Audit Logs

SignNXT maintains comprehensive audit logs for all document actions, providing complete traceability for security, compliance, and legal requirements.

What Are Audit Logs?

Audit logs are detailed records of every action taken on documents in your workspace:

Purpose:

• Security monitoring and forensics
• Compliance requirements
• Legal evidence and dispute resolution
• Activity tracking and accountability
• Incident investigation

Benefits:

• Complete traceability of all actions
• Tamper-proof record keeping
• Compliance-ready documentation
• Security analysis capabilities
• Legal defensibility

What Gets Logged?

SignNXT logs all significant document actions:

Document Lifecycle Events:

• Document creation and upload
• Document sent for signatures
• Signer views document
• Signer completes signing
• Document completion
• Document declined or voided
• Document expiration

Additional Events:

• Certificate generation and sharing
• Template creation and usage
• Campaign creation and processing
• All user actions with timestamps

Information Captured

Each audit log entry contains comprehensive information:

Core Information:

• Exact timestamp of action
• User identification and role
• Action type and details
• Document and workspace information

Security Information:

• User location data (for security analysis)
• Device and browser information
• Fraud detection data
• Security event tracking

Additional Context:

• Field values and changes
• Reasons for actions (decline, void)
• Configuration settings
• Any other relevant details

Audit Log Retention

Retention Policy

Indefinite Retention:

• Audit logs are retained indefinitely
• Never automatically deleted
• Available for compliance audits
• Legal evidence preservation

Why Indefinite:

• Compliance requirements (7+ years)
• Legal disputes can arise years later
• Security forensics may need historical data
• Regulatory audits require long retention

Data Protection

Security Measures:

• Stored in secure database
• Encrypted at rest
• Access controlled
• Tamper-proof (append-only)
• Regular backups

Accessing Audit Logs

For Compliance & Legal

To Access Audit Logs:

1. Contact SignNXT support
2. Provide workspace ID
3. Specify date range (if needed)
4. Specify document ID (if specific document)
5. State reason for access (compliance, legal, security)

Support Will Provide:

• Filtered audit log export
• CSV or JSON format
• All relevant entries
• Secure delivery

Audit Log Examples

Audit logs capture detailed information about each action. Here are simplified examples:

Document Signing Event:

• Action: Document signed
• Signer information and email
• Timestamp of signing
• Fields that were signed
• Device information

Document Viewing Event:

• Action: Document viewed
• Signer email
• Timestamp of view
• Device type (mobile/desktop)

Document Completion Event:

• Action: All signatures completed
• List of all signers
• Individual signing timestamps
• Total completion time

Security & Privacy

SignNXT handles audit log data responsibly:

Data Collection:

• Security information collected for fraud prevention
• Device information for security analysis
• All data stored securely and encrypted
• Access restricted to authorized administrators

Privacy Protection:

• Data not exposed to end users
• Used only for security and compliance purposes
• GDPR compliant processing
• Legitimate interest basis for security

GDPR Compliance:

• Right to access: Users can request their audit logs
• Right to portability: Logs included in data export
• Right to erasure: Logs anonymized on user deletion
• Processed for security, fraud prevention, and legal compliance

Audit Log Best Practices

For Workspace Owners

Regular Reviews:

• Request audit logs quarterly
• Review for suspicious activity
• Verify compliance processes
• Train team on security

Compliance Preparation:

• Keep audit logs for audits
• Document retention policy
• Prepare for compliance reviews
• Maintain security documentation

Incident Response:

• Request logs immediately for incidents
• Analyze timeline of events
• Identify root cause
• Implement preventive measures

Frequently Asked Questions

Can I view audit logs in the app?

No, audit logs are not directly accessible through the user interface. This is an admin/compliance feature. Contact support to request audit logs for your workspace.

How long are audit logs kept?

Audit logs are retained indefinitely for compliance and legal purposes. They are never automatically deleted.

Can audit logs be modified or deleted?

No, audit logs are tamper-proof and cannot be modified or deleted. This ensures the integrity of the audit trail for compliance and legal purposes.

What if I need audit logs for a legal case?

Contact SignNXT support with your workspace ID and document ID. Provide details about the legal case and the date range needed. We'll provide a secure export of relevant audit logs.

Are audit logs GDPR compliant?

Yes, audit logs are captured under GDPR's "legitimate interest" basis for security, fraud prevention, and legal compliance. Users have the right to access their audit logs and they are included in data exports.

Can I export audit logs myself?

Not directly through the UI. Contact support to request an audit log export for your workspace. We'll provide the logs in CSV or JSON format.

What format are audit logs provided in?

Audit logs can be exported in CSV or JSON format, depending on your needs. CSV is suitable for spreadsheet analysis, while JSON preserves the full data structure.

Do audit logs include deleted documents?

Yes, audit logs for deleted documents are retained indefinitely, even after the document is deleted. This ensures a complete audit trail.

---

Related Articles