Review your site activities with the WP Activity Log Viewer

Before explaining what the Activity Log Viewer is, you have to know what the WordPress Activity Log is and how it works.

When a problem with your website occurs, the first thing you want to know is "What could have caused it?". By identifying the cause, it is much easier to find the solution. That's where the Activity Log steps in. It tracks and records all the activities and reports what is happening and what went wrong with your WordPress website. It will help you to identify the problem cause.

The WordPress Activity Log logs the all events. 

Note: It also identifies the actual PHP file used to send emails (so you can track it better) and identifies Post types when posts are updated.

The Activity Log Viewer configuration

The Activity Log Viewer is providing the report on all activities on your site and when these activities happen.

Important: What Activity Log will log depends on your Logging Level configuration. Only events with the levels selected will be logged. 
Also, under the main Tools menu > Docs > Event Details you can view all event details and their assigned levels:

For logs reviewing, you can use The Activity Log Viewer:

Information that it currently displays include:

  • Time/date - The time*date of the request to the site
  • The event
  • Message - An optional message for the event
  • Username
  • IP Address - The originating IP address of the request.
  • Whom that IP belongs to
  • Meta information

If you click the particular IP address, you'll be able to analyse this IP directly from within activity log.

Example

You may also filter logs if you want.

Example: Bot detection - invalid username login attempts

What does "Unidentified and not authenticated" mean?

"Unidentified" means that the request is from an IP address that is unidentified. It might be identified if it comes from a known service provider, such as Google, Bing, Pingdom, etc.

"Unauthenticated" means that when the request was sent to the site, there was no user authenticated.

The reason it says this in the log is because at the moment when a user clicked the login button, they weren't logged-in. So they're not authenticated at the instant the request is received by the server. The request is processed and then the user is authenticated. But when the request was initially received, the user was not authenticated.

Activity Log Glossary

Activity Log Glossary will help you to interpret activity logs, what they mean, what Shield setting is related to that particular log, and what action we recommend.

For further information about the power of the WP Activity Log, read our blog article here.

For examples of the Firewall entries in the Activity Log, how to interpret and whitelist parameters, read the article here