{"id":332499,"date":"2026-07-12T01:41:16","date_gmt":"2026-07-12T01:41:16","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/compliance-audit-trail-evidence-logger\/"},"modified":"2026-07-12T01:40:58","modified_gmt":"2026-07-12T01:40:58","slug":"tbsh-compliance-audit-logger","status":"publish","type":"plugin","link":"https:\/\/wordpress.org\/plugins\/tbsh-compliance-audit-logger\/","author":23290644,"comment_status":"closed","ping_status":"closed","template":"","meta":{"version":"1.0.0","stable_tag":"1.0.0","tested":"7.0.1","requires":"6.2","requires_php":"8.0","requires_plugins":null,"header_name":"Compliance Audit Trail & Evidence Logger","header_author":"Techbysh","header_description":"Enterprise-grade compliance logging, audit evidence, security monitoring, and integrity verification platform.","assets_banners_color":"435984","last_updated":"2026-07-12 01:40:58","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"","header_author_uri":"https:\/\/techbysh.com","rating":0,"author_block_rating":0,"active_installs":0,"downloads":35,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.0.0":{"tag":"1.0.0","author":"techbysh","date":"2026-07-12 01:40:58"},"1.0.1":{"tag":"1.0.1","author":"techbysh","date":"2026-07-12 03:28:52"}},"upgrade_notice":[],"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3604396,"resolution":"128x128","location":"assets","locale":"","width":128,"height":128},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3604396,"resolution":"256x256","location":"assets","locale":"","width":256,"height":256}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3604396,"resolution":"1544x500","location":"assets","locale":"","width":1544,"height":500},"banner-772x250.png":{"filename":"banner-772x250.png","revision":3604396,"resolution":"772x250","location":"assets","locale":"","width":772,"height":250}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.0","1.0.1"],"block_files":[],"assets_screenshots":[],"screenshots":{"1":"Executive compliance dashboard displaying security scores, database integrity states, and framework readiness checkers.","2":"Granular activity log grid displaying event parameters and SHA-256 cryptographic signatures.","3":"Forensic timeline view tracing administrative actions chronologically.","4":"Database integrity checks showing verification logs and success statuses.","5":"Cyber risk 5x5 Heat Map detailing supply chain vulnerabilities and criticality levels.","6":"Temporary auditor portals access configuration panel.","7":"Cloud vaults storage sync credentials and transfer logs.","8":"AI-assisted threat mitigation panel outlining remediation summaries."}},"plugin_section":[262246],"plugin_tags":[49509,14361,267090,271145,271146],"plugin_category":[],"plugin_contributors":[243806],"plugin_business_model":[],"class_list":["post-332499","plugin","type-plugin","status-publish","hentry","plugin_section-dashboard-widgets","plugin_tags-audit-trail","plugin_tags-compliance","plugin_tags-nis2","plugin_tags-security-log","plugin_tags-tamper-evident","plugin_contributors-techbysh","plugin_committers-techbysh"],"banners":{"banner":"https:\/\/ps.w.org\/tbsh-compliance-audit-logger\/assets\/banner-772x250.png?rev=3604396","banner_2x":"https:\/\/ps.w.org\/tbsh-compliance-audit-logger\/assets\/banner-1544x500.png?rev=3604396","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/tbsh-compliance-audit-logger\/assets\/icon-128x128.png?rev=3604396","icon_2x":"https:\/\/ps.w.org\/tbsh-compliance-audit-logger\/assets\/icon-256x256.png?rev=3604396","generated":false},"screenshots":[],"raw_content":"<!--section=description-->\n<p>Is your website ready for a cybersecurity audit?<\/p>\n\n<p>When a website is hacked, the first thing intruders do is modify database logs to cover their tracks. Standard security plugins log user actions, but they do not guarantee that the logs themselves have not been altered or deleted.<\/p>\n\n<p><strong>Compliance Audit Log &amp; Tamper-Evident Security Trail<\/strong> transforms your WordPress dashboard into a secure GRC (Governance, Risk, and Compliance) platform. By combining real-time activity tracking with cryptographic SHA-256 chain verification, it ensures your security audit trails are immutable, verified, and legally defensible.<\/p>\n\n<h4>Cryptographic Log Integrity<\/h4>\n\n<p>Every log entry calculates a SHA-256 signature containing its contents and the signature of the preceding row. If an unauthorized actor inserts, deletes, or edits a log record directly in the database, the cryptographic chain breaks. The built-in verifier identifies exactly when and where the compromise occurred.