Audit Log
The Audit Log panel provides visibility into what is happening in an organization. An audit trail of all application management actions allows compliance with internal and external regulatory standards, and provides insight for debugging, security, and incident investigation.
Audit Logs are immutable and the reported data is retained for the lifetime of each customer.
The Audit Log panel is located in the Organization view of the VIP Dashboard.
Prerequisite
To access the Audit Log panel a user’s Org role must be set to “Member” or higher.
![](https://webcf.waybackmachine.org/web/20211130065058im_/https://docs.wpvip.com/wp-content/uploads/sites/2/2021/10/audit-log-dashboard.png?w=1024)
Structure of logged events
All recorded events display the following information:
Date & Time | When the event happened. Dates & times are shown in the local timezone of the person who is viewing the audit log screen. Hover over the time to see time in UTC. | Example: 12:20pm |
Actor | The user who performed the event. This will be a user within the organization, a VIP Support user (denoted by a “(VIP)” after their name), or an automation bot (Platform Bot). | Example: John Newton |
Description | A sentence describing the event. | Example: Added domain mytestdomain.com |
Target | What was affected by the event. An environment, a user, or the organization. | Example: mytestsite/production |
![](https://webcf.waybackmachine.org/web/20211130065058im_/https://docs.wpvip.com/wp-content/uploads/sites/2/2021/10/audit-log-example.png?w=1024)
Other relevant contextual information may be shown with specific events.
Types of logged events
All events for an environment listed below are reported in the Audit Log.
Domains
- A domain is added
- A domain is deleted
- A domain is set as primary
- A domain is updated
TLS/SSL Certificates
- Let’s Encrypt certificates are enabled on a domain
- Let’s Encrypt certificates are disabled on a domain
- Let’s Encrypt configuration is changed
- A certificate is added
- A certificate is activated for a domain
- A certificate is deactivated for a domain
- A certificate is updated
- A certificate is deleted
Backups
- A backup started
- A backup restore was requested
Imports
- An SQL import was requested
- A media import was requested
Data sync
- A data sync was queued
Basic auth
- Basic Auth has been enabled
- Basic Auth has been disabled
- A Basic Auth username/password combination has been added
- A Basic Auth username/password combination has been removed
- A Basic Auth username/password combination has been updated
IP Allow list
- IP Allow list functionality has been enabled
- IP Allow list functionality has been disabled
- An IP or CIDR range has been added
- An IP or CIDR range has been removed
- The list of IPs and CIDR ranges has been updated
Log shipping
- A log shipping configuration has been created
- A log shipping configuration has been updated
- A log shipping configuration has been deleted
- A log shipping configuration has been enabled
- A log shipping configuration has been disabled
WP-CLI commands
- A WP-CLI command has been run using the VIP-CLI
New Relic
- A New Relic license key is added
- A New Relic license key is updated
- A New Relic license key is removed
GitHub repository
- GitHub webhook is configured
- The associated GitHub repository or branch is updated
- GitHub deploy key added
- GitHub deploy key updated
- GitHub deploy key deleted
Application and environment lifecycle
- Application created
- Application launched
- Application retired
- Environment created
- Environment retired
Software upgrades
- WordPress upgrade
- PHP upgrade (minor and major version only)
- Node upgrade
User management
- A user creates an invitation
- A user accepts an invitation
- A user’s role is changed
- A VIP Support User is created
Environment Variables
- An environment variable is added
- An environment variable is updated
- An environment variable is deleted