Logify 1.5.0 — From Activity Log to Audit Story
Logify Activity Log WordPress Audit Release Notes

Logify 1.5.0 — From Activity Log to Audit Story

By KaizenCoders

Logify 1.5.0 — From Activity Log to Audit Story

Every WordPress site eventually has a moment that starts with someone asking "what happened?"

A client emails on a Monday morning: a post they wrote on Friday is gone. Did someone delete it? Did it autosave incorrectly? Was the editor account compromised over the weekend?

An auditor sends a checklist before a renewal: provide a record of administrator logins, plugin updates, and configuration changes for the past quarter, in a single document.

A security team picks up a strange alert: there were two dozen failed login attempts at 3 AM GMT and you need to explain whether you're under attack or just looking at a misconfigured cron job.

A log of every event on your site is a great starting point. But a log on its own isn't an answer — you still have to go and look. You need to filter it. Export it. Read it. Share it. And the closer the deadline, the more frustrating each of those steps becomes.

Logify 1.5.0 is largely about closing that gap. The activity log is still there, recording every event. But now there's a dashboard for the at-a-glance view, an Export page that produces audit-ready PDFs, exclusion rules to cut the noise before it accumulates, real-time notifications for the things that matter, and an email digest that arrives in your inbox already summarised.

Here's what's new — and what each thing actually solves.

A Dashboard That Tells You What's Happening — Right Now

Open the Logify menu and the first thing you see is the new Dashboard. Five stat tiles across the top — Total Events, Today, Last 7 Days, Last 30 Days, and High Severity (7d) — give you a snapshot before you scroll.

Below that, a 30-day activity chart shows whether today is normal, busy, or unusual. Two cards next to each other show the most active event types and the most active users. The High Severity tile turns red the moment there's been an Alert+ event in the past week, so you can spot trouble before you start opening tabs.

For a free user, that's the whole dashboard. PRO subscribers see a second band of analytics below: a severity distribution donut, an activity heatmap (weekday × GMT hour) that makes it obvious when off-hours activity is unusual, a Top IP Addresses card, a security event trend chart, and an events-by-object-type breakdown.

The heatmap is the one that surprises people most. You think you know when your site is busy — but seeing it laid out as a 7×24 grid of intensity-coloured cells almost always reveals something. The Wednesday-at-2-AM cluster turns out to be an integration importing data. The Friday-evening spike is actually a single editor working on twenty posts before the weekend. The 3 AM brute-force burst stops looking like a bug and starts looking like exactly what it is.

Multi-Format Export — Including a PDF Built for Auditors

The new Tools page has an Export Logs tab with the same filter set as the activity log screen: date range, event type, user, minimum severity, and free-text search. What changed is the format dropdown.

You can now download your activity log as:

  • CSV — the existing format, with two new columns (Request ID and JSON metadata).
  • JSON — full rows with decoded metadata, wrapped with site, export timestamp, and a count. Drop it straight into an analytics tool.
  • HTML — a standalone styled report you can print or attach.
  • Plain text — one event per block, readable in any text editor or shell pipeline.
  • PDF — and this is the one that changes the workflow.

The PDF isn't a screenshot of a table. It's a paginated A4 document with a proper title block (site, URL, generation timestamp, applied filters, total entry count), a colour-coded table with severity labels, repeating headers on every page, zebra-striped rows, and a footer that reads "Confidential — for authorised review only" with a page count.

It's built specifically so you can hand it to an auditor, attach it to a compliance record, or include it in a post-incident report without further formatting. No watermarking from a third-party PDF service. No "Created with Microsoft Print to PDF" tag. No layout that breaks across pages.

If you've ever had to send "the past 90 days of administrator activity" to someone external, you know how much time goes into making that look professional. The new PDF format is meant to give you that for free.

Severity Badges and Smarter Filters

The Activity Log list table now has a Severity column with colour-coded badges. Informational events are blue, warnings are amber, alerts are orange, critical and emergency events are red. A glance at the list tells you which entries are worth looking at first.

Above the table, a redesigned filter bar lets you narrow by event type, user, minimum severity, and a date range — and the Export CSV button respects whatever filter set you have applied. No more "filter, then re-filter on the export page".

Bulk actions are back too. Select rows, choose Delete selected from the dropdown, and clean up old test events or noisy entries without leaving the screen.

Exclusion Rules — Cut the Noise at the Source

Settings > Exclusions is a new tab with six exclusion controls:

  • Excluded User IDs (comma-separated)
  • Excluded User Roles
  • Excluded IP Addresses (exact, IPv4 wildcards, or trailing-dot prefixes)
  • Excluded Event Types (whole categories like user or post)
  • Excluded Post Types
  • Excluded Post Statuses (auto-draft, inherit, and so on)

The rules are applied at the moment of insertion — excluded events never reach the database, so they never appear in dashboards, exports, or notifications.

In practice, this is what people use it for:

  • "Stop logging my own admin during heavy maintenance" → add your user ID.
  • "Stop the cron monitoring service from clogging the log" → exclude its IP.
  • "Drop the autosave noise" → tick Auto Draft and Inherit in Excluded Post Statuses.

You can keep the log focused on activity that actually means something.

Email Digest — Refreshed and Curated

The Email Digest has had a calm visual refresh. Pastel stat cards with deep coloured numbers replace the previous neon tiles, the period total now sits in a soft purple hero, and on mobile the stats stack two-per-row instead of one — so the digest actually reads well on a phone.

A new curated tip card appears just above the View Activity Log button. One randomly chosen tip per send, drawn from a rotation of Logify feature pointers and sister-plugin recommendations. It's small but it's the kind of thing that quietly increases the value of every digest.

The footer now reads "Powered by Logify v1.5.0" (or "Logify Pro v1.5.0"), so recipients always know which build sent the digest.

For PRO subscribers, the digest now includes an Advanced Insights section with the period's severity breakdown (Critical+, High), brute-force burst count, most active user, top IP address, and top event type — all scoped to the digest window.

Real-Time Notifications (PRO)

When something high-severity happens, you usually want to know now — not in next week's digest.

PRO 1.5.0 adds a notifications subsystem with four destinations:

  • Email — plain-text alerts to a list of recipients.
  • Slack — colour-coded attachments via an Incoming Webhook URL.
  • Generic Webhook — JSON POST with optional HMAC-SHA256 signing for downstream systems that need to verify the payload came from your site.
  • Syslog (UDP) — RFC 5424 frames to a collector like rsyslog, syslog-ng, or Logstash.

Each destination has the same filter set: an event-type allowlist, a minimum severity threshold, and a rate limit. Wire low-noise critical-only alerts to Slack while sending the full firehose to a syslog collector — and the rate limit makes sure a brute-force burst doesn't generate fifty Slack messages.

Every network call uses a 5-second timeout. Failures are swallowed silently so a misbehaving endpoint can never delay a user request.

Why This Release Matters

Activity logging has always been Logify's job. What 1.5.0 adds is the layer above it — the way you actually use the activity log when you need it most.

The dashboard answers "what's happening" without scrolling. The export gives you a document you can hand to someone external. Exclusions cut the noise before it becomes a problem. The digest tells you the story even on weeks you didn't open the dashboard. And notifications tap you on the shoulder when something needs your attention right now.

If you've been keeping Logify around as "the audit trail in case I need it", 1.5.0 is when it starts paying you back every week, not just on incident days.

Update from Plugins > Add New > Updates, or download the latest version from WordPress.org. Upgrade to PRO from kaizencoders.com/logify.

Happy auditing.

All posts
Next
Best URL Shortener Plugins for WordPress (2026)