Audit Logging
eCourtDate provides comprehensive audit logging for security monitoring, compliance, and incident investigation. All logs are retained indefinitely and can be exported to external systems.
Console API Logs
- View at: console.ecourtdate.com (Logs section)
- Filter by: request data, method, URL, IP address, User Agent
- All API requests are logged automatically
See API Best Practices for monitoring and error handling guidance.
Real-Time Activity Logging
- Admin access to real-time activity logs
- Filter by IP address, user agent, date range
- Export to CSV and JSON formats
- Logs are never deleted
- Replay functionality for incident investigation
- IP intelligence and user agent comparison
Log Types
| Log Type | Contents | Examples |
|---|---|---|
| Security Logs | Authentication and access events | Login attempts (success/failure), MFA events, permission changes, failed API authentication |
| Audit Logs | Data and configuration changes | Record create/update/delete, configuration changes, user account modifications |
| Error Logs | System and integration errors | API errors, webhook delivery failures, integration errors |
Log Retention and Integrity
- Retention: Logs are never deleted. All security, audit, and error logs are retained indefinitely.
- Encrypted storage: Logs are encrypted at rest using AES 256-bit encryption within AWS GovCloud. See Encryption.
info
For details on log tamper-evidence controls and integrity verification mechanisms, contact the eCourtDate security team through the Help Center.
Access Controls on Logs
- Admin access: Audit logs are accessible to agency administrators through the Console
- RBAC applies: Log access is controlled by role-based permissions. See Access Control.
- Agency-scoped: Each agency can only view logs for their own data and activity
Automated Exports (SIEM Integration)
Logs can be streamed in real time or exported in nightly batches to external systems. PII removal is available as an option before export.
| Destination | Type | Notes |
|---|---|---|
| Slack | Notification | Real-time alerts to Slack channels |
| Microsoft Teams | Notification | Real-time alerts to Teams channels |
| HTTP Webhook | Streaming | POST log events to any HTTPS endpoint |
| SFTP / SSH | Batch | Nightly export to SFTP server |
| Amazon S3 | Batch | Export to S3 bucket |
| Azure Blob Storage | Batch | Export to Azure Blob container |
| Datadog | SIEM | Real-time streaming to Datadog |
| Splunk | SIEM | Real-time streaming to Splunk |
Message Tracking
Track message delivery status and engagement through the API and dashboards:
- Track delivery status via API:
GET /messages/{uuid}/metas - Track opens:
GET /opens?message={uuid} - Monitor reports: app.ecourtdate.com/reports
- View dashboards: app.ecourtdate.com/dashboards
Compliance Use Cases
Audit logging supports several compliance requirements:
- CJIS audit access: Provides the audit trail required by the CJIS Security Policy for all access to criminal justice information
- FedRAMP continuous monitoring: Supports continuous monitoring requirements with real-time logging and automated exports
- Internal investigations: Replay functionality allows agencies to reconstruct event timelines, review actions taken by specific users, and correlate events by IP address or user agent
Related Pages
- Access Control: Role-based access to logs
- Incident Response: Using logs during security incidents
- Compliance Framework: CJIS and FedRAMP logging requirements
- Encryption: Log encryption details
- API Best Practices: API monitoring and error handling