Before explaining what the Audit Trail Viewer is, you have to know what the Audit Trail is and how it works.
When a problem with your website occurs, the first thing you want to know is "What could have caused it?". By identifying the cause, it is much easier to find the solution. That's where the Audit Trail steps in. It tracks and records all the activities and reports what is happening and what went wrong with your WordPress website. It will help you to identify the problem cause.
The Audit Trail is composed of the several contexts and every context has 1 or more related events.
Note: Audit Trail also identifies the actual PHP file used to send emails (so you can track it better) and also identifies Post types when posts are updated.
The Audit Trail Viewer settings
The Audit Trail Viewer is providing the report on all activities on your site and when these activities happen.
For logs reviewing, simply go to the Shield Security Dashboard and select the Audit Trail section to review the activities on your WP site. For example:
Information that it currently displays include:
- Time/date - The time*date of the request to the site
- The event
- Message - An optional message for the event
- IP Address - The originating IP address of the request.
Note: If you click on the particular IP address, an IPs section page will open up in the separate tab. Here you'll be able to analyse this IP.
Read more about this here.
You may also filter logs if you want. For example, vulnerable plugins repaired:
Audit Trail Glossary help link
We added this help link into the Audit Trail section.
Audit Trail Glossary will help you to interpret audit trail logs, what they mean, what Shield setting is related to that particular log, and what action we recommend.
For further information about the power of the Audit Trail and its features, read our blog article here.
For examples of the Firewall entries in the Audit Trail, how to interpret them and whitelist parameters, read the article here.