Title: BeziWorld Activity Log Author: beziworld Published: June 15, 2026 Last modified: June 15, 2026 --- Search plugins ![](https://ps.w.org/beziworld-activity-log/assets/banner-772x250.png?rev=3572574) ![](https://ps.w.org/beziworld-activity-log/assets/icon-256x256.png?rev=3572574) # BeziWorld Activity Log By [beziworld](https://profiles.wordpress.org/beziworld/) [Download](https://downloads.wordpress.org/plugin/beziworld-activity-log.0.5.1.zip) * [Details](https://wordpress.org/plugins/beziworld-activity-log/#description) * [Reviews](https://wordpress.org/plugins/beziworld-activity-log/#reviews) * [Installation](https://wordpress.org/plugins/beziworld-activity-log/#installation) * [Development](https://wordpress.org/plugins/beziworld-activity-log/#developers) [Support](https://wordpress.org/support/plugin/beziworld-activity-log/) ## Description BeziWorld Activity Log records what users do on your WordPress site: who logged in, who failed to log in, who changed a role, who edited their profile, who created or edited content, and more. The focus is user activity, and the goal is to make the capabilities competing plugins reserve for paid upgrades available for free. **Designed for performance.** Events are stored in a dedicated, indexed custom table( never in wp_posts), written in batches to keep request overhead low, while security- relevant events are persisted immediately. Retention pruning keeps the table lean automatically. **Designed for trust.** Each event is signed with a per-site HMAC and sealed into a hash-chained sequence of checkpoints, making after-the-fact tampering — including row insertion or deletion — detectable. Because an attacker with full server access could recompute local signatures, the latest checkpoint signature can be anchored off-host (emailed or sent to a webhook) so the integrity proof leaves the machine. **Designed for privacy.** IP logging is optional and can be anonymised at capture time. The plugin never phones home and never loads code from external servers. #### Highlights * Authentication and account activity: logins, logouts, failed logins (rate-limited to prevent log flooding), registration, role changes, profile and user-metadata changes, password resets, application passwords, user deletion. * Content activity: posts, pages and custom post types created, updated (with a field-level diff), status changes, trashing, restoring and permanent deletion; comments, media and taxonomy terms. * Clean, readable event viewer with severity badges, expandable detail rows, sorting, filtering and full-text search. * Granular configuration: enable or disable whole event groups or individual events. * Exclusion rules by IP/CIDR, user login, user ID, role and request path. * Plugin/theme and settings changes, navigation menus, and the GDPR personal-data request lifecycle. * Optional integrations: WooCommerce (orders, status changes, stock) and Yoast SEO (metadata and settings). * Real-time notifications — Slack, Discord, Telegram, email and generic webhook— by urgency or chosen event codes, delivered immediately or as an hourly digest. Free. * Optional login geolocation (via a provider you wire) with an automatic alert on a login from a new country. * Scheduled HTML summary reports emailed to the administrator (daily or weekly). * Statistics screen with daily-volume chart and category, user and event breakdowns. * Active session management: see who is logged in and terminate sessions. Free. * Tamper-evident integrity: per-row HMAC plus a hash-chained checkpoint sequence with optional off-host anchoring (email/webhook), verifiable with WP-CLI (`wp bzal verify-integrity`). * Real-time notifications also fire on a chosen set of event codes, regardless of urgency. * Configurable severity per event code, driving notifications and the security badge. * Optional anomaly detection: flags a rapid bulk-delete burst by one user and off- hours admin logins as high-severity alerts. * Admin-bar quick view: the latest events and a 24-hour security badge on every screen. * “Users online” view: who currently holds a session, with their most recent action, time and IP. * CSV and JSON export of the filtered log, with spreadsheet-formula-injection protection. * Read access via the REST API (offset and cursor pagination, plus an integrity- anchor endpoint) and optionally GraphQL, gated by capability. * Granular configuration: enable/disable whole event groups or individual events; exclusion rules by IP/CIDR, user, role and path. * Configurable retention with on-demand cleanup; UTC storage with display in your chosen timezone. * Fully translatable, with bundled Polish, German and Czech translations. ### External services This plugin works fully offline. It does not connect to