Overview #
The Audit Trail in DnXT Administrator provides a comprehensive, tamper-proof log of every action performed across the entire DnXT Suite. Every user login, document upload, configuration change, permission modification, and workflow event is recorded with a timestamp, the user who performed it, and relevant details. The Audit Trail is essential for regulatory compliance (21 CFR Part 11, EU Annex 11), internal governance, and security investigations.
With powerful filtering by date range, user, and action type, you can quickly locate specific events among thousands of log entries. Results can be exported for offline analysis and compliance reporting.
Accessing the Audit Trail #
- Log in to DnXT Administrator.
- Click Audit Trail in the left sidebar.
- The Audit Trail view opens with the filter panel at the top and the results table below.
Filter Panel #
The filter panel at the top of the Audit Trail view provides several controls to narrow down the results. All filters are optional — if no filters are applied, the system returns the most recent audit entries.
Date Range Filter #
Use the Start Date and End Date fields to define a time window for the audit query.
- Click the Start Date field to open the datepicker calendar.
- Select the beginning date of your desired range.
- Click the End Date field and select the ending date.
- The date format is DD/MM/YYYY. You can also type the date directly into the field.
Tenant Filter (Super Admin Only) #
If you are logged in as a Super Admin, a Tenant filter dropdown appears. This allows you to view audit records for a specific tenant or across all tenants. Regular administrators will only see audit records for their own tenant.
User Filter #
The User filter allows you to view audit records for a specific user.
- Click the User dropdown to open an alphabetical directory of all users.
- Scroll through the list or use the search box at the top of the dropdown to find a specific user.
- Click a username to select it. Only audit records for that user will be returned.
- To clear the filter and show all users, select the blank/default option at the top of the list.
Actions Filter #
The Actions filter lets you select which types of activities to include in the results. Actions are organized into a module-grouped checklist.
- Click the Actions dropdown to open the checklist.
- Actions are grouped by module (e.g., Publisher, Reviewer, Admin, System).
- Use the search box at the top of the dropdown to filter the action list.
- Check one or more actions to include them in the query.
- Use Reset Actions to clear all action selections.
Common action categories include:
| Category | Example Actions |
|---|---|
| Authentication | Login, Logout, Login Failed, Password Reset, 2FA Verification |
| User Management | User Created, User Updated, User Deleted, Role Changed, Group Assignment Changed |
| Permission Management | Module Access Updated, Resource Access Updated |
| Publisher | Dossier Created, Submission Created, Document Uploaded, Document Replaced, Submission Published |
| Reviewer | Dossier Imported, Document Viewed, Annotation Added, Correspondence Created |
| Configuration | Setting Changed, SMTP Updated, SSO Configuration Updated, Repository Registered |
| Workflow | Workflow Created, Workflow Published, State Transition, Email Sent |
Running the Query #
- Configure your desired filters (Date Range, Tenant, User, Actions).
- Click the Go button to execute the query.
- The results table below updates with the matching audit records.
Resetting Filters #
- Reset All — Clears all filters (date range, user, and actions) and resets the view to its default state.
- Reset Actions — Clears only the action selections while preserving the date range and user filters.
Audit Results Table #
The results table displays audit records matching your filter criteria. Each row represents a single audited event.
Results Toolbar #
The results table has its own toolbar with the following actions:
- Refresh — Reload the results with the current filters
- Export — Download the filtered results as a CSV file
- Pagination — Navigate between pages of results using the page controls at the bottom of the table
Audit Record Details #
The results are rendered by the AuditDetails component, which provides detailed information for each entry. Typical fields include:
| Field | Description |
|---|---|
| Date/Time | The exact timestamp when the action occurred |
| User | The username of the person who performed the action |
| Action | The type of action performed (e.g., Login, Document Uploaded, User Created) |
| Module | The DnXT module where the action occurred (Publisher, Reviewer, Admin) |
| Description | Additional context about the action (e.g., document name, dossier name, changed field values) |
| IP Address | The IP address from which the action was initiated |
| Browser | The browser used to perform the action |
Common Audit Trail Tasks #
Investigating a Security Incident #
- Set the Date Range to cover the period of the suspected incident.
- If you know which user is involved, select them in the User filter.
- In the Actions filter, select authentication-related actions (Login, Logout, Login Failed).
- Click Go to run the query.
- Review the IP addresses and browser information to identify suspicious access patterns.
- Expand the date range or add more action types if needed to build a complete timeline.
Compliance Audit Preparation #
- Set the Date Range to cover the audit period.
- Clear all other filters to capture the complete audit log.
- Click Go.
- Click Export in the results toolbar to download the full audit log as a CSV file.
- Provide the CSV file to your compliance team or auditor.
Tracking Configuration Changes #
- In the Actions filter, search for and select configuration-related actions (Setting Changed, SMTP Updated, etc.).
- Click Go.
- Review the Description column, which typically includes the before and after values for changed settings.
Monitoring User Activity #
- Select a specific user in the User filter.
- Set the Date Range to the period of interest.
- Leave the Actions filter empty to see all activity types.
- Click Go.
- The results show a complete timeline of everything that user did within the specified period.
Audit Trail Data Retention #
DnXT retains audit trail records indefinitely by default. Records are never automatically deleted. If your organization has specific data retention policies, contact DnXT Solutions support to discuss archival options.
FAQ #
Can audit trail records be modified or deleted? #
No. The audit trail is append-only and immutable. Records cannot be edited, deleted, or overridden by any user, including Super Admins. This is a fundamental requirement for regulatory compliance.
What date format does the audit trail use? #
The datepicker uses DD/MM/YYYY format. Timestamps in the results table include the full date and time in the user’s local timezone.
Can I set up automatic audit trail alerts? #
DnXT does not currently have built-in alerting for audit trail events. However, you can configure Workflow Manager email triggers for specific workflow state transitions, which serves a similar purpose for workflow-related events. For broader alerting, export the audit trail periodically and integrate with your organization’s SIEM or monitoring tools.
Does the audit trail record failed login attempts? #
Yes. Failed login attempts are recorded with the attempted username, IP address, and timestamp. This is valuable for detecting brute-force attacks or identifying users having trouble with their credentials.
How can I see what permissions were changed for a user? #
Filter the audit trail by the Permission Management action category. The description field will include details about which role or group was modified and what permissions were changed.
Is there a limit to how much data I can export? #
There is no hard limit on export size, but very large exports (covering years of data with no filters) may time out. Break large exports into smaller date ranges for reliable downloads.
