=== WP Activity Log ===
Contributors: WPWhiteSecurity, robert681
Plugin URI: https://wpactivitylog.com
License: GPLv3
License URI: https://www.gnu.org/licenses/gpl.html
Tags: activity log, wordpress activity logs, security audit log, audit log, user tracking, security event log, audit trail, wordpress security monitor, wordpress admin, wordpress admin monitoring, user activity, admin, multisite, SMS alerts, wordpress monitoring, email notification, wordpress email alerts, tracking, user tracking, user activity report, wordpress audit trail
Requires at least: 4.4
Tested up to: 5.7
Stable tag: 4.3.0
Requires PHP: 5.5

The #1 user-rated activity log plugin. Keep a comprehensive log of the changes that happen on your site with this easy to use plugin.

== Description ==

<strong>THE MOST COMPREHENSIVE & EASY TO USE ACTIVITY LOG PLUGIN FOR WORDPRESS</strong><br />

Keep an [activity log](https://wpactivitylog.com/wordpress-activity-log/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description) of everything that happens on your WordPress sites and multisite networks with the WP Activity Log plugin to:

* Ensure user productivity
* Improve user accountability
* Ease troubleshooting
* Know exactly what all your users are doing
* Better manage & organize your WordPress site & users
* Easily spot suspicious behavior before there are security problems.

[WP Activity Log](https://wpactivitylog.com/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description) is the most comprehensive real time user activity and monitoring log plugin. It helps thousands of WordPress administrators and security professionals keep an eye on what is happening on their websites. It is also the most highly rated WordPress activity log plugin and have been featured on popular sites such as GoDaddy, Kinsta and WPBeginner.

[youtube https://www.youtube.com/watch?v=pgFEMIvKFTA]

> <strong>Note</strong>: The WordPress activity log is FREE. Features such as reports, email notifications, SMS alerts, search and many others are available in the <Strong>[Premium Edition](https://wpactivitylog.com/features/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)</strong>.
>

#### Maintained & Supported by WP White Security

WP White Security builds high-quality niche WordPress security & management plugins such as [Password Policy Manager for WordPress](https://www.wpwhitesecurity.com/wordpress-plugins/password-policy-manager-wordpress/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=PPMWP&utm_content=plugin+repos+description), a plugin with which you can ensure all your users use strong passwords.

Browse our list of [WordPress plugins](https://www.wpwhitesecurity.com/wordpress-plugins/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=all+plugins&utm_content=plugin+repos+description) that can help you better manage and improve the security of your WordPress websites and users.

### WordPress Changes & Details the Plugin Keeps a Log Of
As a comprehensive & complete WordPress activity log solution WP Activity Log does not just tell you that a post, a user profile, or an object was updated. It tells you exactly what was changed within the post, the user profile, or the object.

Below is a summary of the changes that the plugin can keep a record of:

* **Post, Page and Custom Post Type changes** such as status, [content changes](https://wpactivitylog.com/support/kb/how-keep-record-of-content-changes/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description), title, URL, custom field & other metadata changes

* **Tags and Categories changes** such as creating, modifying or deleting them, and adding or removing them from posts

* **Widgets and Menus changes** such as creating, modifying or deleting them

* **User changes** such as user created or registered, deleted or added to a site on multisite network

* **User profile changes** such as password, email, display name and role changes

* **User activity** such as login, logout, failed logins and terminating other sessions

* **WordPress core and settings changes** such as installed updates, permalinks, default role, URL and other site-wide changes

* **WordPress multisite network changes** such as adding, deleting or archiving sites, adding or removing users from sites etc ([activity logs for multisite networks](https://wpactivitylog.com/support/kb/activity-log-multisite-network-features/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)).

* **Plugins and Themes changes** such as installing, activating, deactivating, uninstalling and updating them

* **WordPress database changes** such as when a plugin adds or removes a table

* Changes on **WooCommerce Stores & products**, **Yoast SEO**, **WPForms**, **Gravity Forms**, **Advanced Custom Fields (ACF)**, **MainWP** and other popular WordPress plugins.

* **[WordPress site file changes](https://wpactivitylog.com/support/kb/wordpress-files-changes-warning-activity-logs/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)** such as new files are added, or existing ones are modified or deleted.

