Jeepers Peepers: WP Syslog

Jeepers Peepers: WP Syslog

Jeepers Peepers provides an extensible interface for recording WordPress events — user logins, file uploads, post deletions, etc. — to a standard system log.

The resulting audit trail can then be incorporated into powerful log-monitoring tools like OSSEC for pre-emptive protection and, in the unfortunate event of a hack, used as a vital reference in the post-mortem investigation.

The following events are automatically logged:

  • Content: wp_die() triggered;
  • Content: attachment deleted;
  • Content: attachment sideloaded;
  • Content: attachment uploaded;
  • Content: post deleted;
  • Content: post published;
  • Plugin: activated;
  • Plugin: deactivated;
  • Plugin: upgraded;
  • User: deleted;
  • User: login banned (via Apocalypse Meow);
  • User: login failed;
  • User: login succeeded;
  • User: new user;
  • User: password reset;

Each log entry records:

  • UTC timestamp;
  • Severity level;
  • User IP address (or 127.0.0.1 if automated);
  • Logged in username (if applicable);
  • Event message;

Log entries look something like this:

WordPressAudit 2017-05-24 16:35:45 [warning] yourdomain.com 68.256.55.123 "tiffany" "Deactivated plugin: look-see-security-scanner"

Screenshots

Changelog

0.5.1
new Initial launch!