<\/p>\n\n<h4>Fulfill Global Compliance Regulations<\/h4>\n\n<p>Designed to assist compliance officers, developers, and security teams in meeting strict international guidelines:\n*   <strong>NIS2 Directive (EU)<\/strong>: Fulfill Article 21 risk management and operational logging.\n*   <strong>DORA (Digital Operational Resilience Act)<\/strong>: Monitor ICT incident events and operational resilience.\n*   <strong>SOC 2 &amp; ISO 27001<\/strong>: Satisfy access control monitoring and configuration audit requirements.\n*   <strong>GDPR &amp; HIPAA<\/strong>: Mask IPs using HMAC-SHA-256 salted hashes and support data erasures.<\/p>\n\n<h4>Features (Free Version)<\/h4>\n\n<ul>\n<li><strong>Tamper-Evident Chaining:<\/strong> Link logs cryptographically using SHA-256 signatures.<\/li>\n<li><strong>Granular Activity Tracking:<\/strong> Log logins, session failures, plugin edits, and file updates.<\/li>\n<li><strong>Evidence Vault:<\/strong> Capture point-in-time snapshots of themes, active plugins, capabilities, and system configurations.<\/li>\n<li><strong>GDPR Privacy Masking:<\/strong> Anonymize client IP addresses using local cryptographic salts.<\/li>\n<li><strong>Forensic Timeline:<\/strong> Browse events chronologically through a responsive, filterable layout.<\/li>\n<li><strong>SIEM Export:<\/strong> Compile logs into CSV or JSON formats for security analysis.<\/li>\n<\/ul>\n\n<h4>Upgrade to Pro for Enterprise Governance<\/h4>\n\n<p>Unlock advanced features to manage cyber risks and supply chains networked across your organization:\n*   <strong>Off-site Evidence Vaults:<\/strong> Synchronize encrypted logs to AWS S3, Google Cloud, Azure, or SFTP.\n*   <strong>Automated Incident Detection:<\/strong> Trigger Slack, Discord, and Email alerts on brute force and privilege escalations.\n*   <strong>AI Incident Analysis:<\/strong> Suggest root-cause mitigations using integrated OpenAI, Claude, and Gemini models.\n*   <strong>Auditor Portal:<\/strong> Generate secure, expirable, read-only dashboard links for external compliance checkers.\n*   <strong>Risk &amp; Vendor registers:<\/strong> Track supplier risk metrics using an interactive 5x5 Heat Map.\n*   <strong>File Integrity Monitor:<\/strong> Validate core system checksums using official WordPress.org APIs.<\/p>\n\n<!--section=installation-->\n<ol>\n<li>Upload the <code>tbsh-compliance-audit-logger<\/code> folder to the <code>\/wp-content\/plugins\/<\/code> directory.<\/li>\n<li>Activate the plugin through the 'Plugins' menu in WordPress.<\/li>\n<li>Navigate to 'Compliance Logs' in the admin sidebar.<\/li>\n<li>Run your first database integrity check in the 'Integrity Center'.<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id=\"how%20does%20the%20cryptographic%20hash%20chain%20protect%20my%20logs%3F\"><h3>How does the cryptographic hash chain protect my logs?<\/h3><\/dt>\n<dd><p>Every log entry combines its ID, message, timestamp, and metadata with the hash of the preceding entry to calculate its own SHA-256 signature. If a database record is altered, its signature changes, causing validation checks to fail for that row and all subsequent rows.<\/p><\/dd>\n<dt id=\"does%20this%20plugin%20affect%20page%20load%20times%3F\"><h3>Does this plugin affect page load times?<\/h3><\/dt>\n<dd><p>No. The plugin uses an asynchronous-like queue. Logs are stored in memory during the runtime and written to the database during the WordPress <code>shutdown<\/code> hook, after the page has finished loading for the visitor.<\/p><\/dd>\n<dt id=\"can%20i%20use%20this%20on%20a%20wordpress%20multisite%20network%3F\"><h3>Can I use this on a WordPress Multisite network?<\/h3><\/dt>\n<dd><p>Yes. The plugin is fully multisite-ready, supports network-wide activation, and stores logs with site identifiers to allow filtering by site.<\/p><\/dd>\n<dt id=\"are%20ip%20addresses%20stored%20in%20a%20gdpr-compliant%20manner%3F\"><h3>Are IP addresses stored in a GDPR-compliant manner?<\/h3><\/dt>\n<dd><p>Yes. When IP address anonymization is enabled (default), client IPs are salted and hashed using HMAC-SHA-256 before insertion. They cannot be reversed to reveal the raw IP.<\/p><\/dd>\n<dt id=\"does%20the%20free%20version%20have%20any%20logs%20limits%3F\"><h3>Does the free version have any logs limits?<\/h3><\/dt>\n<dd><p>No. The free version does not limit the number of logs, exports, or evidence snapshots you can generate.