this InterSystems IRIS 2020.1 Tech Talk, we’ll focus on using InterSystems Managed FHIR Service in the AWS Cloud. We’ll start with an overview of FHIR, which stands for Fast Healthcare Interoperability Resources, and is a next generation standards framework for working with healthcare data.
You'll learn how to:
We will discuss an API-first development approach using the InterSystems IRIS FHIR server. Plus, we’ll cover the scalability, availability, security, regulatory, and compliance requirements that using InterSystems FHIR as a managed service in the AWS Cloud can help you address.
Hello,
Even after using the SSL connection in Oauth2 client Im getting the following error.
ERROR #8854: OAuth 2.0 messages must use SSL/TLS
Any help would be appreciated!
Personal data privacy regulations have become an indispensable requirement for projects dealing with personal data. The compliance with these laws is based on 4 principles:
In case of violation in the treatment of personal data, controllers and operators of these data may suffer:
How to use the IRIS Native API + Python to see globals as a Graph Network Chart.
Reading the documentation these topics are related to globals:
As one of representations of globals can be a Graph Data Structure there are some modules in Python that can transform these globals in a visualizable graph.
I have deployed the application as a demo here, my IRIS Database has one global to test ^computer: (http://iris-python-suite.eastus.cloudapp.azure.com/global-chart)
Clone my repository to see all the code implementation.
$ git clone https://github.com/renatobanzai/iris-python-covid19.git
In this application environment I use Python 3.7 with these modules.
This project has a simple structure to be easy to understand. On the main folder we have 3 most important subfolders:
Now inside the ./app directory we can see some files:
__main__.py : with the implementation of the web applicationThis application uses Intersystems IRIS as a repository, the globals used are:
-^computer : A global to test the graph. If you want, you can test with all other globals default in the USER Namespace.
-^config : with some config data -^raw.covid19 : where the raw data (Source of Data) are ingested -^countrydetails : to get the population of each country -^end.date.deaths : to serve the chart requisitions and here is the goal, Its fast! -^end.timeless.deaths : to server another kind of chart requisition
If are you asking yourself, the module networkx has a function position nodes using Fruchterman-Reingold force-directed algorithm.
As a graph can have any shape is too hard to represent it in a generic way. This is on algorithm to represent graphs without a lot of confusion.
The line that perform the use of this algorithm is on python_suite_global.py:
def get_fig(self):
_nx = self.obj_nx
pos = nx.spring_layout(_nx)
With docker-compose you can easily up one environment with all the pieces and configurations go to the iris-python-covid19 folder and type this:
$ docker compose build
$ docker compose up
1st time running will depend of your internet link to download the images and dependencies. If it last more than 15 minutes probably something goes wrong feel free to communicate here. After the 1st time running the next ones will perform better and take less then 2 minutes.
After a while you can open your browser and go to the address:
http://localhost:8050/global-chart
I'm using for now the USER namespace
http://localhost:9092
user: _SYSTEM
pass: theansweris42
This application is at the current contest on open exchange, you can vote in my application iris-python-suite here(https://openexchange.intersystems.com/contest/current)
Hello,
How can I use ISC_DATA_DIRECTORY once IRIS runs inside a container? Some background...
OData (Open Data Protocol) is an ISO/IEC approved, OASIS standard that defines a set of best practices for building and consuming RESTful APIs. OData helps you focus on your business logic while building RESTful APIs without having to worry about the various approaches to define request and response headers, status codes, HTTP methods, URL conventions, media types, payload formats, query options, etc. OData also provides guidance for tracking changes, defining functions/actions for reusable procedures, and sending asynchronous/batch requests (source: OData.org).
Hi Community,
The new video from Global Summit 2019 is already on InterSystems Developers YouTube:
InterSystems has corrected a defect that can cause FHIR searches to return incomplete results. The defect manifests because a FHIR update interaction deletes an incorrect resource from the search index. Although the data still exists in the repository, subsequent searches may return incomplete results due to the missing entry in that index.
In this article I'd like to share with you a phenomena that is best you avoid - something you should be aware of when designing your data model (or building your Business Processes) in Caché or in Ensemble (or older HealthShare Health Connect Ensemble-based versions).
When you first start working with InterSystems IRIS, it’s a common practice to install a system with only a minimum level of security. You have to enter passwords fewer times and this makes it easier to work with development services and web applications when you're first getting acquainted. And, sometimes, minimal security is more convenient for deploying a developed project or solution.
And yet there comes a moment when you need to move your project out of development, into an Internet environment that’s very likely hostile, and it needs to be tested with the maximum security settings (that is, completely locked down) before being deployed to production. And that’s what we’ll discuss in this article.
For more complete coverage of DBMS security issues in InterSystems Caché, Ensemble, and IRIS, you may want to read my other article, Recommendations on installing the InterSystems Caché DBMS for a production environment.
