The audit trail in in the Administration System provides a comprehensive record of actions performed by system administrators within the system. This feature enhances transparency and accountability, allowing you to monitor activities effectively.

Note: The audit trail is only downloadable as a CSV

Accessing and downloading the audit trail

Log into Legatics
Click on your profile in the top right corner
Click on Admin System
At the bottom of the sidebar, click on Audit trial
Press download

The audit trail will start downloading as a CSV

Data in the CSV

The following columns appear in the CSV.

Data	Explanation
Source IP	The IP address of the user who took the action in the admin system
Date/time	The date/time the action was taken (UTC)
User ID	The UUID of the user who took the action in the admin system
User email	The email of the user
User name	The name of the user
Location	The location in the Admin System where the action was taken, being: System Reports Matters Users Audit trail
Action type	The action the user took. See below for a list of action types recorded
Action text	Explanation of the action taken. See below for the action text recorded
Matter affected ID	If the action impacted a matter, the ID of the matter affected
Matter affected	If the action impacted a matter, the name of the matter affected
User affected ID	If the action impacted a user, the ID of the user affected
User affected name	If the action impacted a user, the name of the user affected
User affected email	If the action impacted a user, the email of the user affected

Activity recorded in the CSV

Actions are categorized based on the area of the platform.

Heads-up: Audit trail records are only available from 14 February 2024 (when the new system was created)

System

Action type	Action text
SYSTEM_VIEWED	Viewed the Legatics Administration System

Reports

Matters report

Action type	Action text
REPORTS_MATTERS_DOWNLOADED_CSV	Downloaded the matters report as a CSV file
REPORTS_MATTERS_DOWNLOADED_JSON	Downloaded the matters report as a JSON file

Lists report

Action type	Action text
REPORTS_LISTS_DOWNLOADED_JSON	Downloaded the lists report for `matter_name` as a JSON file

Users report

Action type	Action text
REPORTS_USERS_DOWNLOADED_CSV	Downloaded the users report as a CSV file
REPORTS_USERS_DOWNLOADED_JSON	Downloaded the users report as a JSON file

Activity report

Action type	Action text
REPORTS_ACTIVITY_DOWNLOADED_CSV	Downloaded the activity report as a CSV file
REPORTS_ACTIVITY_DOWNLOADED_JSON	Downloaded the activity report as a JSON file

Manage

Matters

Action type	Action text
MATTERS_VIEWED	Viewed the matters page
MATTERS_MATTER_ADDED_ADMIN	Added `user name` as a matter administrator to `Matter name`
MATTERS_MATTER_VIEWED	Viewed the matter `Matter name` as the organisation `Organisation name`
MATTERS_MATTER_DELETED	Deleted the matter `Matter name`
MATTERS_MATTER_RESTORED	Restored the matter `Matter name`

Users

Action type	Action text
USERS_VIEWED	Viewed the users page
USERS_MEMBER_PERMISSION_SYSTEMADMIN_ADDED	Granted the permission “System Administrator” to `User name`
USERS_MEMBER_PERMISSION_SYSTEMADMIN_REMOVED	Removed the permission “System Administrator” from `User name`
USERS_MEMBER_PERMISSION_TEMPLATES_ADDED	Granted the permission “Template Administrator” to `User name`
USERS_MEMBER_PERMISSION_TEMPLATES_REMOVED	Removed the permission “Template Administrator” from `User name`
USERS_MEMBER_DEACTIVATED	Deactivated the member `User name`
USERS_GUEST_DEACTIVATED	Deactivated the guest `User name`
USERS_MEMBER_ACTIVATED	Activated the member `User name`
USERS_GUEST_ACTIVATED	Activated the guest `User name`

Firm

Offices

Action type	Action text
OFFICES_VIEWED	Viewed the offices page
OFFICES_OFFICE_ADDED	Added the `office_name` office based in `location_name`
OFFICES_OFFICE_DELETED	Deleted the `office_name` office
OFFICES_OFFICE_EDITED_NAME	Changed the name of the `old_value` office to “`new_value`"
OFFICES_OFFICE_EDITED_LOCATION	Changed the location of the `office_name` office from `old value` to `new_value`
OFFICES_OFFICE_EDITED_SUBDIVISION	Changed the subdivision of the `office_name` office from `old value` to `new_value`

