How can we help? 👋

Audit Logging

Default audit events

Audit logs cannot be modified or deleted by any end users, including Tenancy admins. Logs for deleted content are persistent. Logs are also stored for the duration of your organisation’s agreement with DekkoSecure.

The following events are captured by default in audit logs:

Events Logged
File sharing
File uploaded (incl. file size) File downloaded (incl. file size) File removed File shared Status tag change (added/changed/removed)
File collaboration
File updated (versioned or edited)
eSignature workflow
Markup placeholder added Text added Image added Stamp added Signature added Document approved
Messaging (mail, chat)
Message sent Message received Message read
Hub invite sent Hub invite accepted User removed from Hub Password reset

All audit events have an associated ID which corresponds with a file, message or Hub. For example, logged events associated with a file that has been uploaded, shared and downloaded, will have a common ID, i.e. 08abba18-9c1c-4f22-9bc80-e46309bff268.


Example log:

Event ID
Date + time
Upload complete (1.2GB)
10:25 Apr 3, 2023

In the above example, the log relates to a file with ID 08abba18-9c1c-4f22-9bc80-e46309bff268. See the search guide below to filter logs by ID.



Please note that audit logs viewed in the DekkoSecure application do not contain:

  • File names
  • File content
  • Message subjects
  • Message content

Extended audit logging


To facilitate automated audit log reporting (including encrypted event data such as file names and message content), the DekkoSecure web application must be integrated with a Security information and event management system such as Microsoft Sentinel or Splunk.

DekkoSecure offers consultative services to enable log capture that can meet any compliance requirement, including managed service infrastructure that will prepare any logging information in a way that follows your own unique definition(s).

Please contact your DekkoSecure account manager to discuss extended logging an integration options. Note: custom audit logging features and functions are not included in the standard DekkoSecure service.

Accessing audit logs


Audit logs can be access at a content level (i.e., the files I own as a user or as a co-admin), Hub admin level (all logs for a Hub) and Tenancy level (logs for all Hubs in a tenancy).

Content owner/co-admin

  1. Open the dropdown menu for the file and then select Details:
    1. Notion image
  1. In the information panel press [View Logs]
    1. Notion image

The audit log will open. Press [Export] to download a CSV version of the log, or select the File History tab to see previous versions of the file:

Notion image

Read, download and signature receipts

Actions in the Events and Status columns correspond with audit log entries.

Document downloaded:

Notion image

Document viewed:

Notion image

Document signed:

Notion image

Hub admin


Press Contacts in the navigation panel (1), choose the Hub from the dropdown (2), select the Audit Logs tab (3), set the activity period (4) and then press [Load]:

Notion image

The audit log will be loaded. Press [Export] to download a CSV version of the log.


Tenancy admin


Press Audit logs in the navigation panel (1), choose the Hub from the dropdown (2), set the activity period (3) and then press [Refresh]:

Notion image

The audit log will be loaded. Press [Download as CSV] to download a CSV version of the log.

Tenancy Search


Example - ‘upload’:

Notion image

Example - content ID:

Searching by ID is the most effective way to view logs per-file.
Notion image
Did this answer your question?