<\/p><\/dd>\n<dt id=\"how%20do%20i%20run%20a%20database%20validation%20check%3F\"><h3>How do I run a database validation check?<\/h3><\/dt>\n<dd><p>Go to 'Compliance Logs' -&gt; 'Integrity Center' and click the 'Run Integrity Verification' button. The verifier will scan all records and report if any anomalies are found.<\/p><\/dd>\n<dt id=\"what%20happens%20if%20the%20hash%20chain%20is%20compromised%3F\"><h3>What happens if the hash chain is compromised?<\/h3><\/dt>\n<dd><p>If the Integrity Center reports a compromised status, it lists the exact log ID where the validation failed, indicating that the database row was modified or deleted.<\/p><\/dd>\n<dt id=\"how%20does%20the%20evidence%20vault%20work%3F\"><h3>How does the Evidence Vault work?<\/h3><\/dt>\n<dd><p>The Evidence Vault takes a snapshot of your site's technical configuration (plugins list, theme versions, user capability definitions, security constants). It provides proof of the site's state at a specific point in time.<\/p><\/dd>\n<dt id=\"can%20i%20export%20logs%20for%20external%20analysis%3F\"><h3>Can I export logs for external analysis?<\/h3><\/dt>\n<dd><p>Yes. You can generate CSV or JSON log exports from the Export Center, using filters like date ranges, compliance categories, or severity levels.<\/p><\/dd>\n<dt id=\"does%20this%20plugin%20support%20capability-based%20access%3F\"><h3>Does this plugin support capability-based access?<\/h3><\/dt>\n<dd><p>Yes. The plugin creates custom capabilities (<code>tbsh_cal_view_logs<\/code>, <code>tbsh_cal_view_evidence<\/code>, <code>tbsh_cal_export_data<\/code>, <code>tbsh_cal_manage_settings<\/code>, <code>tbsh_cal_verify_integrity<\/code>) assigned to administrators by default.<\/p><\/dd>\n<dt id=\"how%20often%20does%20it%20capture%20automated%20snapshots%3F\"><h3>How often does it capture automated snapshots?<\/h3><\/dt>\n<dd><p>If enabled in settings, the plugin runs a daily or weekly cron job to capture system configuration archives.<\/p><\/dd>\n<dt id=\"does%20it%20support%20wp%20gdpr%20personal%20data%20erasure%3F\"><h3>Does it support WP GDPR Personal Data Erasure?<\/h3><\/dt>\n<dd><p>Yes. When a WordPress data erasure request is completed for a user, the plugin anonymizes their data and automatically rebuilds the hash chain to keep the cryptographic audit trail unbroken.<\/p><\/dd>\n<dt id=\"where%20is%20the%20log%20data%20stored%3F\"><h3>Where is the log data stored?<\/h3><\/dt>\n<dd><p>All data is stored locally in dedicated custom database tables (<code>wp_tbsh_cal_logs<\/code>, <code>wp_tbsh_cal_evidence<\/code>, <code>wp_tbsh_cal_integrity<\/code>). No logs are written to default options tables.<\/p><\/dd>\n<dt id=\"what%20compliance%20tags%20are%20assigned%20to%20events%3F\"><h3>What compliance tags are assigned to events?<\/h3><\/dt>\n<dd><p>Events are automatically tagged with compliance categories such as Access Control, Identity Management, Authentication, Change Management, Security Monitoring, and Operational Security.<\/p><\/dd>\n<dt id=\"can%20i%20use%20this%20for%20security%20audit%20readiness%3F\"><h3>Can I use this for security audit readiness?<\/h3><\/dt>\n<dd><p>Yes. The Compliance Overview screen maps your active logs, settings, and verification histories to specific controls in ISO 27001, SOC 2, NIS2, and DORA frameworks.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.0.0<\/h4>\n\n<ul>\n<li>Initial release.<\/li>\n<li>Added cryptographic SHA-256 logs chaining.<\/li>\n<li>Implemented point-in-time evidence snapshots.<\/li>\n<li>Added GDPR-compliant IP masking controls.<\/li>\n<li>Installed compliance checklists for DORA, NIS2, and ISO 27001.<\/li>\n<\/ul>","raw_excerpt":"Tamper-evident compliance log &amp; security audit trail. Cryptographic chain verification &amp; evidence snapshots for NIS2, DORA, GDPR, and ISO 27001.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/332499","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=332499"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/techbysh"}],"wp:attachment":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=332499"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=332499"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=332499"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=332499"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=332499"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=332499"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}