Setup

Settings

Action type	Action text
SETTINGS_VIEWED	Viewed the settings page
SETTINGS_MATTER_CONSENT_ON	Turned on setting that requires users to confirm consent before creating a matter
SETTINGS_MATTER_CONSENT_OFF	Turned off setting that requires users to confirm consent before creating a matter
SETTINGS_BYOK_VIEWED	Viewed the BYOK settings page
SETTINGS_BYOK_ROTATED	Rotated the encryption key used to encrypt your data
SETTINGS_BYOK_ARN_EDITED	Changed the ARN from `old_value` to `new_value`

Account

Action type	Action text
ACCOUNT_VIEWED	Viewed the account page
ACCOUNT_FAVICON_UPDATED	Updated the favicon

Integrations

Action type	Action text
INTEGRATIONS_VIEWED	Viewed the integrations page

DocuSign

Action type	Action text
INTEGRATIONS_DOCUSIGN_ACCOUNT_ADDED	Added the `account_name` DocuSign account (`api_key`)
INTEGRATIONS_DOCUSIGN_ACCOUNT_ENABLED	Enabled the `account_name` DocuSign account (`api_key`)
INTEGRATIONS_DOCUSIGN_ACCOUNT_DISABLED	Disabled the `account_name` DocuSign account (`api_key`)
INTEGRATIONS_DOCUSIGN_ACCOUNT_DELETED	Deleted the `account_name` DocuSign account (`api_key`)
INTEGRATIONS_DOCUSIGN_ACCOUNT_UPDATED_NAME	Changed the name of the `old_name` DocuSign account (`api_key`) to `new_name`
INTEGRATIONS_DOCUSIGN_ACCOUNT_EMAIL_STATUS	{Added} / {Removed} an email template for the `account_name` DocuSign account (`api_key`)
INTEGRATIONS_DOCUSIGN_ACCOUNT_EMAIL_TEXT	Updated the text of the email template for the `account_name` DocuSign account (`api_key`)
INTEGRATIONS_DOCUSIGN_ACCOUNT_MEMBERS_ALL	Enabled all members to use the the `account_name` DocuSign account (`api_key`)
INTEGRATIONS_DOCUSIGN_ACCOUNT_MEMBERS_RESTRICTED	Restricted the `account_name` DocuSign account (`api_key`) to specific members
INTEGRATIONS_DOCUSIGN_ACCOUNT_MEMBERS_LIST	Updated the list of members who can access the `account_name` DocuSign account (`api_key`)

iManage

Action type	Action text
INTEGRATIONS_IMANAGE_SERVER_ADDED	Added the `server_name` iManage server
INTEGRATIONS_IMANAGE_SERVER_ENABLED	Enabled the `server_name` iManage server
INTEGRATIONS_IMANAGE_SERVER_DISABLED	Disabled the `server_name` iManage server
INTEGRATIONS_IMANAGE_SERVER_UPDATED	Changed the `field` for the `server_name` iManage server from `old_value` to `new_value` Field values that will appear are: location name URL API URL client ID client secret
INTEGRATIONS_IMANAGE_SERVER_MEMBERS_ALL	Enabled all members to use the `server_name` iManage server
INTEGRATIONS_IMANAGE_SERVER_MEMBERS_RESTRICTED	Restricted the `server_name` iManage server to specific members
INTEGRATIONS_IMANAGE_SERVER_MEMBERS_LIST	Updated the list of members who can access the `server_name` iManage server

SSO

Action type	Action text
INTEGRATIONS_SSO_ENABLED	Enabled SSO
INTEGRATIONS_SSO_DISABLED	Disabled SSO
INTEGRATIONS_SSO_UPDATED	Changed the `field` for the SSO integration from from `old_value` to `new_value` Field values that will appear are: entity ID log in URL x.509 certificate
INTEGRATIONS_SSO_MEMBERS_ALL	Enabled all members to use SSO
INTEGRATIONS_SSO_MEMBERS_RESTRICTED	Restricted the SSO to specific members
INTEGRATIONS_SSO_MEMBERS_LIST	Updated the list of members who can log in using SSO

Word templates

Action type	Action text
TEMPLATES_WORD_VIEWED	Viewed the Word templates page
TEMPLATES_WORD_LANDSCAPE_UPLOADED	Uploaded a Word landscape template
TEMPLATES_WORD_POTRAIT_UPLOADED	Uploaded a Word portrait template
TEMPLATES_WORD_LANDSCAPE_EDITED	Edited the Word landscape template
TEMPLATES_WORD_POTRAIT_EDITED	Edited the Word portrait template

Audit trial

Action type	Action text
AUDIT_TRAIL_DOWNLOADED	Downloaded the audit trail for the Legatics Administration System

Tracking matter activity with the audit trail

Administration system explained

Administration system releases

Deactivating and activating users in your environment

Tracking signing progress of Docusign documents