This guide provides technical instructions for accessing, interpreting, and exporting global forensic audit logs within the IUSign Enterprise platform.
Prerequisites
- Assigned Admin, Owner, or SuperAdmin role.
- Understanding of forensic event types and identity telemetry.
Strategic Overview
The Global Audit Log is the definitive, immutable record of all activity within an organizational tenant. Unlike the per-envelope timeline, which tracks individual transactions, the Global Audit Log provides a holistic view of every administrative action, user login, and security configuration change. This forensic capability is essential for satisfying regulatory compliance requirements (such as HIPAA, SOC2, and GDPR), facilitating internal security reviews, and maintaining a high-integrity chain of custody across the entire organization. Every entry is cryptographically timestamped and bound to a verified identity, ensuring non-repudiation.
Implementation Sequence
1. Accessing the Forensic Repository
Navigate to Admin Dashboard → Security & Compliance → Audit Logs. The primary view displays a chronological feed of all organizational events.
2. Event Analysis and Interpretation
Each log entry contains high-fidelity metadata for forensic reconstruction:
| Log Component | Forensic Definition | Rationale |
|---|---|---|
| Event Type | The specific action (e.g., USER_LOGIN, SETTING_CHANGED). | Identifies the nature of the activity. |
| Identity | The Name and Email of the actor. | Establishes the "Who." |
| Timestamp | Millisecond-accurate UTC time. | Establishes the "When." |
| IP Address | The source IPv4/IPv6 address of the actor. | Establishes the "Where." |
| Resource ID | The UUID of the affected object (Envelope, User, Tenant). | Establishes the "What." |
3. Granular Filtering and Querying
Isolate specific events during an investigation:
- Actor Filter: Isolate actions taken by a specific team member.
- Category Filter: View only "Security Events," "Billing Events," or "Document Deletions."
- Temporal Query: Filter by a specific date range to align with a compliance audit window.
Exporting Datasets for External Audit
For formal compliance reviews, administrators can export the audit log in CSV format:
- Apply the required filters to define the scope.
- Select Export Audit Log.
- Security Handshake: For very large logs, the platform will generate the file and send a secure download link to the administrator's verified email address.
Strategic Considerations for Compliance Governance
- Immuntability: Once an event is recorded in the IUSign audit log, it cannot be modified or deleted, even by the Owner or a SuperAdmin. This ensures the integrity of the record.
- Retention Policy: Depending on your Subscription Tier, historical audit data is retained for a period ranging from 1 year to the entire duration of the organizational existence.
- Anomaly Detection: Regularly review the logs for unusual activity patterns, such as multiple login failures, unauthorized settings changes, or high-volume document deletions from a single IP.
Diagnostic and Resolution Protocols
| System Observation | Probable Cause | Resolution Protocol |
|---|---|---|
| Missing log entries | UI synchronization lag | In high-volume tenants, allow up to 60 seconds for backend events to propagate to the monitoring interface. |
| Anomalous IP address | VPN or Proxy use | Investigate the IP origin using standard geolocation tools. Verify with the user if they were utilizing a corporate proxy. |
| Export fails | Dataset too large | Reduce the temporal range of the export (e.g., export by month rather than by year). |