The security system in InterSystems IRIS is based on the concept of applying different security settings for different categories: users, roles, services, resources, privileges, and applications.
When installing InterSystems IRIS, you can choose the security level: Minimal, Normal, or Locked Down. The levels differ in the degree of user engagement, the available roles and services, and in the configuration of authentication methods for services and applications. For more information, read the Preparing for InterSystems Security section of the Preparing to Install InterSystems IRIS guide.
In the documentation you’ll find the tables shown below, which show the security settings for each level. You can change the settings in the system management portal interface.
| Security Setting | Minimal | Normal | Locked Down |
|---|---|---|---|
| Password Pattern | 3.32ANP | 3.32ANP | 8.32ANP |
| Inactive Limit | 0 | 90 days | 90 days |
| Enable _SYSTEM User | Yes | Yes | No |
| Roles assigned to UnknownUser | %All | None | None |
| Service Property | Minimal | Normal | Locked Down |
|---|---|---|---|
| Use Permission is Public | Yes | Yes | No |
| Requires Authentication | No | Yes | Yes |
| Enabled Services | Most | Some | Fewest |
| Service | Minimal | Normal | Locked Down |
|---|---|---|---|
| %Service_Bindings | Enabled | Enabled | Disabled |
| *%Service_CSP | Enabled | Enabled | Enabled |
| %Service_CacheDirect | Enabled | Disabled | Disabled |
| %Service_CallIn | Enabled | Disabled | Disabled |
| %Service_ComPort | Disabled | Disabled | Disabled |
| %Service_Console | Enabled | Enabled | Enabled |
| %Service_ECP | Disabled | Disabled | Disabled |
| %Service_MSMActivate | Disabled | Disabled | Disabled |
| %Service_Monitor | Disabled | Disabled | Disabled |
| %Service_Shadow | Disabled | Disabled | Disabled |
| %Service_Telnet | Disabled | Disabled | Disabled |
| %Service_Terminal | Enabled | Enabled | Enabled |
| %Service_WebLink | Disabled | Disabled | Disabled |
*For InterSystems IRIS, %Service_CSP applies %Service_WebGateway. The services used are slightly different for different operating systems.
For each enabled service, you need to choose the appropriate authentication methods: unauthenticated, password, Kerberos, or delegated. You also need to disable web applications that aren’t used in the system. And for web applications that are enabled, you need to select the correct authentication method: authenticated, password, Kerberos, delegated, login, or cookie. Of course, the administrator chooses the security settings for each project and solution so the project can function according to the customer's requirements. And this is always a balance between keeping the system convenient enough that users can actually get their work done, while also secure enough to keep intruders at bay. As you know, the most secure system is a disabled system. If you encounter a need to manually increase the security level of your system more than once, this is a sure sign you need to write a software module to solve these problems. In fact, InterSystems Open Exchange has a lockdown program that can help you improve security. You’ll find the source code for the program in the repository on the InterSystems isc-apptools-lockdown page. Here’s what the LockDown program does.
USER>zn “%SYS”
%SYS>do $system.OBJ.Load("/home/irisusr/LockDown.cls","ck")
Or you can install it using the ZPM batch manager from the public register with the following commands:
USER>zn “%SYS”
%SYS> zpm “install isc-apptools-lockdown”
Before executing a lockdown, it’s strongly recommended that you perform a backup.
The LockDown program must be executed from the %SYS area. If you don't want to change the password for all preinstalled users, leave the first parameter empty.
If you want to keep the ability to edit programs and classes using IRIS Studio, Atelier, or VSCode, don’t disable the %Service_Bindings service. To ensure this works, the bindings argument must be set to 1. Here’s an example:
do ##class(App.Security.LockDown).Apply("New Password 123",.msg,1)
This module also contains a function that’s useful if the system password is compromised and you need a replacement for all preinstalled accounts without performing a lockdown. You can run it as follows:
do ##class(App.Security.LockDown).Change Password("New Password 123", "Admin,CSPSystem,IAM,SuperUser,Unknown User, _Ensemble,_SYSTEM")
Most likely, after performing the lockdown, your application or project will stop working. To fix it, you’ll need to restore some security settings to their original state. This can be done either via the management portal interface (security section) or programmatically.
