Switchboard DOCS
Docs
Get Started Get Lifetime Deal

Activity Log

When something goes wrong on your site — content deleted, settings changed, unauthorized access — the first question is always “who did that and when?” Without an activity log, you’re flying blind. This module records every significant action so you always have answers.

Use Cases

  • Investigate security incidents by reviewing who logged in and from where
  • Track which editor published, modified, or deleted content
  • Monitor plugin and theme changes for unauthorized modifications
  • Meet compliance requirements (GDPR, SOC2) with audit trails
  • Hold team members accountable on multi-author sites

How It Works

The module automatically tracks actions as they happen:

  1. User performs an action (login, edit post, activate plugin, etc.)
  2. Module captures the action, user, timestamp, and IP address
  3. Data is stored in a dedicated database table
  4. View logs directly in Switchboard settings
  5. Old logs are automatically cleaned up based on retention setting

What Gets Tracked

CategoryEvents
AuthenticationLogin, logout, failed login attempts
ContentPost/page created, published, updated, trashed, deleted
PluginsPlugin activated, deactivated
ThemesTheme switched
UsersUser registered, deleted, profile updated
SettingsCore WordPress options changed (site name, URL, admin email)

Viewing the Log

Navigate to Tools → Activity Log or access the log through the module’s settings panel. The log displays:

ColumnDescription
Date & TimeWhen the action occurred
UserUsername who performed the action
RoleUser’s role at the time (admin, editor, etc.)
ActionWhat was done (login, post published, etc.)
DetailsObject name and type (post title, plugin name, etc.)
IP AddressWhere the action originated

The log shows the most recent 100 entries, sorted newest first.

Settings

SettingTypeDefaultDescription
Keep Logs For (Days)Number30Logs older than this are automatically deleted

For compliance purposes, you may need longer retention. GDPR audits typically require 30 days minimum, while SOC2 may require 90+ days. Adjust retention based on your requirements.

Understanding the Log Entries

Authentication Events

  • user_login — Successful login
  • user_logout — User logged out
  • login_failed — Failed login attempt (shows attempted username)

Content Events

  • post_created — New post/page started
  • post_published — Content published
  • post_draft — Content saved as draft
  • post_deleted — Content permanently deleted

Plugin Events

  • plugin_activated — Plugin turned on
  • plugin_deactivated — Plugin turned off

User Events

  • user_registered — New account created
  • user_deleted — Account removed
  • profile_updated — User profile changed

Settings Events

  • option_updated — Core settings changed (tracks: site name, description, URL, home, admin email)

Security Investigation Example

Scenario: You notice your site’s tagline was changed overnight.

  1. Open the Activity Log
  2. Look for option_updated actions
  3. Find the entry for “blogdescription”
  4. Check the user, time, and IP address
  5. Cross-reference with login events from the same time

Now you know exactly who made the change, when, and from where.

Data Storage

Activity logs are stored in a custom database table: wp_switchboard_activity_log

The table includes:

  • User ID and username
  • User role at time of action
  • Action type
  • Object type and name (what was affected)
  • IP address
  • User agent (browser info)
  • Timestamp

A daily cron job automatically cleans up logs older than your retention setting.

FAQ

Does this slow down my site?No. Log entries are written asynchronously and the database table is optimized with indexes. The overhead is negligible even on high-traffic sites.
Can I export the logs?Currently, logs are viewable in the admin interface. For exports, you can query the wp_switchboard_activity_log table directly using phpMyAdmin or a database tool.
Does it track changes to post content?It tracks when posts are created, published, and deleted — but not the actual content changes. For detailed content revision tracking, WordPress has built-in revisions (Settings → Writing → Post Revisions).
Why don’t I see some settings changes?The module tracks core WordPress settings (site name, URL, admin email). Plugin-specific settings and custom options aren’t tracked by default to avoid log noise.
Will the log get too big?The automatic cleanup keeps logs manageable. With default 30-day retention, even busy sites rarely exceed a few thousand entries. Adjust retention down if storage is a concern.
Can logged-in users see the activity log?Only administrators can access Switchboard and view the activity log. Regular users, editors, and authors cannot see it.

Activity logging starts when you enable the module. Historical actions before enabling are not captured.

PRO

Get access to all 147 modules with a single license

Upgrade to Pro
Prev
Security Headers
Next
Auto-Publish Missed Schedule