Ideally, every time something happens on your WordPress website there would be a record of it. This applies if someone deletes a file, installs a new plugin, updates the content on a page, and much more. With a WordPress activity log, you’ll always know what’s going on with your site.
Having access to those kinds of records can make your life a lot simpler and improve user accountability. Audit trails, more commonly known as activity logs, make it easier to pinpoint the source of errors, keep track of what your team and know what is happening under the hood of your WordPress site.
In this article, we’re going to talk a bit about what WordPress activity logs are. Then we’ll go over some tips to help you get the most out of your logs. Let’s get to it!
An Introduction to WordPress Activity Logs
In short, an activity log is a chronological record, typically security related, that provides documented evidence of what happened on your site and when. Using the screenshot below as an example, from the audit trail (activity log) you can see who logged in and when, who modified the content of which pages and posts, who deleted posts, who changed the role of a WordPress user and much more!
Keeping these kinds of records can come in handy in a wide range of situations. Let’s break this down:
- It gives you a full picture of everything happening on your website – even when you’re not logged in.
- An activity log can provide you with critical information for troubleshooting purposes.
- Activity logs simply let you know what your team is up to, thus improving user accountability.
WordPress doesn’t include activity log functionality out of the box. As such, if you want the Content Management System (CMS) to keep a log of events and be able to search through them, you’ll need to install the WP Security Audit Log plugin.
With WP Security Audit Log, you get to track basically every event occurring on your WordPess website. This includes logins, updates to posts and pages, changes to user profiles, and practically any event you can think of. In addition, the plugin is fully configurable, so you can pick and choose the events you want to track.
It’s worth noting that the free version of our WP Security Audit Log plugin is a great start for most websites. There are no limitations of what it can keep a log of, and for how long in the free edition. However, when you upgrade to premium you get additional features such as SMS & Email Notifications, Activity Log Reports for WordPress, and Users Sessions Management.
4 Tips to Get the Most Out of Your WordPress Activity Logs
This section will use our own WP Security Audit Log to showcase how you can get the most value out of your logs. While the plugin works perfectly out of the box, you can optimize its settings to meet your specific requirements.
1. Disable the Event IDs You Don’t Want to See
The WP Security Audit Log plugin is known for its coverage and comprehensive activity logs. This way, you won’t ever miss an important event. However, not every WordPress site administrator is interested in all the details.
For example, imagine you work with a team of authors, and you want to see every time someone publishes a new post or modifies the content an existing one. However, you don’t really care if any of the custom fields in the posts are changed.
The smart move here would be to disable the latter events from showing up on your logs. To do so in WP Security Audit Log, head to the Audit Log > Enable/Disable Events screen in your WordPress dashboard. Here, you’ll find several tabs including every event:
Click on the Content & Comments tab and disable the events for custom fields.
Now it’s just a matter of saving the changes. To sum up, after installing your activity log plugin, we recommend that you configure the events it tracks. By default, the WP Security Audit Log will log as many events as possible, so if you only care about a few specific ones, disable the rest!
2. Consider the User Roles You Want to Monitor
As a security best practice, it is important to have as much logs as possible. In fact, many security professionals claim that there can never be enough logs. However, if for example you have an eCommerce store with thousands of customers and users, you might not want to keep a log of their actions. Especially if all they can do is login, logout and place orders. By default WordPress has the below list of user roles:
Your WordPress site can also have custom roles. For example when you install WooComemerce new roles are created, such as the Shop Manager role. By default, the WP Security Audit Log plugin will monitor all of these roles, including the custom ones. In fact our plugin is a fully blown WooCommerce activity log plugin.
To exclude a specific user role from your logs, navigate to the Audit Log > Settings > Exclude Objects tab. Inside, you’ll find an input placeholder that reads Exclude Roles. Type in the name of the role you want to exclude, and a drop-down list will let you select it:
Exclude other Objects from the Activity Log
The WP Security Audit Log plugin also allows you to exclude other objects from the activity log. As seen in the above screenshot you can configure the plugin to not keep a log of changes done from a specific user and IP address. You can also configure the plugin to not keep a log when changes are done to posts which have a specific post type, custom fields etc. Refer to the WP Security Audit Log plugin knowledge base for more information on how to exclude objects from the activity logs.
3. Configure SMS & Email Notifications
Having an activity log on your WordPress site is a good thing. And in an ideal world you have enough time to study the logs, learn about your employees etc. But let’s be honest – there’s little time to sort through pages of events each day. So you need to configure the plugin to instantly alert you via email or SMS when specific events happen, so you don’t miss anything.
To do so, navigate to the Audit Log > Notifications tab, where you can use the ‘trigger builder’ to configure new alerts:
We have a getting started with SMS & email notifications document which you can refer to for more detailed information on how to configure the notifications you need. The notifications trigger builder is mostly used for advanced criteria. For simple notifications you can also use pre-built notifications that include many common events, such as user logins and password changes:
When you set up the plugin, we recommend spending some time configuring the notifications so you can stay on top of the game. Here are some examples of situations where email alerts could come in handy:
- If someone is trying to log into your website at odd hours.
- When unknown IP addresses try to log into existing accounts.
- Someone edits one of your published posts or pages.
- Any time there’s a plugin installation or update.
4. Adjust Your Settings Periodically
Like any other aspect of your website and system, activity logs require upkeep. In other words, the events you want to keep an eye on right now may not be those you prioritize later.
Priorities change and employees come and go. Every employee has a different working schedule and way of doing things. If you have a remote business, every employee logs in from different locations and at different times. As the business grows you will have more people maintaining the website, configuring plugins and your eCommerce store. And your website need to be compliant with the PCI DSS requirement 10 to track and monitor all access.
With so many moving parts it is important to keep your activity log settings relevant. You might need to change the data retention settings, or segregate the activity logs from the main database. The scheduled reports, SMS & email notifications you configured a few months ago might not be relevant anymore, because your business is operating differently now. For example, up until a few weeks ago you needed to know whenever the new employee modifies a published page. However now you no longer need that. Or maybe you just published a very important new page and you want to make sure you are alerted when there are content changes.
So you have to keep all settings and notifications up to date. Always revisit the activity log plugin settings and occasionally tweak them so they suite your business needs. Even a few minutes every month will do, so you can consider whether you want to keep tracking the same events, or if your priorities have shifted.
Fine Tuning the Activity Logs to Meet Your Requirements
Having a detailed record of what goes on under the hood of your WordPress website is immensely helpful. This goes for practically any type of site. In our experience, activity logs are particularly useful when it comes to troubleshooting and increasing your site’s security and for eCommerce store owners, although that’s not the only relevant application.
However what matters to business A does not necessarily matters to business B. Hence why we developed the WP Security Audit Log plugin as a fully configurable plugin, to allow you to configure and fine tune every aspect of the activity logs so you can have the data matters to you and be instantly alerted when you need to.