Skip to main content
Audit trail

Monitor your System Admins

Ryan Turner avatar
Written by Ryan Turner
Updated over a week ago

This provide a comprehensive record of every action performed by system administrators, ensuring that you have a clear and detailed account of all activities.


Making sense of the CSV


We don't show the audit logs in the system. They're currently only accessible through a downloadable CSV.

Data available

Data

Explanation

Source IP

The IP address of the user who took the action in the admin system

Date/time

The date/time the action was taken (UTC)

User ID

The UUID of the user who took the action in the admin system

User email

The email of the user

User name

The name of the user

Location

The location in the Admin System where the action was taken, being:

  • System

  • Reports

  • Matters

  • Users

  • Audit trail

Action type

The action the user took

✔️ See below for a list of action types recorded

Action text

Explanation of the action taken.

✔️ See below for the action text

Matter affected ID

If the action impacted a matter, the ID of the matter affected

Matter affected

If the action impacted a matter, the name of the matter affected

User affected ID

If the action impacted a user, the ID of the user affected

User affected name

If the action impacted a user, the name of the user affected

User affected email

If the action impacted a user, the email of the user affected


What actions are recorded?


All actions taken in the admin system are recorded. The full list is set out below, broken down by the area of the platform.

Audit trail records are only available from 14 February 2024 (when the new system was created)

System

Action type

Action text

SYSTEM_VIEWED

Viewed the Legatics Administration System

Action type

Action text

REPORTS_MATTERS_DOWNLOADED_CSV

Downloaded the matters report as a CSV file

REPORTS_MATTERS_DOWNLOADED_JSON

Downloaded the matters report as a JSON file

Action type

Action text

REPORTS_LISTS_DOWNLOADED_JSON

Downloaded the lists report for matter_name as a JSON file

Action type

Action text

REPORTS_USERS_DOWNLOADED_CSV

Downloaded the users report as a CSV file

REPORTS_USERS_DOWNLOADED_JSON

Downloaded the users report as a JSON file

Action type

Action text

REPORTS_ACTIVITY_DOWNLOADED_CSV

Downloaded the activity report as a CSV file

REPORTS_ACTIVITY_DOWNLOADED_JSON

Downloaded the activity report as a JSON file

Action type

Action text

MATTERS_VIEWED

Viewed the matters page

MATTERS_MATTER_ADDED_ADMIN

Added user name as a matter administrator to Matter name

MATTERS_MATTER_VIEWED

Viewed the matter Matter name as the organisation Organisation name

MATTERS_MATTER_DELETED

Deleted the matter Matter name

MATTERS_MATTER_RESTORED

Restored the matter Matter name

Action type

Action text

USERS_VIEWED

Viewed the users page

USERS_MEMBER_PERMISSION_SYSTEMADMIN_ADDED

Granted the permission “System Administrator” to User name

USERS_MEMBER_PERMISSION_SYSTEMADMIN_REMOVED

Removed the permission “System Administrator” from User name

USERS_MEMBER_PERMISSION_TEMPLATES_ADDED

Granted the permission “Template Administrator” to User name

USERS_MEMBER_PERMISSION_TEMPLATES_REMOVED

Removed the permission “Template Administrator” from User name

USERS_MEMBER_DEACTIVATED

Deactivated the member User name

USERS_GUEST_DEACTIVATED

Deactivated the guest User name

USERS_MEMBER_ACTIVATED

Activated the member User name

USERS_GUEST_ACTIVATED

Activated the guest User name

Action type

Action text

OFFICES_VIEWED

Viewed the offices page

OFFICES_OFFICE_ADDED

Added the office_name office based in location_name

OFFICES_OFFICE_DELETED

Deleted the office_name office

OFFICES_OFFICE_EDITED_NAME

Changed the name of the old_value office to “new_value"

OFFICES_OFFICE_EDITED_LOCATION

Changed the location of the office_name office from old value to new_value

OFFICES_OFFICE_EDITED_SUBDIVISION

Changed the subdivision of the office_name office from old value to new_value

Action type

Action text

SETTINGS_VIEWED

Viewed the settings page

SETTINGS_MATTER_CONSENT_ON

Turned on setting that requires users to confirm consent before creating a matter

SETTINGS_MATTER_CONSENT_OFF

Turned off setting that requires users to confirm consent before creating a matter

