How can we help? 👋

Audit Logging

Default audit events

 
💡
Audit logs cannot be modified or deleted by any end users, including Tenancy admins. Logs for deleted content are persistent. Logs are also stored for the duration of your organisation’s agreement with DekkoSecure.
 

The following events are captured by default in audit logs:

 
Activity
Events Logged
File sharing
File uploaded (incl. file size) File downloaded (incl. file size) File removed File shared Status tag change (added/changed/removed)
File collaboration
File updated (versioned or edited)
eSignature workflow
Markup placeholder added Text added Image added Stamp added Signature added Document approved
Messaging (mail, chat)
Message sent Message received Message read
Administration
Hub invite sent Hub invite accepted User removed from Hub Password reset
 

All audit events have an associated ID which corresponds with a file, message or Hub. For example, logged events associated with a file that has been uploaded, shared and downloaded, will have a common ID, i.e. 08abba18-9c1c-4f22-9bc80-e46309bff268.

 

Example log:

User
Event
Event ID
Date + time
john@dekko.io
Upload complete (1.2GB)
08abba18-9c1c-4f22-9bc80-e46309bff268
10:25 Apr 3, 2023

In the above example, the log relates to a file with ID 08abba18-9c1c-4f22-9bc80-e46309bff268. See the search guide below to filter logs by ID.

 

 

Please note that audit logs viewed in the DekkoSecure application do not contain:

  • File names
  • File content
  • Message subjects
  • Message content

Extended audit logging

 

To facilitate automated audit log reporting (including encrypted event data such as file names and message content), the DekkoSecure web application must be integrated with a Security information and event management system such as Microsoft Sentinel or Splunk.

DekkoSecure offers consultative services to enable log capture that can meet any compliance requirement, including managed service infrastructure that will prepare any logging information in a way that follows your own unique definition(s).

 
🤝
Please contact your DekkoSecure account manager to discuss extended logging an integration options. Note: custom audit logging features and functions are not included in the standard DekkoSecure service.

Accessing audit logs

 

Audit logs can be access at a content level (i.e., the files I own as a user or as a co-admin), Hub admin level (all logs for a Hub) and Tenancy level (logs for all Hubs in a tenancy).

Content owner/co-admin

 
  1. Open the dropdown menu for the file and then select Details:
    1. Notion image
  1. In the information panel press [View Logs]
    1. Notion image
 
 

The audit log will open. Press [Export] to download a CSV version of the log, or select the File History tab to see previous versions of the file:

 
Notion image
 

Read, download and signature receipts

Actions in the Events and Status columns correspond with audit log entries.

Document downloaded:

Notion image
 

Document viewed:

Notion image
 

Document signed:

Notion image
 

Hub admin

 

Press Contacts in the navigation panel (1), choose the Hub from the dropdown (2), select the Audit Logs tab (3), set the activity period (4) and then press [Load]:

 
Notion image
 

The audit log will be loaded. Press [Export] to download a CSV version of the log.

 

Tenancy admin

 

Press Audit logs in the navigation panel (1), choose the Hub from the dropdown (2), set the activity period (3) and then press [Refresh]:

 
Notion image
 

The audit log will be loaded. Press [Download as CSV] to download a CSV version of the log.

Tenancy Search

 

Example - ‘upload’:

Notion image
 

Example - content ID:

💡
Searching by ID is the most effective way to view logs per-file.
Notion image
Did this answer your question?
😞
😐
🤩