Skip to main content

Data analyst

The data analyst monitors and analyses software-signing activity across development and production environments. 

Using Software Trust Manager, data analyst can:

  • Monitor software-signing activity

  • Analyse signing trends and operational performance

  • Investigate failed and denied signing events

  • Track keypair and certificate usage

  • Measure release signing activity

  • Support compliance and audit reporting

  • Export signing data for external analytics platforms

  • Export audit logs for audit activity and governance

  • Generate reports to provide actionable insights and support decision-making

Anmerkung

This role is not predefined. Create a custom user role by assigning the required permissions as needed.

The  Data Analyst  role contains the following permissions:

Category

Permission

Description

Notes

User settings

Default 

View their own user profile and generate their own API key and client authentication certificate in DigiCert ONE.

Account settings  

View health

View app health (API).

Audit logs

  • View audit logs

  • Export audit logs

  • View audit and signature logs.

  • Export audit and signature logs.

View audit log is required as an additional permission to export audit logs.

Certificates

View certificate

View certificate details in the account.

Keypairs

View keypair

View keypair details in the account.

Releases

View release

View releases in the account.

Ensure that: 

  • You have been assigned the appropriate read-only permissions

  • Your account has access to signature logs and audit logs

  • Signing activity exists within Software Trust Manager for analysis

  • Your organization has defined reporting requirements and KPIs

To review software-signing activity across teams, releases, and environments:

  1. Sign in to Software Trust Manager.

  2. Navigate to Logs > Signature Logs.

  3. (Optional) To isolate specific signing events for operational analysis, apply these filters:

    • User

    • Team

    • Keypair

    • Project

    • Certificate

    • Release

    • Signing Tool

    • Event Type

    • Data Range

  4. Review signing activity details, including signer, artifact, timestamp, certificate, keypair, signing tool, and signing status.

Signature logs help you see how signing resources are used across organization. You might observe patterns such as frequently used or under-used signing assets, as well as shared signing resources . Filte the logs by:

  • Keypair

  • Certificate

  • Project

  • Release

Patterns in failed or denied events might indicate operational bottlenecks or activity that requires operational or security review.

To identify operational bottlenecks and signing issues:

  1. Open Audit Logs and Signature Logs.

  2. Filter for:

    • Failed events

    • Denied events

    • Authorization failures

    • Resource access issues

  3. Review:

    • User

    • Timestamp

    • Event details

    • Affected resource

To measure signing activity across software releases:

  1. Filter by Project or Release.

  2. Review:

    • Number of signing events

    • Signing success rate

    • Signing-resource usage

    • Release timing

By analysing release activities, you can provide release-specific reporting and operational insights.

Use Audit Logs to analyse security and governance events related to signing controls.

  1. Navigate to Audit Logs.

  2. Review events related to:

    • Keypair creation

    • Keypair deletion

    • Keypair export requests

    • Certificate revocation

    • Approval workflows

  3. Filter audit activity by user, event type, or date range to gain visibility into signing governance activity and control effectiveness.

Export Software Trust Manager signing and audit data when your organization needs to include signing operations in broader enterprise reporting platforms.

To retrieve STM logs you must use the following method:

Audit logs

Swagger link

curl command example to get audit logs in a particular time window:

curl -X GET "https://one.digicert.com/signingmanager/api/v1/audit-log?account_id=1bba1de1-32e1-46be-9bb9-f82dea6e9081&limit=10&offset=0&start_timestamp=01-Jun-2026%2000%3A00%3A00&end_timestamp=16-Jun-2026%2023%3A59%3A59" -H "accept: application/json" -H "x-api-key: 01******5"

Signature logs

Swagger link

curl command example to get signature logs in a particular time window:

curl -X "GET" "https://one.digicert.com/signingmanager/api/v2/signatures?start_timestamp=01-Jun-2026%2000%3A00%3A00&end_timestamp=16-Jun-2026%2023%3A59%3A59" -H "accept: application/json" -H "x-api-key: 01******45"

External platforms (example

Common analysis uses

  • Splunk

  • Microsoft Sentinel

  • QRadar

Security investigations, operational dashboards, and long-term trend analysis.

  • Power BI

  • Tableau

  • Snowflake

  • Data Lakes

Executive reporting, compliance reporting, and analytics across signing activity.

  • GRC platforms

Governance and audit reporting supported by exported signing data.