For every event that the plugin records it also reports the:

* Date & time (and milliseconds) of when it happened,
* User & role of the user who did the change,
* Source IP address from where the change happened.

Refer to [WordPress activity log event IDs](https://wpactivitylog.com/support/kb/list-wordpress-activity-log-event-ids/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description) for a complete list of all the changes WP Activity Log can keep a record of.

### Extend the Functionality of WP Activity Log
<strong>[Upgrade to WP Activity Log Premium](https://wpactivitylog.com/pricing/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)</strong> to:

* See who is logged,
* See what everyone is doing in real-time,
* Log off any user with just a click,
* Generate HTML and CSV reports,
* Export the activity log in CSV (ideal for integrations),
* Get notified via email of important changes,
* Get instant SMS message notifications of critical site changes,
* Search the activity log using text-based searches and use built-in filters to fine tune the searches,
* Store activity log in an external database to improve security,
* Mirror the WordPress activity logs to Slack, Papertrail, Syslog and other central log management and collaboration solutions,
* Configure archiving and mirroring of logs.

Refer to the [features and benefits page](https://wpactivitylog.com/features/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description) for more detailed information on the plugin's features.

### Free and Premium Support

Support for WP Activity Log is free on the WordPress support forums.

Premium world-class support is available via email to all [WP Activity Log Premium](https://wpactivitylog.com/features/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description) customers.

> <strong>Note</strong>: paid customers support is given priority and is provided via one-to-one email and over the phone. [Upgrade to Premium](https://wpactivitylog.com/pricing/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description) to benefit from priority support.
>

#### Other Noteworthy Features
On top of the comprehensive activity log, WP Activity Log also has a number of non-logging specific features that make it a complete WordPress logging solution, such as:

* Full [WordPress multisite support](https://wpactivitylog.com/support/kb/activity-log-multisite-network-features/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)
* Easily [create your custom alerts](https://wpactivitylog.com/support/kb/create-custom-events-wordpress-activity-log/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description) to monitor additional functionality
* Built-in [support for reverse proxies and web application firewalls](https://wpactivitylog.com/support/kb/support-reverse-proxies-web-application-firewalls/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)
* Integration with WhatIsMyIpAddress.com so you can get all information about an IP address with just a mouse click
* Limit who can view the WordPress activity log by either users or roles
* Limit who can manage the plugin
* Settings to [toggle (enable/disable) individual event IDs from the activity log](https://wpactivitylog.com/support/kb/exclude-logging-specific-change-activity-log/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)
* Configurable dashboard widget highlighting the most recent critical activity
* Configurable [WordPress activity log retention policies](https://wpactivitylog.com/support/kb/activity-log-retention-policies/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)
* User avatar is displayed in the events for better recognizability
* and much more...

Refer to the <strong>[WordPress activity log plugin datasheet](https://wpactivitylog.com/activity-log-plugin-datasheet/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)</strong> for a complete list of features.

### As Featured On:

* [GoDaddy](https://www.godaddy.com/garage/decode-security-logs-wordpress/)
* [Kinsta](https://kinsta.com/blog/wordpress-activity-log/)
* [Pagely](https://pagely.com/blog/2015/01/log-wordpress-dashboard-activity-improved-security-auditing/)
* [Shout Me Loud](https://www.shoutmeloud.com/wordpress-security-audit-log.html)
* [The Dev Couple](https://thedevcouple.com/wp-security-audit-log-review/)
* [WPKube](http://www.wpkube.com/improve-wordpress-security-wp-security-audit-log/)
* [WPLift](http://wplift.com/audit-wordpress-security-logs)
* [WP SmackDown](https://wpsmackdown.com/wp-plugins/wp-security-audit-log/)
* [SourceWP](https://www.sourcewp.com/wp-security-audit-log-plugin-review/)
* [Techwibe](https://www.techwibe.com/wp-security-audit-log-wordpress-plugin/)
* [KevinMuldoon.com](https://www.kevinmuldoon.com/wp-security-audit-log-review/)
* [Cloudways](https://www.cloudways.com/blog/monitor-wordpress-with-wp-security-audit-log-plugin/)
* [Collective Ray](https://www.collectiveray.com/wp/plugins/wordpress-security-audit-log)
* [BlogVault](https://blogvault.net/wp-security-audit-log-plugin-review/)
* [Firewall.cx](http://www.firewall.cx/general-topics-reviews/security-articles/1146-wordpress-audit-monitor-log-site-security-alerts.html)
* [Design Wall](http://www.designwall.com/blog/10-wordpress-multisite-plugins-you-shouldnt-live-without/)
* [Tidy Repo](https://tidyrepo.com/wp-security-audit-log-wordpress-activity-log/)
* [Monster Post](http://blog.templatemonster.com/2015/12/15/wp-security-audit-log-plugin-review/)
* [The Darknet](http://www.darknet.org.uk/2015/10/wp-security-audit-log-a-complete-audit-log-plugin-for-wordpress/)
* [WebEmpresa](https://www.webempresa.com/blog/auditando-cambios-en-wordpress.html)
* [KitPloit](http://www.kitploit.com/2016/10/wp-security-audit-log-ultimate.html)
* [EHacking](https://www.ehacking.net/2018/10/how-activity-log-wordpress-plugin.html)

