Recently we took a look at some analytics tools for WordPress that give you a clearer picture of what your visitors are doing while they are accessing your website. These tools cover activities such as which pages your visitors view, where they click, and other aspects of how they interact with your content.
In today’s post though, we are going to look at some of the options for tracking what logged in users are getting up to on your WordPress website. Rather than looking at pages viewed, these plugins focus on back-end tasks and activities, such as logging in, editing content, working with themes and plugins, modifying files, and in some cases, a whole lot more.
If you need to keep an audit trail of what activities are being performed by logged in users on your WordPress admin dashboard area, these tools can provide a quick to implement solution.
Why Track Logged in User Activity on a WordPress Website?
It might seem a bit sneaky to log the activity or your registered and logged in users. However, apart from the obvious security benefits, there are some legitimate reasons for installing an audit or logging plugin.
Those supporting users on a WordPress website, or the website itself will greatly benefit from being able to quickly access an easy to read log of events in order to see what else was taking place when an issue occurred.
Being able to quickly see that an existing plugin was updated, or a WordPress setting was modified, right around the time an issue started occurring, allows admin users to quickly react to any problems that may arise.
Being able to do so without having to wade through server logs can be a real time saver. As some of the options featured in this article can also send out email and push notification on certain events, the support users don’t even have to wait for a problem to be reported before they can act.
If you are working with multiple authors on your blog, you can also use these tools to see what your new team members are doing, and then give them further instruction if you notice they are doing something incorrectly.
Another use for these auditing plugins is to deploy them to find out how the features and tools on the back-end of your website are being used. If you are running a large collaborative space and you need to monitor the uptake or new services or features, these tools can help you out.
Furthermore, if you want to see which of the content that is only available to logged in users, such as course materials, or documentation, these tools can give you an instant overview without the need to poll your users.
As you can see there are many good reasons why you might what to use one of these logging tools for WordPress, but with so many options available, which one is the best choice for your needs? Read on to find out.
Simple Login Log
If you want to keep things simple and just track who has logged into your site and when, Simple Login Log is all you need.
For those seeking detailed audit trails and activity logs, then the other options soon to come are a better choice, but for those with more basic needs, Simple Login Log is a good option.
As the name suggests, once this free plugin is up and running on your website, it will allow you to view any successful and unsuccessful login attempts on your website. The records include the username, role, time, and IP address to name a few of the options. The logs can be downloaded as a CSV file or filtered by username and date.
The settings for Simple Login Log are simply added to the general site settings page and from there you can set the number of days to keep the logs for, and opt to log failed login attempts.
If the capabilities of this plugin meet your requirements, then Simple Login Log is an easy to use tool you will have no trouble using.
If you are looking for the easiest to use option for getting a detailed picture of what your logged in visitors and users are doing, without being overwhelmed by data and settings, Simple History is a great choice.
Some of the events that are logged include activities related to posts and pages, attachments, comments, widgets, plugins, user profiles, user logins, as well as support for bbPress and Gravity Forms event logging. Developers can add their own plugins and services to the list of tracked items if required, by using the extender system.
The log is very easy to read and allows you to filter the events by type and user, as well as being able to search the history.
After activating the plugin, it can be configured through the brief set of options on the one-page settings screen. These controls allow you to choose where to show the Simple History report – on the dashboard and/or as a separate page – and the number of items to show per page.
You can also view the log of activity from your logged in users via a secret RSS feed. This is great as you can subscribe to the feed in your RSS reader of choice and then view the history without logging into your WordPress admin area. You can even view the feed on your phone or tablet for easy monitoring on the go.
Other options on the settings page allow you to manually clear the log, or simply let the database items be purged automatically after 60 days. You can also decide whether to log events for the widgets section of your WordPress site. It would be nice though, if you could export the logs for safekeeping.
With little in the way of options to wrestle with and a very easy to read log, Simple History is a great choice for anyone who wants a record of what logged in users are doing on their site that can be up and running today.
WP Security Audit Log
If you need more robust user tracking then the free WP Security Audit Log plugin and perhaps its premium extensions, is a better choice.
Once the plugin is installed on your website, you can choose which events and activities are logged. This includes a wide range of options covering almost any changes to posts, pages, and custom post types; theme file changes; media library uploads; theme and plugin status changes; user role activity, and a range of WordPress setting changes.
The WP Security Audit Log plugin also logs error messages that are generated on your site, making it a handy tool for troubleshooting issues after they’ve taken place.
The settings of this WordPress audit plugin allow you to define when to prune the log, either by the number of entries, or age of the alerts. Alternatively you can opt to never prune the logs, however this might not be a good idea for busy sites due to the size they could grow to.
Image: WP Security Audit Log Settings
You can also give individual users access to view the logs or manage the plugin, as well as restricting access for other admin users on your site. For extra security you can hide the plugin from the plugins page, so that anyone viewing the list of installed items won’t realise its installed on your site.
While you can’t search or filter the logs without purchasing the relevant premium extension, WP Security Audit Log does give you very detailed reports that make it easy to see almost everything that is taking place in the admin area on your WordPress website.
Stream offers detailed tracking of logged in users on a WordPress website. This service will also track tasks carried out by the WordPress software, such as updates, and cron jobs. Stream is available as a free service, with a premium upgrade available for $5 a month.
Once the plugin is activated on your website you can view the changes and activities that are taking place in real time. This can go a long way to helping you support and monitor your users more effectively, as well as getting the full picture when troubleshooting any issues.
The reports are detailed, without being difficult to make sense of. The options for filtering the logs make it very easy to find the activities you are looking for, no matter how busy the back-end of your website is.
Stream has built-in support for a number of popular WordPress plugins, adding detailed tracking to some of the tools you might already be using on your website. This includes bbPress, BuddyPress, Easy Digital Downloads, and WooCommerce to name just a few.
Through the plugin settings you can restrict access to the logs by user role or individual user accounts. The logs can also be output as feed for remote viewing.
The main differences between the free and premium version can be seen here. However, to summarise, the premium option gives you bigger logs, priority support, email and push notifications when certain events or changes take place, and interactive and responsive charts and reports.
After the upgrade to version 2, Stream now stores your user data in the cloud, rather than in your website’s database. This might be an issue for those working in certain fields, who need to be able secure their user data in specific ways to comply with industry regulations; so please bear that in mind when evaluating this option.
If you need a professional solution with support to match for a mission critical project, then the premium version of Stream could be just what you are looking for.
No matter what your needs are, there should be a WordPress plugin out there that will enable you to easily log and view the activities that are taking place on the back-end of your website.
Whether you just want a record of logged in users by using the Simple Login Log plugin, or you need the full set of audit features found in the likes of WP Security Audit Log or Stream, there is an option for you.
If you have any questions about these plugins or the topic of recording logged in user activities, please leave a comment below.