By default the WP Security Audit Log plugin keeps 5,000 Security Alerts in the WordPress activity log (audit trial). Therefore when such limit is reached, older alerts are automatically deleted and are replaced by newer ones. You can configure the automatic pruning of security alerts from the plugin’s settings page, as explained in this post.
Configuring the WordPress Activity Log Retention
You can configure the WordPress audit log retention by number of alerts or by date. When you use the date option the plugin automatically deletes security alerts which are older than a specific date and time. To configure the audit log retention:
- Open the plugin Settings by clicking on the Settings node,
- Click on the Audit Log settings tab,
- Select any of the following options:
- None – no retention is configured, and logs are kept indefinitely.
- Delete alerts older than X months – use this option to delete alerts that are older than a specific date. This option is ideal if you want to keep data for a specific period of time.
- Keep Up to X – use this option to keep a specific number of alerts in the WordPress audit log.
In the premium version of the WP Security Audit Log plugin you can also use the Database & Integration tools to save the WordPress activity log in an external database rather than on the WordPress database. You can also configure a WordPress audit log archiving database so the main database size remains manageable.