#### WP Activity Log extensions for third party plugins

WP Activity Log can keep a detailed log of changes that happen on other plugins via activity log extensions. Below is the list of the [activity log extensions for third party plugins](https://wpactivitylog.com/extensions/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description):

* <strong>[WP Activity Log for WooCommerce](https://wpactivitylog.com/extensions/woocommerce-activity-log/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)</strong>: Install this extension to keep a log of changes you and yourr team do in the WooCommerce store settings, orders, products, coupons and much more.
* <strong>[WP Activity Log for Yoast SEO](https://wpactivitylog.com/extensions/yoast-seo-activity-log/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)</strong>: Install this extension to keep a log of the Yoast SEO plugin settings changes, and also of the on-page SEO changes you and your team make in the Yoast SEO meta box.
* <strong>[WP Activity Log for WPForms](https://wpactivitylog.com/extensions/wpforms-activity-log/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)</strong>: Install this extension to keep a log of the changes your team does in the WPForms plugin settings, forms, form files, entries (leads) and more.
* <strong>[WP Activity Log for Gravity Forms](https://wpactivitylog.com/extensions/gravity-forms-activity-log/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)</strong>: Install this extension to keep a log of the changes your team does in the Gravity Forms plugin settings, forms, forms settings, entries (leads) and more.
* <strong>[WP Activity Log for bbPress](https://wordpress.org/plugins/wp-security-audit-log-add-on-for-bbpress/)</strong>: Intall this extension to keep a log of changes in bbPress forums, topics, bbPress settings and more.
* <strong>[Activity Log for MainWP](https://wpactivitylog.com/extensions/mainwp-activity-log/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)</strong>: Install this MainWP extension to keep a log of the MainWP network changes and can see the activity logs of all child sites from one central location - the MainWP dashboard.

#### Related Links and Documentation

* [What is the WordPress activity log?](https://wpactivitylog.com/wordpress-activity-log/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)
* [List of WordPress activity log event IDs](https://wpactivitylog.com/support/kb/list-wordpress-activity-log-event-ids/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)
* [Why WP Activity Log](https://wpactivitylog.com/why-wp-activity-log/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)
* [WordPress Multisite Features](https://wpactivitylog.com/support/kb/activity-log-multisite-network-features/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)
* [The WP Activity Log plugin website](https://wpactivitylog.com/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)
* [Activity logs for MainWP](https://wpactivitylog.com/extensions/mainwp-activity-log/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)

#### WP Activity Log in your language!
We need help translating the plugin and the activity log events. Please visit the [WordPress Translate Project](https://translate.wordpress.org/projects/wp-plugins/wp-security-audit-log/) to translate the plugin. Drop us an email on support@wpwhitesecurity.com to get mentioned in the list of translators below.

