SiteFort documentation
Audit Log
Every login, setting change, and admin action in one place. Use it to reconstruct incidents, review suspicious activity, and export evidence.
Audit Log
The Audit Log tracks user activity and system events. Use it to understand who changed a setting, when a lockout occurred, whether a sensitive tool was used, or whether plugin, theme, or core activity preceded an incident. If audit logging is disabled, the page shows Audit Logging is Disabled and provides Enable Audit Logging plus a link to Settings > Advanced. Enable it before you need evidence.| Area | Details | How to use it |
|---|---|---|
| Summary cards | Total events, Warnings, Critical, and Unique users. | Use to estimate activity volume and urgency. |
| Filters | All, Info, Warning, Critical, and search by event, user, or IP. | Filter before exporting or clearing to avoid losing context. |
| Event table | Event, User, Date & Time, Category, and IP Address. | Use for incident reconstruction and compliance review. |
| Header actions | Export CSV, Clear All, and Refresh. | Export before Clear All. CSV export protects fields from spreadsheet formula execution. |
| Event types | Authentication, password, user management, plugin, theme, core, hardening, site setting, lockout, audit clear, and default event details. | Correlate with Scanner findings and Traffic Log events. |