Here is an example of a SQL query to do this:
SELECT LocalDateTime, MPILIST
WHERE EventType = 'ViewRecords'
AND MPILIST in (SELECT MPIID FROM HS_Registry.Patient)
Replace the sub-query in parentheses above with one that returns your list of MPIIDs.
I limited my query to the "ViewRecords" audit event type, which is defined as, "The Access Gateway received clinical data from one or more Edge Gateways in response to a patient fetch request. The combined results are about to be loaded into the clinical viewer.". There are several other audit events related to accessing patient data that you may want to read about in the documentation to see if they match what you are checking better. Their descriptions can be found at:
Or by navigating to:
[ Documentation Home ] > [ Running a HealthShare Information Exchange ] > [ Information Exchange Security Guide ] > [ Auditing Information Exchange Events ] > Information Exchange Application Events