Audit Trail options explained
A full detailed log of each and every event that happens on a WordPress site is critical to knowing what threats the website is facing and if, and how, they’re being handled.
Every single event in the Shield system has a log “level” or “severity”. By default, Shield will switch on Alert, Warning & Notice events. If you’re seeing any issues and you’d like more information about what’s happening on a site, you can enable extra levels as you require.
What logging levels your audit trail is going to log depends on your settings under the Audit Trail module => Configure.
Important: Only events with the levels selected will be logged.
There are 2 types of log destination settings available:
- Log To Database
Shield logs all security events to the database. This has always been the case and is unchanged, (though you have the option to disable this).
You can specify the logging levels when using the local database.
Note: Debug and Info logging should only be enabled when investigating specific problems.
- File Logging Level
For file-based logs - specify the logging levels when using the local filesystem. You can log events to the file system, and you can select which log levels are sent to that location (separately from the DB log levels).
Under the main menu => View Docs => Event Details you can view all event details and their assigned levels:
Auto Clean option
Events older than the number of days specified will be automatically cleaned from the database.
For more information on these audit trail options, read the blog article here.