Complete audit logging#15

Shield already logs a lot of WP events, but it’s not logging everything. It would be helpful if it logged more events and provided simple API for custom logging. I would really hate to need to use another plugin like WP Security Audit for better logging.

What other sort of things do you want to see logged?

Right now, one thing I noticed it doesn’t track are all settings changes. I assume there’s more that’s not tracked. I’ll try to dedicate some time to review what’s been tracked and what’s missing. This would also include tracking some of the more popular plugins - WooCommerce, Yoast, ACF, caching plugins when cache is cleared.

One interesting item that would be worth tracking are changes to constants (WP_CACHE, WP_DEBUG, etc.) and when new constants are introduced.

the trick with auditing things like a change in constants is storing a snapshot of what was and comparing to what is. This is much trickier auditing than hooking into WP events as they happen.

We have a new system coming that will do just that, so we could probably tie-in tracking for constants etc. We’ll definitely consider it.

Also, auditing 3rd party plugin events is a very deep rabbit hole. We’d definitely consider adding extra auditing areas but ideally if they have security implications. If you need something to audit ecommerce events or SEO changes, sure you could argue that there’s a security implication there, but it’s much better coming from a dedicated auditing system. Otherwise you could expand auditing to absolutely everything.