How to Exclue System Activity Logs?

Thank you for using our plugin @chcw

At the moment there is no way how to exclude system from the logs. However, what event IDs are you referring to? Because if they are system specific events then maybe the easiest solution is to simply disable those events.

Looking forward to hearing from you.

@robert681

Thank you. The events are various, incluing failed login, modify files, etc. It seems not appropriate to disable the events.

Thank you for the explanation @chcw. It helps. I now understand what you are seeing:

1) failed logins: in this case the plugin reports system because no user is associated with the failed login. For example, if someone tries to login with user XYZ and you do not have the user XYZ on your website, than that is considered as a failed login with an invalid user.

2) Modified files: the plugin has its own file integrity monitor to detect file changes on your website. When file changes are detected, and they are not done by a user, but for example when someone uploads a file, the plugin cannot report or associate a user with such change, so in that case, the System is reported.

I hope the above clearly explains how “System” is used in the plugin and why you cannot exclude it. Should you require any further clarification, please do not hesitate to ask.

Have a good day.

Are there any plans to be able to exclude events from unknown origins then? There are a ton coming in marked as the “System” user. This is adding a lot of extra data that I have no desire to see. In addition, it’s logging events that I’ve explicitly disabled.

Hello @jasonpiersonawana

Thank you for using our plugin. Please open a new thread for your question since you might be referring to different types of events. Thank you.