Action type

Action text

ACCOUNT_VIEWED

Viewed the account page

ACCOUNT_FAVICON_UPDATED

Updated the favicon

Action type

Action text

INTEGRATIONS_VIEWED

Viewed the integrations page

DocuSign

Action type

Action text

INTEGRATIONS_DOCUSIGN_ACCOUNT_ADDED

Added the account_name DocuSign account (api_key)

INTEGRATIONS_DOCUSIGN_ACCOUNT_ENABLED

Enabled the account_name DocuSign account (api_key)

INTEGRATIONS_DOCUSIGN_ACCOUNT_DISABLED

Disabled the account_name DocuSign account (api_key)

INTEGRATIONS_DOCUSIGN_ACCOUNT_DELETED

Deleted the account_name DocuSign account (api_key)

INTEGRATIONS_DOCUSIGN_ACCOUNT_UPDATED_NAME

Changed the name of the old_name DocuSign account (api_key) to new_name

INTEGRATIONS_DOCUSIGN_ACCOUNT_EMAIL_STATUS

{Added} / {Removed} an email template for the account_name DocuSign account (api_key)

INTEGRATIONS_DOCUSIGN_ACCOUNT_EMAIL_TEXT

Updated the text of the email template for the account_name DocuSign account (api_key)

INTEGRATIONS_DOCUSIGN_ACCOUNT_MEMBERS_ALL

Enabled all members to use the the account_name DocuSign account (api_key)

INTEGRATIONS_DOCUSIGN_ACCOUNT_MEMBERS_RESTRICTED

Restricted the account_name DocuSign account (api_key) to specific members

INTEGRATIONS_DOCUSIGN_ACCOUNT_MEMBERS_LIST

Updated the list of members who can access the account_name DocuSign account (api_key)

iManage

Action type

Action text

INTEGRATIONS_IMANAGE_SERVER_ADDED

Added the server_name iManage server

INTEGRATIONS_IMANAGE_SERVER_ENABLED

Enabled the server_name iManage server

INTEGRATIONS_IMANAGE_SERVER_DISABLED

Disabled the server_name iManage server

INTEGRATIONS_IMANAGE_SERVER_UPDATED

Changed the field for the server_name iManage server from old_value to new_value

Field values that will appear are:

  • location

  • name

  • URL

  • API URL

  • client ID

  • client secret

INTEGRATIONS_IMANAGE_SERVER_MEMBERS_ALL

Enabled all members to use the server_name iManage server

INTEGRATIONS_IMANAGE_SERVER_MEMBERS_RESTRICTED

Restricted the server_name iManage server to specific members

INTEGRATIONS_IMANAGE_SERVER_MEMBERS_LIST

Updated the list of members who can access the server_name iManage server

SSO

Action type

Action text

INTEGRATIONS_SSO_ENABLED

Enabled SSO

INTEGRATIONS_SSO_DISABLED

Disabled SSO

INTEGRATIONS_SSO_UPDATED

Changed the field for the SSO integration from from old_value to new_value

Field values that will appear are:

  • entity ID

  • log in URL

  • x.509 certificate

INTEGRATIONS_SSO_MEMBERS_ALL

Enabled all members to use SSO

INTEGRATIONS_SSO_MEMBERS_RESTRICTED

Restricted the SSO to specific members

INTEGRATIONS_SSO_MEMBERS_LIST

Updated the list of members who can log in using SSO

Word templates

Action type

Action text

TEMPLATES_WORD_VIEWED

Viewed the Word templates page

TEMPLATES_WORD_LANDSCAPE_UPLOADED

Uploaded a Word landscape template

TEMPLATES_WORD_POTRAIT_UPLOADED

Uploaded a Word portrait template

TEMPLATES_WORD_LANDSCAPE_EDITED

Edited the Word landscape template

TEMPLATES_WORD_POTRAIT_EDITED

Edited the Word portrait template

Audit trial

Action type

Action text

AUDIT_TRAIL_DOWNLOADED

Downloaded the audit trail for the Legatics Administration System


Accessing the Audit Trail


The Audit Trail is conveniently available in CSV format, offering flexibility and ease of use. To access:

  1. Login: Enter the admin dashboard using your credentials.

  2. Navigate to Audit Trail: Find the "Audit trail" section in the sidebar.

  3. Download CSV: Retrieve the CSV for a detailed breakdown of system admin actions.


Need assistance?


If you have questions, need clarification, or require support while navigating the Audit Trail, our dedicated support team is ready to assist. Reach out via support@legatics.com and we'll be happy to help.

Did this answer your question?