any external service on its own. The following optional integrations are disabled by default and only ever contact a destination that you enter in the settings; each transmits a short summary of a logged event (such as the event description, the acting user’s login, the time, and — when IP logging is enabled — the IP address) at the moment the event occurs or, in digest mode, once per hour. * **Slack** — when you enter a Slack Incoming Webhook URL, matching events are POSTed to that webhook. See the Slack Terms of Service (https://slack.com/terms- of-service) and Privacy Policy (https://slack.com/trust/privacy/privacy-policy). * **Discord** — when you enter a Discord webhook URL, matching events are POSTed to that webhook. See the Discord Terms (https://discord.com/terms) and Privacy Policy (https://discord.com/privacy). * **Telegram** — when you enter a Telegram bot token and chat ID, matching events are sent through the Telegram Bot API at api.telegram.org. See the Telegram Terms( https://telegram.org/tos) and Privacy Policy (https://telegram.org/privacy). * **Generic webhook** — when you enter a custom webhook URL (for notifications or for off-host integrity anchoring), the corresponding payload is POSTed to that URL. The destination is yours; review its provider’s terms and privacy policy. * **Login geolocation** — disabled unless you both enable it and wire a provider through the `bzal_geolocate_country` filter. The plugin bundles no geolocation provider and makes no geolocation request by itself; any lookup is performed by the provider you supply, under that provider’s terms. Summary reports and notification emails are delivered through your site’s own WordPress mail system to the recipients you configure; they are not sent to any third party by this plugin. ## Screenshots [⌊The activity log viewer — severity badges, filters, search and expandable detail rows.⌉⌊The activity log viewer — severity badges, filters, search and expandable detail rows.⌉[ The activity log viewer — severity badges, filters, search and expandable detail rows. [⌊Statistics — headline figures, a daily-volume chart and a per-category breakdown.⌉⌊ Statistics — headline figures, a daily-volume chart and a per-category breakdown .⌉[ Statistics — headline figures, a daily-volume chart and a per-category breakdown. [⌊Settings — enable or disable individual events and override their severity.⌉⌊Settings— enable or disable individual events and override their severity.⌉[ Settings — enable or disable individual events and override their severity. [⌊Notifications and anomaly detection — Slack, Discord, Telegram, email and webhook, with bulk-action and off-hours alerts.⌉⌊Notifications and anomaly detection — Slack, Discord, Telegram, email and webhook, with bulk-action and off-hours alerts.⌉[ Notifications and anomaly detection — Slack, Discord, Telegram, email and webhook, with bulk-action and off-hours alerts. [⌊Users online — who currently holds a session, with their most recent action, time and IP.⌉⌊Users online — who currently holds a session, with their most recent action, time and IP.⌉[ Users online — who currently holds a session, with their most recent action, time and IP. ## Installation 1. Upload the `beziworld-activity-log` folder to `/wp-content/plugins/`. 2. Activate the plugin through the _Plugins_ screen in WordPress. 3. Open _Activity Log_ in the admin menu to review events, and _Activity Log Settings_ to configure retention, events and exclusions. ## FAQ ### Where are events stored? In dedicated custom database tables created on activation, not in the WordPress posts table, so your content queries are never affected. ### Will it slow down my site? Non-critical events are buffered and written in a single batched query on shutdown; security events are written immediately. Indexed columns keep the viewer responsive even on large logs. ### Does the plugin detect changes made directly in the database? No. Like every hook-based activity logger, it records actions that flow through WordPress. Direct SQL modifications bypass WordPress hooks and cannot be observed. ### Does it send my data anywhere? No. There is no tracking or telemetry, and the plugin never loads code from external servers. The only outbound requests are the optional integrations described under“ External services” below — every one is off by default and is sent only to an endpoint you configure yourself. ### Does it provide WP-CLI commands? Yes: * `wp bzal verify-integrity` — verify the per-row signatures and the checkpoint chain, reporting any detected tampering. * `wp bzal checkpoint` — seal a new integrity checkpoint immediately. * `wp bzal purge` — apply the retention policy now. * `wp bzal stats` — print the number of recorded