Audit Log
Audit Log
The Audit Log is an append-only record of sensitive actions taken within JoomlaAI. It provides accountability and traceability for security-sensitive operations.
What is logged
Every event that changes data or invokes an AI provider is written to the audit log:
| Event type | Examples |
|---|---|
| API call | Chat message sent, scheduler job executed |
| Content action | Content approved, rejected, published, regenerated |
| Configuration change | API key updated, provider changed, budget rule modified |
| Authentication | Admin login (Joomla native), capability granted/revoked |
| System | Plugin installed, uninstalled, cron task executed |
| Error | Provider API error, budget exceeded, CSRF token failure |
Audit log list
Navigate to JoomlaAI → Audit Log.
| Column | Description |
|---|---|
| Timestamp | Date and time of the event (UTC) |
| User | Username of the actor (or [system] for cron-triggered events) |
| Event type | Category (see table above) |
| Action | Specific action (e.g., chat.send, content.publish, config.api_key_updated) |
| Target | Resource affected (e.g., session ID, job ID, setting name) |
| IP address | Client IP at the time of the action |
| Result | success or failure |
| Details | Expandable JSON with additional context |
Filtering
| Filter | Options |
|---|---|
| User | All / specific user |
| Event type | All / API call / Content action / Config change / System / Error |
| Result | All / Success / Failure |
| Date range | From / To |
| IP address | Filter by IP |
PII redaction
Sensitive values are automatically redacted before being written to the audit log. The following field names are masked:
api_key,apikey,api-keytoken,access_token,bearersecret,client_secretpassword,passwd
Redacted values appear as [REDACTED] in the Details column.
Append-only guarantee
The audit log table (#__joomlaai_audit_log / wpai_audit_log) has:
- No
UPDATEpermission granted to the application database user (recommended hardening). - No "edit" action in the UI.
- The "delete" action is restricted to
core.admin/manage_optionsand is itself logged.
In a high-security environment, configure the database user so that the application can only INSERT to the audit table (not UPDATE or DELETE).
Retention
Audit records are retained for 365 days by default. The daily cleanup cron job purges records older than the retention period.
To change:
- Joomla: Configuration → Data → Audit log retention (days)
- WP: Settings → Data Retention → Audit log (days)
Setting to 0 disables cleanup (records kept indefinitely — recommended for compliance).
Export
Click Export CSV to download the current filtered view as a CSV file. Columns match the list view.
Permissions
| Capability | Access |
|---|---|
joomlaai.audit / wpai_view_audit | View the audit log |
core.admin / manage_options | Export and delete audit records |
_Last updated: 2026-05-19 · v2.5.3_