Audit Trail

Each transaction occurring during the process of signing a document is securely stored. Once a document has been completed, this log is then translated into an Audit Trail and attached to your final PDF document. However, you can also access a non-PDF version of your Audit Trail for any completed document by navigating to your Completed Documents list and selecting "Audit Trail" from the righthand button menu.

⚠️You might notice unknown IP addresses in your audit log

When a document is sent via email, it is good to keep in mind that some email clients have virus scanners included, which will open links in the email to scan them for malware. The scanner may scan the received signing link, and the scan can be performed from any IP address, not necessarily from the signer's IP. That IP address will be shown in the "document viewed" log as the signer himself opened the document from that address.

💡 Tip: To prevent having unknown addresses in the Audit Trail you can use the Signer Authentication feature. That way, the document interface will be blurred and the access restricted until the authentication code is entered.

 

Audit Log Type When does it occur?
Document creation-state logs
0181-file-add.png document created Occurs every time when a document is created.
0154-paper-plane.png document sent Occurs every time when a document is sent to a signer.
It is created once for every signer (even if the signer is the document owner).
0108-lock.png signer authentication Occurs when signer authentication via SMS is enabled for a signer.

Signer triggered logs

0786-file-preview.png document viewed

Occurs when the document is viewed by signers.

0210-register.png document signed

Occurs when the document is signed by a signer.

Conditions: If this was the last required signer, followed by document completed.

0925-prohibited.png document declined

Occurs when a document is declined by a signer.
There is an optional decline reason that will be stored in the audit trail as well.

Implications: Followed by document cancelled

0925-prohibited.png signer bounced

Occurs when email delivery fails for a signer, also known as bounce.

Implications: Followed by document cancelled

0925-prohibited.png signer removed

Occurs when a signer is removed from the signer list.

Conditions: This is possible only if the document has optional signers.

Implications: If all signers are removed this will cause the document to be cancelled, Followed by document cancelled’

0837-arrow-right.png document forwarded

Occurs when a signer forwards the document to some other person for signing. Forwarding always includes information about the name and email of the new signer and it might include a forwarding reason as well.

Conditions: It is not possible to forward documents with 2FA enabled. However, it is possible to forward documents when PIN is enabled, after successful PIN entry. The new signer will be asked for a PIN as well.

Implications: Followed by ‘document_sent’ log for sending to a new signer.

Team member triggered logs

0925-prohibited.png signer removed

Occurs when a signer is removed from the signer list.

Conditions: This is possible only if the document has optional signers.

Implications: If all signers are removed this will cause the document to be cancelled, Followed by document cancelled’

0925-prohibited.png document revoked

Occurs when the document is cancelled by the owner or a team member with privileges to cancel documents.

Implications: Followed by document cancelled

System triggered logs
0753-timer-crossed.png document expired

Occurs if the document is not completed within the given expiry time frame.

Implications: This action is triggered by Xodo Sign automatically.

Document end-states logs

0182-file-check.png document completed

Occurs when the document is successfully completed.

0925-prohibited.png document cancelled

Occurs when the document is cancelled for any reason.

Was this article helpful?
3 out of 8 found this helpful