Viewing approval and signing archive events
CodeSign Protect offers robust options to view approval events and signing activity. Archive events are available in both the UI and from the REST API. This topic provides instruction for using the UI. To use the API, see auditing REST API endpoints.
NOTE For new enterprise customers, the signing archive is disabled by default on installation. For steps to enable it, see Signing archive options.
Using the CodeSign Protect UI
The Signing Activity page in the CodeSign Protect UI lists approval and signing events.
To access the Signing Activity page, click Signign Activity from the the CodeSign Protect menu bar. This page is accessible only to those with the Master Admin, Code Signing Administrator, or global Auditor role.
Viewing event details
When you first open the Signing Archive page, it displays an unfiltered list of archived events. Clicking the timestamp on any row opens detail pane for that entry.
See Field description reference for information on what details are available for each entry.
Searching for archive entries
The search bar in the top left allows you to search the event list. Just begin typing the value that you want to search on, and the event list will automatically begin to narrow based on your search term. The following columns are included in the search: Machine, Authenticated user, Command, Project, Environment, Flow, and Event type.
Filtering the Signing Activity page
You can use the filtering and column options at the top of the page to refine and customize your view. A number of pre-configured filters are available from the Quick Filters list.
Clicking Filters allows you to specify custom filters and combine multiple filters together. To combine filters, click Add Filter on the bottom left of the filter window, and you'll get another row to add to your filter. You can remove any row by clicking the close icon 
next to the filter you want to remove.
Adding filters from the event detail pane
Clicking an event's timestamp opens the event detail pane for that event. Clicking a value from that event's details pane allows gives you several options:
Choosing Set As Filter will remove any existing filters and apply the selected value as the only filter. Choosing Add To Filters will add this filter to existing filters.
Viewing Archive Retention settings
The top right corner of the Signing Archive page shows the current signing archive retention settings. These settings can be changed by an administrator in the global code signing properties. For more information, see Signing archive options.
Downloading to CSV
In addition to viewing the data on the Signing Activity page, you can also download the data to CSV using the Download to CSV option. This downloads all records that match the filtering criteria, and it includes all columns (not just those that are visible).
| Field | Description |
|---|---|
| Archive Entry ID |
The ID of the record. Each record is ordered sequentially. |
| Timestamp |
The time and date when the signing operation took place. |
| User ID |
The prefixed universal of the key user's identity. |
| User |
The username of the key user. |
| Action Type |
The action of the event archive entry |
| Event Type |
The result of the event archive entry |
| Event Type ID |
Log event ID in hexadecimal format. |
| Project |
The DN of the Code Signing Project. |
| Environment |
The DN of the Code Signing Environment. |
| Machine |
The name of the machine where the code signing operation took place. |
| Command |
The command that was used to sign. |
| Flow |
The DN of the Code Signing Flow. |
| Application Hash |
The hash of the application used to sign. |
| Artifact |
The hash or token that was signed. |
| Client Interface |
An integer representing the interface used to sign.
|
| Client Library Location |
The file system location of the client library on the signing machine. |
| Client Library Name |
The name of the library used to sign. |
| Client Library Version |
The version number of the client library. |
| Client Mechanism |
The mechanism used before hashing the data to send for signing. |
| Executable |
The executable used to sign. |
| Executable Location |
The file system location of the executable on the signing machine. |
| IP Address |
The IP address of the machine where the code signing operation took place. |
| Key Type |
The key type that was used to sign. |
| Key Vault ID |
SecretStore Vault ID of the signing private key. |
| Mechanism |
The Mechanism ID that represents the encryption algorithm for signing the software. |
| Remote Account |
Account of the user executing the signing command on the signing workstation. |
| Grouping |
A numerical representation of the thumbprint of the Request Identifier Fields used on the signing request. A value of |