Audit Log
The Audit Log panel in the VIP Dashboard provides visibility into what is happening in an organization or an application. An audit trail of all management actions on the platform allows compliance with internal and external regulatory standards, and provides insight for debugging, security, and incident investigation.
Audit Logs are immutable and the reported data is retained for the lifetime of each customer.
Access the application view
All management actions that occur specific to that application are reported in the application’s Audit Log.
Prerequisite
To access the Application view of the Audit Log panel, a user must have at minimum an Org member role or an App admin role for that application.
To access the application view of the Audit Logs panel:
- Navigate to the VIP Dashboard for an application.
- Select an environment from the environment dropdown located at the upper left of the VIP Dashboard.
- Select “Logs” from the sidebar navigation at the left of the screen.
- Select “Audit” from the submenu.
Access the organization view
All management actions that occur on all applications belonging to the organization are reported in the organization’s Audit Log.
Prerequisite
To access the Organization view of the Audit Log panel, a user must have at minimum an Org member role.
To access the organization view of the Audit Logs panel:
- Navigate to the VIP Dashboard for an organization.
- Select “Audit Log” from the sidebar navigation at the left of the screen.
Structure of logged events
All recorded events display the following information:
Date & Time | When the event happened. Dates & times are shown in the local timezone of the person who is viewing the audit log screen. Hover over the time to see time in UTC. | Example: 12:20pm |
Actor | The user who performed the event. This will be a user within the organization, a VIP Support user (denoted by a “(VIP)” after their name), or an automation bot (Platform Bot). | Example: John Newton |
Description | A sentence describing the event. | Example: Added domain mytestdomain.com |
Target | What was affected by the event. An environment, a user, or the organization. | Example: example-app.production |
Additional relevant contextual information may be shown for some events.
Event permalinks
Each logged event has a unique and shareable permalink URL linked in the event’s timestamp. When the event’s permalink is selected, the Audit Log is filtered to display that event at the top of the list, and all prior events listed below it.
Types of logged events
Application and environment lifecycle | Application created |
Application retired | |
Environment created | |
Environment retired | |
Environment launched | |
A network site launch started on a WordPress multisite environment | |
A network site launch completed on a WordPress multisite environment | |
Basic Authentication | Basic Authentication was enabled |
Basic Authentication was disabled | |
A Basic Authentication username/password combination has been added | |
A Basic Authentication username/password combination has been removed | |
A Basic Authentication username/password combination has been updated | |
Code Deployment | Custom Deployment was enabled |
Default Deployment was enabled | |
The repository branch deploying to an environment was updated | |
A deployment finished | |
A deployment failed | |
Codebase: Plugins | A user initiated a pull request to update a plugin |
Data sync | A data sync was queued |
Database Backups | A database backup was requested |
A database backup for a network site was requested | |
A database backup was downloaded | |
A database backup was started | |
Domains | A domain was added |
A domain was deleted | |
A domain was set as primary | |
A domain was updated | |
A domain was verified | |
Environment variables | An environment variable was added |
An environment variable was updated | |
An environment variable was deleted | |
GitHub repository | GitHub webhook is configured |
The associated GitHub repository or branch was updated | |
GitHub deploy key added | |
GitHub deploy key updated | |
GitHub deploy key deleted | |
HSTS | HSTS settings have been updated |
Imports | A SQL import was requested |
A media import was requested | |
A media import was aborted | |
HTTP request Log Shipping | A log shipping configuration has been created |
A log shipping configuration has been updated | |
A log shipping configuration has been deleted | |
A log shipping configuration has been enabled | |
A log shipping configuration has been disabled | |
IP Allow list | IP Allow list functionality has been enabled |
IP Allow list functionality has been disabled | |
An IP or CIDR range has been added | |
An IP or CIDR range has been removed | |
The list of IPs and CIDR ranges has been updated | |
Media Backups | A media backup was started |
A media backup for a network site was started | |
A media backup was downloaded | |
New Relic | New Relic enabled |
New Relic disabled | |
New user given access to New Relic | |
Access to New Relic removed for a user | |
Personal Access Token | Personal Access Token expired due to inactivity |
phpMyAdmin | A phpMyAdmin session was started |
Purge the page cache | One or more URLs were purged from the page cache |
Single Sign-On for the VIP Dashboard | An identity provider (IdP) configuration was created |
An identity provider (IdP) configuration was updated | |
Assertion encryption was enabled on an identity provider (IdP) configuration | |
Assertion encryption was disabled on an identity provider (IdP) configuration | |
Email domains for Single Sign-On were updated | |
Enforce SSO for an organization was enabled | |
Enforce SSO for an organization was disabled | |
Software Versions | A software update was started |
TLS/SSL certificates | Let’s Encrypt certificates were enabled on a domain |
Let’s Encrypt certificates were disabled on a domain | |
Let’s Encrypt configuration was changed | |
A certificate was added | |
A certificate was activated for a domain | |
A certificate was deactivated for a domain | |
A certificate was updated | |
A certificate was deleted | |
VIP Dashboard access | A user created an invitation |
A user resent an invitation | |
A user accepted an invitation | |
A user canceled an invitation | |
A user’s role was added | |
A user’s role was updated | |
A user’s role was removed | |
VIP Support user | A VIP Support user was created on the WordPress environment |
WP-CLI commands | A WP-CLI command was run using VIP-CLI |
Last updated: December 05, 2024