I asked some of my co-workers (native English speakers) and they say that “Audit Log” and “Audit Logs” are both grammatically correct, so I will leave the text like it is and safe the trouble to commit a change like that.
Regarding the usage of the custom events, yes you can send whatever you want to the API service, as long as the regular expression defined in the plugin inside function “SucuriScanAPI::get_logs” is able to process it. I suggest you to also read the code inside function “SucuriScanEvent::report_event” and “SucuriScanAPI::send_log” which contain some of the logic used to stored the logs remotely.
I would be surprised to know that no one have attempted to send arbitrary data to see how the plugin behaves, maybe there is a vulnerability there that could allow you to steal information from a website if you are able to inject some code through the logs. You can even get money if you find a security bug like that [1] (wink).
[1] https://hackerone.com/sucuri
