Log Forwarding / Log Destinations

[bonny]

Simple History should support forwarding/sending events to other destinations for backup, compliance, and security purposes.

Problem Description

Simple History currently stores events only in the local WordPress database and displays them in the WordPress admin interface. This issue extends functionality by adding support for forwarding events to other destinations.

Use Cases

1. Compliance: Maintain logs for compliance requirements (SOC 2, GDPR, HIPAA, PCI DSS)
2. Security: Have backup logs that hackers cannot modify if they gain access to the system

Log Destinations

A destination can be:

• Text file (local backup)
• System syslog
• rsyslog server (remote)
• Remote database (MySQL/MariaDB)
• Cloud logging services (Papertrail/SolarWinds, Graylog, etc.)

Implementation

• Hook into simple_history/log/inserted action that fires after events are inserted into the database
• Create a common interface for different destination targets
• Focus on performance - avoid slowing down the site

Current Status: Complete ✅

All log destination channels are implemented and production-ready:

• File Channel (Free) - Local log files with rotation and security
• Syslog Channel (Premium) - Local syslog and remote rsyslog (UDP/TCP)
• External Database Channel (Premium) - MySQL/MariaDB for off-site compliance storage

Implementation Details

File Integration (Free):

• High-performance write buffering
• Rotation options: daily, weekly, monthly
• Human-readable log format
• Security: .htaccess protection, directory listing prevention

Syslog Channel (Premium):

• Local syslog via PHP syslog()
• Remote rsyslog via UDP/TCP sockets
• RFC 5424 format
• Test Connection button
• Auto-disable after consecutive failures

External Database Channel (Premium):

• MySQL/MariaDB support
• Hybrid schema with JSON context column
• Password encryption (AES-256-CBC)
• SSL/TLS support
• Test Connection button
• Auto-disable after consecutive failures

Future Possibilities

• Graylog (GELF protocol)
• Elasticsearch/ELK Stack
• SolarWinds/Papertrail
• AWS CloudWatch Logs
• S3 archive

---

Related Issues

• Alerts & Notifications #608 (Alerts & Notifications - split from this issue)
• Automatic Backups  #209
• Adding other log storage destinations? #114
• Support remote logging #366
• Simple-History-Add-Ons Code design #56

[bonny]

Progress:

[bonny]

Should use https://actionscheduler.org/ to send logs in background.

To consider: what if multiple destinations and one of them fail. Re-send automatically? Tell/warn user? Pause but continue sending other?

[bonny]

Is filter by from the dataviews package something we can use for the rules?

• https://make.wordpress.org/core/2025/11/11/dataviews-dataform-et-al-in-wordpress-6-9/#field-api-filterby
• https://wordpress.github.io/gutenberg/?path=/docs/dataviews-fieldtypes--docs

Options can have values. See storybook for examples: https://wordpress.github.io/gutenberg/?path=/docs/dataviews-fieldtypes--docs

[bonny]

Here's a blog post with some screenshots for this new feature:
https://simple-history.com/2025/coming-soon-forward-wp-logs-localfiles-syslog-remote-database/

[bonny]

First version live now:
https://simple-history.com/2025/simple-history-5-21-0-released/