Additional logging is available on our highest-tier plans for an additional fee to cover the additional load & performance hit incurred by more verbose logs.
The logs are available via a Dashboard page under “Event Log”. They can be filtered by date range, event name, and severity. Sorting is chronological or reverse-chronological.
We are currently able to log the following additional events for auditing purposes.
Authentication & Permissions:
- signin_failure -- a failure to authenticate a user during sign-in.
- password_reset_request -- a user has requested a password reset.
- password_reset_failure -- the password reset request failed to send or the password reset form does not pass validation.
- password_reset -- password has been successfully changed in response to a reset request.
- password_change -- user password has been successfully changed.
- password_change_failure -- user failed to change their password.
- session_start -- user authenticated.
- session_end -- user signed-out.
- security_denied -- user denied access because they lack the relevant permission(s).
- csrf_failure -- user attempted a request that may have been triggered by a CSRF attack.
- theme_changed -- a new site theme has been set.
- addon_enabled -- an addon has been enabled.
- addon_disabled -- an addon has been disabled.
- role_add -- user granted a new role.
- role_remove -- role revoked from a user.
- security_access -- user has accessed a path open only to admins or moderators.
- security_denied -- user was denied access to a path.
Requests and Responses:
- http_request -- an HTTP request has been sent from the application.
- http_response -- an HTTP response has been received from a request made by the application.
- http_response_error -- an error was encountered in response to an HTTP request sent from the application.
Some messages may convey no useful information to an end user, and are sent to aid in software development and troubleshooting. These events can generally be ignored.
- analytics_menu -- generated by the Advanced Analytics addon.
- jsconnect_success -- jsconnect data passed validation.
- jsconnect_error -- a failure to authenticate a jsconnect request (for a variety of possible reasons).
- sso_logging -- information about OAuth2 SSO events
- jwt_logging -- JSON Web Token events.
- saml_authrequest_sent -- the SAML request sent to IDP.
- saml_response_received -- the SAML response from IDP.
- saml_response_invalid -- information about errors in the SAML response.
- saml_profile -- the user information extracted from the SAML response.
- Emergency -- system is unusable.
- Alert -- action must be taken immediately.
- Error -- errors not requiring immediate attention.
- Warning -- exceptional occurrences not otherwise defined as errors.
- Notice -- normal but significant condition.
- Informational -- interesting events.
- Debug -- debug-level messages.