Shield

Export Audit Trail

Every Shield request has an immutable audit trail. The CSV export gives you a clean evidence packet for compliance hand-off, regulatory inquiries, or internal records. The export itself is logged so the trail records who pulled the evidence.

What's in the trail

Every action on a Shield request writes an audit entry: form submissions, identity attachments, acknowledgment emails sent, notification emails to your team, status changes, notes added, identity verifications and revocations, document accesses, closure email queues and failures, deadline warnings, overdue alerts, and the export action itself. Each entry includes a precise timestamp, the actor name and id, and event-specific details as JSON.

Open the request

Go to Shield > Requests and open the request whose trail you want to export. The Audit Trail panel sits at the bottom of the Detail page below the Add Note panel.

Click Export CSV

The Export CSV link sits in the top-right of the Audit Trail panel header. Clicking it downloads a file named {reference_number}_audit_trail.csv, for example DSAR-20260511-QZ2X_audit_trail.csv.

The CSV format

The file is RFC 4180 compliant. Columns:

  • timestamp - ISO 8601 UTC with sub-second precision
  • action - the canonical event name (request.submitted, status.changed, identity.verified, email.closure_queued, etc.)
  • actor_type - user, system, or lambda
  • actor_name - display name of the human or system process
  • actor_id - user id, "system", or "lambda"
  • reference_number - the DSAR reference (same on every row of the export)
  • details - event-specific JSON (reason for rejection, queue id, recipient list, etc.)

Commas, double quotes, and embedded newlines in the details column are properly escaped, so the file opens cleanly in Excel, Google Sheets, and any standard text editor without manual cleanup.

Tamper-evident export logging

Each export records itself as an audit.exported event with the format (csv) and the row count of the export. If you export twice, the second export includes the first export event in the file. This makes the trail tamper-evident: a regulator can see how many times the trail was pulled and by whom.

Tips

The row_count in the audit.exported details is the count at the moment of export, before the export entry was added. The next export will include the entry from the previous export. Keep that in mind if you're doing month-by-month archive exports.

When to export

Common scenarios:

  • Regulatory inquiry. A regulator asks for proof of how a specific DSAR was handled. Export the trail, attach to your response.
  • Pre-purge archive. Closed requests are auto-purged after AutoPurgeDays days. Export before that happens if you want a permanent record outside Shield.
  • Internal audit. Your legal or compliance team wants to sample DSAR handling. Export individual cases as evidence packets.
  • Hand-off. A different team is taking over a request and you want them to have the full context in one file.

Troubleshooting

Export downloads an empty file

The audit trail has zero rows. This is rare but possible if a request was just submitted milliseconds before you exported. Wait and re-export.

Excel mangles the CSV

Open via Excel's Data > From Text/CSV import wizard rather than double-clicking. The wizard handles the UTF-8 encoding and quoted columns correctly. Double-click opens often guess the delimiter wrong if there's no BOM.

Request was purged before I exported

The audit is gone alongside the request. There is no recovery from auto-purge. Export earlier next time, or extend AutoPurgeDays in Settings if your retention policy needs longer.

Related guides

Manage RequestsVerify Identity