Support » Plugin: Simple History – user activity log, audit tool » Who is the user “other” as defined in the history

  • I had someone come in and create an ADMIN ACCOUNT! But when I looked back in the Simple history it only shows as “Other” for the user that created it. This also shows up for when someone subscribes to our newsletter. Can you please tell me the roles assigned to the Other username?

    Thank you

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author eskapism

    (@eskapism)

    When “Other” is used as the one that did something that means that the plugin was unable to determine who was responsible.

    The plugin checks these things to determine who is responsible:

    – First it calls the function wp_get_current_user() to get the current logged in user. If a user is logged in then that user gets responsible for the action.
    – If something is done during a cron job then “WordPress” gets responsible for the action. The plugin checks if the constant DOING_CRON is set and is true.
    – If the constant WP_CLI is set and true then “WP_CLI” gets responsible for the action.

    So if all above “fails”, i.e. no user, no cronjob, no wp cli, then the user is “Other”.

    Now this does not explain who/what “Other” is in your case… :/ However, you could try to click the date/time of the logged event and a window pops up that perhaps contains some more clues of what’s going on. You can paste that info here and perhaps I can get a clue of what’s happening. (Before pasting just check that no sensitive information is included.)

    Thread Starter islandescapefo

    (@islandescapefo)

    Context data

    This is potentially useful meta data that a logger has saved.

    Key Value

    id 143422

    logger SimpleUserLogger

    level warning

    date 2021-07-20 22:55:56

    message Failed to login with username “{login}” (incorrect password entered)

    initiator web_user

    context_message_key user_login_failed

    login_id 1479

    login_email (deleted for privacy)

    login sarahbelle

    server_http_user_agent Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36

    _message_key user_login_failed

    _server_remote_addr 193.19.240.0

    THIS IS THE ONE THAT WAS ABLE TO CREATE THE ADMIN BELOW

    Other July 16, 2021 - 1:32 am (Jul 16, 2021 at 1:32)
    Created user f_islandescape (f_islandescape@the23app.com) with role administrator
    Context data
    
    This is potentially useful meta data that a logger has saved.
    
                        Key
                        	Value
                    
    
                            id
                            	142285
                        
    
                            logger
                            	SimpleUserLogger
                        
    
                            level
                            	info
                        
    
                            date
                            	2021-07-16 04:02:59
                        
    
                            message
                            	Created user {created_user_login} ({created_user_email}) with role {created_user_role}
                        
    
                            initiator
                            	other
                        
    
                            context_message_key
                            	user_created
                        
    
                            created_user_id
                            	2414
                        
    
                            created_user_email
                            	f_islandescape@the23app.com
                        
    
                            created_user_login
                            	f_islandescape
                        
    
                            created_user_role
                            	administrator
                        
    
                            created_user_first_name
                            	
                        
    
                            created_user_last_name
                            	
                        
    
                            created_user_url
                            	
                        
    
                            send_user_notification
                            	0
                        
    
                            server_http_user_agent
                            	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3538.77 Safari/537.36
                        
    
                            _message_key
                            	user_created
                        
    
                            _server_remote_addr
                            	46.39.72.0
                        
    
                            _server_http_referer
                            	https://islandescape.ca/wp-login.php?action=register

    Thanks eskapism,

    your explanation is very helpful, however, we had a weird experience, the page “shopping cart” (standard woocommerce page) was deleted by the user “other” too, how is this even possible, see log

    Other August 28, 2021 - 11:19 am (16 days ago)
    Moved page "Shopping Cart" to the trash
    Context data
    This is potentially useful meta data that a logger has saved.
    
    Key	Value
    id	28412
    logger	SimplePostLogger
    level	info
    date	2021-08-28 18:19:22
    message	Moved {post_type} "{post_title}" to the trash
    initiator	other
    context_message_key	post_trashed
    post_id	1424
    post_type	page
    post_title	Shopping Cart
    _message_key	post_trashed
    _server_remote_addr	70.32.112.0
    _server_http_x_forwarded_for_0	70.32.112.0
    _server_http_x_forwarded_for_1	70.32.112.0
    _server_http_referer	https://xxxxx.com/wp-admin/admin-ajax.php?action=wp_1_wc_privacy_cleanup&nonce=45ec62d50e

    Thanks

    Plugin Author eskapism

    (@eskapism)

    @ivanrojas I have no idea what could cause this. I found another user who had the same problem, unfortunately without a solution.

    I quickly looked att the action wc_privacy_cleanup and it does indeed trash pages, but it should not trash ordinary pages, only WooCommerce orders if I understand correctly. You could try to post the same question at the WooCommerce support forum, they can probably help you better.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Who is the user “other” as defined in the history’ is closed to new replies.