events for the current site. ### Can developers extend it? Yes. The plugin exposes hooks for integration: * `do_action( 'bzal_event_logged', array $columns )` — fires after each event is stored; receives the event’s column map, for forwarding to your own systems. * `apply_filters( 'bzal_geolocate_country', string $country, string $ip )` — return an ISO country code for an IP to power optional login geolocation (no provider is bundled). * `apply_filters( 'bzal_user_meta_denied', bool $denied, string $meta_key )` — return true to keep a specific user-meta key out of the log. * `do_action( 'bzal_plugin_booted' )` — fires once the plugin has finished booting, for registering your own extensions. ## Reviews There are no reviews for this plugin. ## Contributors & Developers “BeziWorld Activity Log” is open source software. The following people have contributed to this plugin. Contributors * [ beziworld ](https://profiles.wordpress.org/beziworld/) “BeziWorld Activity Log” has been translated into 1 locale. Thank you to [the translators](https://translate.wordpress.org/projects/wp-plugins/beziworld-activity-log/contributors) for their contributions. [Translate “BeziWorld Activity Log” into your language.](https://translate.wordpress.org/projects/wp-plugins/beziworld-activity-log) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/beziworld-activity-log/), check out the [SVN repository](https://plugins.svn.wordpress.org/beziworld-activity-log/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/beziworld-activity-log/) by [RSS](https://plugins.trac.wordpress.org/log/beziworld-activity-log/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 0.5.1 * Hardening: settings inputs are now unslashed and sanitised at the point of access rather than across helper boundaries, satisfying Plugin Check static analysis. * Removed the redundant `load_plugin_textdomain()` call; bundled Polish, German and Czech translations load through WordPress just-in-time loading (the `Text Domain` and `Domain Path` headers are declared). #### 0.5.0 * Content, comment, media, taxonomy, menu, plugin/theme, settings, GDPR-request and user-metadata sensors. * WooCommerce and Yoast SEO integrations (loaded only when active). * Real-time notifications: Slack, Discord, Telegram, email, generic webhook — by urgency or per chosen event codes; immediate or hourly digest. * Optional login geolocation with a login-from-new-country alert. * Scheduled HTML summary reports; statistics screen with charts; admin-bar quick view with a security badge. * Active session management; CSV/JSON export with formula-injection protection. * Hash-chained integrity checkpoints with optional off-host anchoring and `wp bzal verify-integrity`; per-site partitioned on multisite networks. * REST (offset + cursor pagination + integrity-anchor endpoint) and optional GraphQL read access; advanced filters; dashboard widget; same-request event correlation. * Per-site partitioned integrity chain on multisite; optional full-text indexing of the event-data payload. * Configurable per-event severity and optional behavioural anomaly detection (bulk- delete burst, off-hours admin login). * Fast full-text search (MySQL FULLTEXT) across event object, user and message columns, with a LIKE fallback and an optional mode that also indexes the event- data payload. #### 0.1.0 * Initial release: custom-table storage, per-row HMAC integrity, authentication/ account sensor, event viewer, configurable retention with on-demand cleanup, event toggles and exclusion rules. ## Meta * Version **0.5.1** * Last updated **10 hours ago** * Active installations **Fewer than 10** * WordPress version ** 6.4 or higher ** * Tested up to **7.0** * PHP version ** 7.4 or higher ** * Languages * [Czech](https://cs.wordpress.org/plugins/beziworld-activity-log/) and [English (US)](https://wordpress.org/plugins/beziworld-activity-log/). * [Translate into your language](https://translate.wordpress.org/projects/wp-plugins/beziworld-activity-log) * Tags * [Activity Log](https://wordpress.org/plugins/tags/activity-log/)[audit log](https://wordpress.org/plugins/tags/audit-log/) [audit trail](https://wordpress.org/plugins/tags/audit-trail/)[security](https://wordpress.org/plugins/tags/security/) [user tracking](https://wordpress.org/plugins/tags/user-tracking/) * [Advanced View](https://wordpress.org/plugins/beziworld-activity-log/advanced/) ## Ratings No reviews have been submitted yet. [Your review](https://wordpress.org/support/plugin/beziworld-activity-log/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/beziworld-activity-log/reviews/) ## Contributors * [ beziworld ](https://profiles.wordpress.org/beziworld/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/beziworld-activity-log/)