Before explaining what the Audit Trail Viewer is, you have to know what the Audit Trail is and how it works.


When a problem with your website occurs, the first thing you want to know is "What could have caused it?". By identifying the cause, it is much easier to find the solution. That's where the Audit Trail steps in. It tracks and records all the activities and reports what is happening and what went wrong with your WordPress website. It will help you to identify the problem cause.


The Audit Trail is composed of the several contexts and every context has 1 or more related events.


Read here on how the Audit Trail works and what the contexts are.


Note: Audit Trail also identifies the actual PHP file used to send emails (so you can track it better) and also identifies Post types when posts are updated.

The Audit Trail Viewer settings

The Audit Trail Viewer is providing the report on all activities on your site and when these activities happen.


For logs reviewing, go to the Audit Trail section => View Log:

Information that it currently displays include:

  • Time/date - The time*date of the request to the site
  • The event
  • Message - An optional message for the event
  • Username
  • IP Address - The originating IP address of the request.
    Note: If you click on the particular IP address, an IPs section page will open up in the separate tab. Here you'll be able to analyse this IP.
    Read more about this here.

You may also filter logs if you want. For example, vulnerable plugins repaired:

Audit Trail Glossary help link

We added this help link into the Audit Trail section. 

Audit Trail Glossary will help you to interpret audit trail logs, what they mean, what Shield setting is related to that particular log, and what action we recommend.


You can also download audit trail logs file if you want:

For further information about the power of the Audit Trail and its features, read our blog article here.


For examples of the Firewall entries in the Audit Trail, how to interpret them and whitelist parameters, read the article here