After lockdown, if your web applications used authentication methods other than passwords, you’ll need to enable them. I suggest running the software module zpm-registry-test-deployment, which has an example of using LockDown for the ZPM-registry project. The code that follows is applied at the end of the installation. The project was installed on IRIS with a minimal level of security. Here’s what the code had to do:
Create a new user:
set tSC= ##class(App.Security.LockDown).CreateUser(pUsername, "%DB_"_Namespace, pPassword, "ZMP registry user",Namespace)
If $$$ISERR(tSC) quit tSC
write !,"Create user "_pUsername
Add privileges for a new and unauthorized user:
set tSC=##class(App.Security.LockDown).addSQLPrivilege(Namespace, "1,ZPM.Package", "s", "UnknownUser")
set tSC=##class(App.Security.LockDown).addSQLPrivilege(Namespace, "1,ZPM.Package", "s", pUsername)
set tSC=##class(App.Security.LockDown).addSQLPrivilege(Namespace, "1,ZPM.Package_dependencies", "s", pUsername)
set tSC=##class(App.Security.LockDown).addSQLPrivilege(Namespace, "1,ZPM_Analytics.Event", "s", pUsername)
set tSC=##class(App.Security.LockDown).addSQLPrivilege(Namespace, "9,ZPM.Package_Extent", "e", pUsername)
set tSC=##class(App.Security.LockDown).addSQLPrivilege(Namespace, "9,ZPM_Analytics.Event_Extent", "e", pUsername)
If $$$ISERR(tSC) quit tSC
write !,"Add privileges "
Run the LockDown program:
set tSC= ##class(App.Security.LockDown).Apply(NewPassSys)
If $$$ISERR(tSC) quit tSC
Change the settings for the web app so that an unknown user can log in:
set prop("AutheEnabled")=96
set tSC=##class(Security.Applications).Modify("/registry",.prop)
If $$$ISERR(tSC) quit tSC
write !,"Modify /registry "
Change the settings for the %service_terminal service, changing the authorization method to Operating System, Password:
set name="%service_terminal"
set prop("Enabled")=1
set prop("AutheEnabled")=48 ; Operating System,Password
set tSC=##class(Security.Services).Modify(name,.prop)
If $$$ISERR(tSC) quit tSC
write !,"Modify service terminal"
In this article, I discussed why you might want to increase the security level of your system and how you’d do this programmatically, and I showed an example using the InterSystems LockDown program. We used a method in which we first closed down everything in the system (that is, we set the maximum security level). We then moderated the security by opening the services and applications necessary for the project to function, but only those. I'm sure there are other ways and best practices, and I’d love to hear about them as part of the discussion of this article by the community.
Preview releases are now available for InterSystems IRIS Advanced Analytics, and InterSystems IRIS for Health Advanced Analytics! The Advanced Analytics add-on for InterSystems IRIS introduces IntegratedML as a key new feature.
The build number for these releases is: 2020.3.0AA.331.0
Full product installation kits, container images, and evaluation license keys are available via the WRC's preview download site.
Community Edition containers can also be pulled from the Docker store using the following commands:
In the first article in this series, we looked at the entity–attribute–value (EAV) model in relational databases, and took a look at the pros and cons of storing those entities, attributes and values in tables. We learned that, despite the benefits of this approach in terms of flexibility, there are some real disadvantages, in particular a basic mismatch between the logical structure of the data and its physical storage, which causes various difficulties.
I am trying to do package mapping in the %ALL NameSpace.
I create a new Package Mapping entry and select my database bu the "Package Name" combo box never populates the packages in this database so I cannot select it, see screenshot below, the "Package Name" list remains empty. There definately are packages in that database. Why is this happening? Did I miss a setting?
Hey Developers,
The recording of the Kick-Off Webinar for InterSystems IRIS Native API Online Programming Contest is now available on InterSystems Developers YouTube:
Speakers:
@Bob Kuszewski, InterSystems Product Manager
@Evgeny Shvarov, InterSystems Developer Ecosystem Manager
Hi !
I am getting below error in my .NET MVC project, I am IRIS Entity Framwork, in the database table filed and model having the same datatype int.
The specified cast from a materialized 'System.Int64' type to the 'System.Int32' type is not valid db Table creation Id field is created with [xDBC Type = BIGINT]
Please kindly advice me.
Thank you
Is there a way to force a failover from the primary mirror member to the backup member without forcing down the primary (which happens with ##class(SYS.Mirror).BecomePrimary())? What I'm trying to simulate is a network isolated condition on the primary.
InterSystems has corrected two defects that affect online backup of very large databases. Backups taken via external methods, such as snapshots or direct file copies, are not affected. These defects exist in all released versions of all InterSystems products.
The first defect only affects databases with more than 231 blocks. It results in a degraded database after restoring from an online backup. For example, databases that have a block size of 8 KB (the default) are only affected if they are larger than 16 TB. The correction for this defect is identified as RJF437.
The second defect affects databases that have a block size of 8 KB and that are larger than ~29 TB. With this defect, the online backup fails due to an inaccurate <DATABASE> error; this results in a backup that cannot be restored. The correction for this defect is identified as RJF438. Note that this defect also affects databases that have block sizes smaller than 8 KB.
The corrections for these defects will be included in all future product releases. They are also available by requesting an Ad hoc distribution from the WRC.
If you have any questions regarding this alert, please contact the Worldwide Response Center.