* Italian translation by [Leonardo Musumeci](http://leonardomusumeci.net/)
* German translation by [Mourad Louha](http://excel-translator.de)
* Brazilian Portuguese translation by [Hudson Santos](https://www.smallbee.com.br/)
* Spanish translation by the [WP Body team](https://wpbody.com/)
* French translations by Denis Moscato

== Installation ==

=== Install WP Activity Log from within WordPress ===

1. Visit 'Plugins > Add New'
1. Search for 'WP Activity Log'
1. Install and activate the WP Activity Log plugin
1. Allow or skip diagnostic tracking

=== Install WP Activity Log manually ===

1. Upload the `wp-security-audit-log` directory to the `/wp-content/plugins/` directory
1. Activate the WP Activity Log plugin from the 'Plugins' menu in WordPress
1. Allow or skip diagnostic tracking

== Frequently Asked Questions ==

= Support and Documentation =
Please refer to our [support pages](https://wpactivitylog.com/support/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description) for all the technical information and product documentation.

== Screenshots ==

1. The WordPress activity logs from where the site administrator can see all the user and site changes.
2. See who is logged in to your WordPress and manage users sessions with [Users Sessions Management](https://www.wpsecurityauditlog.com/premium-features/wordpress-users-sessions-management-tools/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)
3. The plugin settings from where site administrator can configure generic plugin settings such as [reverse proxy support](https://www.wpsecurityauditlog.com/support-documentation/support-reverse-proxies-web-application-firewalls/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description), who can manage the plugin etc.
4. The WordPress audit trail settings from where you can configure automatic pruning of alerts, which timestamp should be used and more.
5. Configuring WordPress email and SMS alerts with the [Email & SMS Notifications module](https://www.wpsecurityauditlog.com/premium-features/email-notifications-wordpress-activity-log/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)
6. Search in the WordPress activity log with the use filters to fine tune the search results.
7. The Enable/Disable events section from where Administrators can disable or enable activity log events.
8. The Log Viewer of a Super Admin in a WordPress multisite network installation with the Site selection drop down menu.
9. WP Activity Log is integrated with the built-in revision system of WordPress, thus allowing you to see what content changes users make on your WordPress posts, pages and custom post types. For more information read [Keep Record of All WordPress Content Changes](https://www.wpsecurityauditlog.com/support-documentation/how-keep-record-of-content-changes/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description)
10. Mirror the WordPress activity log to an external solution such as Syslog or Papertrail to centralize logging, ensure logs are always available and cannot be tampered with in the unfortunate case of a hack attack.

== Changelog ==

= 4.3.0 (2021-05-20) =

Release notes: [WP Activity Log 4.3: The new mirroring module & integrations](https://wpactivitylog.com/wsal-4-3-0/)

**New features**
	* The new [WordPress activity log mirroring module](https://wpactivitylog.com/features/integration-mirroring-tools-wordpress-activity-log/): mirror your website's activity log in real-time to AWS CloudWatch, Loggly, a log file and several other services.
	
**Improvements**
	* The activity log is mirrored to third party services in real-time.
	* Event metadata is included in the CSV reports. 
	* The severity levels of the activity log have been mapped to the standard severity levels documented in the RFC.
	* The event metadata in the mirrored activity log events is in JSON format.
	* Event type and Object metadata is included in the mirrored activity log events.
	* Changes by third party plugins for which an extension is available are no longer muted when extension is not installed.
	* Removed border from the first time install wizard (minor UI improvement).
	* Support for X-ORIGINAL-FORWARDED-FOR HTTP header (more info in [support for WAFS & reverse proxies](https://wpactivitylog.com/support/kb/support-reverse-proxies-web-application-firewalls/))
	* Plugin now is using the new in-plugin pricing page.
	* A much improved default SMS alert and email notification template.
	* Revamped the connections and mirroring wizards and included connectivity tests in them.
	* Improved the external db connection (now it is a persistent connection).
	
**Bug fixes**
	* Critical error was being reported when the failed logins notification was triggered.
	* Fixed an unhandled exception which occurred when the free edition was activated on a site where the premium edition was already activated.
	* Events time stamp in emails was not always the same as in the activity log.
	* Event ID 2065 (modified content) was reported unnecessarily after adding a custom field to a post.
	* Event ID 1010 (user requested password reset) was not reported when the password reset was requested from a custom user profile page.
	* In some cases, archiving of the activity log could not be disabled.

Refer to the [complete plugin changelog](https://wpactivitylog.com/support/kb/plugin-changelog/?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WSAL&utm_content=plugin+repos+description) for more detailed information about what was new, improved and fixed in previous versions of the WP Activity Log plugin.
