REST API Log

Description

WordPress plugin to log REST API requests and responses (for v2 of the API).

Includes:

  • WordPress admin page to view and search log entries
  • API endpoint to access log entries via JSON
  • Filters to customize logging
  • Custom endpoint logging
  • ElasticPress logging

Find us on GitHub!

Roadmap

  • Better search capabilities for log entries via the REST API endpoint

Screenshots

  • Sample list of log entries
  • Sample log entry details

Installation

  1. Upload the wp-rest-api-log directory to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress
  3. Go to Settings -> REST API Log to enable or disable logging
  4. Go to Tools -> REST API Log to start viewing log entries

FAQ

How do I use ElasticPress logging?

ElasticPress is a plugin than interfaces WordPress to the ElasticSearch search service. Because ElasticSearch has its own REST API for indexing and searching data, it was a natural fit to extend logging support via this REST API Logging plugin.

You can go into Settings > ElasticPress to enable logging for requests & responses. You can also disable REST API logging if you only need ElasticPress logging.

Reviews

ሰነ 20, 2023
The clowns leaving this a 1 star obviously don't know what it's intended for... Yes... do NOT leave this plugin running constantly unless you know what you're doing and understand your particular WP environment and it's day to day API activity. More plugins than ever use the REST API to interact with WP and your database will increase in size exponential to it's activity. For most people this tool is intended to help troubleshoot specific API activities and is something that you only turn on for a short period of time while you're testing/monitoring specific API calls and responses.... and for that, it works beautifully. Thank you!!
ለካቲት 20, 2023
This extension will make your database huge, so be aware of this if using in production. I'd recommend turning it on for a short period then disabling. Filtering by request method (POST, GET etc.) does not work. Deleting data (at /options-general.php?page=wp-rest-api-log-settings) takes an absolute age, I'm tempted to do this manually in the database. I have ~105,000 log entries. I wish to delete these. According to the API responses, ~100 logs are being deleted every minute. I'm making direct POST requests to the WordPress API (using Postman) and the request method displayed in the log is always GET.The source IP is not always recorded - have tried the IP / X forwarded for option to resolve the IP too.
ግንቦት 4, 2021
its trash. whilst i do like the idea of the plugin, this tool is simply not working properly. guess it's abandoned. there is a filter build in to filter for the request type, but it does not work (simply doesn't filter at all). and there is an option, to purge logs, that are older than x days, but this doesn't work ether. and deleting the logs takes ages, you might want to do that in the db directly. so handle with care, as it will bloat the db and it'll be hard to find the data, you might be looking for..
ሰነ 22, 2020 1 reply
This was a legacy plugin for a client's website... I would not recommend it! It bloated our disk usage and one of the tables ended up with 22 million rows. Here are the queries we used to clean things up. -- Run first delete m from wp_posts p join wp_postmeta m on p.ID = m.post_id where post_type = 'wp-rest-api-log' -- Run second delete from wp_posts where post_type = 'wp-rest-api-log' -- Run third DELETE wp_term_relationships FROM wp_term_relationships LEFT JOIN wp_posts ON wp_term_relationships.object_id = wp_posts.ID WHERE wp_posts.ID is NULL;
Read all 22 reviews

Contributors & Developers

“REST API Log” is open source software. The following people have contributed to this plugin.

Contributors

“REST API Log” has been translated into 3 locales. Thank you to the translators for their contributions.

Translate “REST API Log” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

v1.7.0 May 8, 2023

  • Fixed bugs related to Method and Status filtering.
  • Removed deprecated FILTER_SANITIZE_STRING calls.
  • Updated highlight.js version
  • Updated clipboard.js version

v1.6.9 September 9, 2022

  • Updated highlight.js version
  • Updated clipboard.js version

v1.6.8 October 30, 2020

  • Updated the Purge All Entries functionality in the admin to purge batches of 25 at a time.
  • Updated CLI purge command with a progress bar.
  • Fixed ClipboardJS error (props itowhid06)

v1.6.7 March 31, 2019

  • Added admin notice about running the plugin on a production server
  • Set the default purge days to 7
  • Updated clipboard.js version

v1.6.6 November 9, 2018

  • Moved taxonomy registration to a separate file, made taxonomies not public to prevent them from automatically showing in Yoast SEO sitemaps
  • Updated highlight.js version
  • Updated minimum WP version to 4.7
  • Updated unit test framework

v1.6.5 July 26, 2017

  • Fixed some escaping issues in admin and new-line characters when saving to database (props davidanderson)
  • Updated highlight.js and clipboard.js versions

v1.6.4 May 26, 2017

  • Fixed an issue with the URL in the settings tabs (props davidanderson)

v1.6.3 March 28, 2017

  • Updated logging for multidimensional query parameters (props mnelson4)

v1.6.2 March 10, 2017

  • Fixed bug in HTTPS download URLs.
  • Fixed bug in download URL permissions.

v1.6.0 March 9, 2017

  • Added ability to download request and response fields as JSON files, as well as copy to clipboard.
  • Added button on settings page to Purge All Log Entries.
  • Tweaked some of the ElasticPress routes that skip logging.

v1.5.2 February 21, 2017

  • Fixed a bug with ElasticPress logging getting stuck in a loop regarding the _nodes/plugins URL.

v1.5.1 February 15, 2017

  • Removed hidden custom taxonomies from the navigation menu admin (props phh for the pull request).

v1.5.0 February 2, 2017

  • Added logging for the user making the request (props drsdre for the pull request).
  • Added Settings and Log links from the Plugins page.
  • Updated term fetching when viewing log entries for fewer database queries and better performance.
  • Updated highlight.js to 9.9.0

v1.4.0 January 23, 2017

  • Added the ability to filter routes for logging, either include or exclude specific routes.

v1.3.0 December 5, 2016

  • Added support for logging HTTP_X_FORWARDED_FOR, useful for servers behind a proxy or load balancer.
  • Changed plugin name to REST API Log
  • Changed the wp-rest-api-log post type ‘public’ setting to false to prevent it from showing up in searches.
  • Updated Highlight JS version to 9.7.0
  • Updated the internal process for granting administrator role access to the custom post type
  • Bug fix: Header values with colons were not being stored correctly.
  • Bug fix: Use proper HTML escaping when viewing log entries.

v1.2.0 July 6, 2016

  • Added support for ElasticPress logging
  • Fixed undefined constant error on Help page (props vinigarcia87)

v1.1.1 May 15, 2016

  • Fixed error during activation (props pavelevap)

v1.1.0 April 28, 2016

  • Added cron job to cleanup old log entries
  • Added setting to exclude the WP core /oembed API endpoint
  • Don’t diplay log entries in the Insert Link modal

v1.0.0-beta2 April 10, 2016

  • Switched from custom tables to built-in WordPress tables using a custom post type (wp-rest-api-log)
  • Method, status, and source are now tracked using taxonomies
  • Viewing log entries now uses the standard WordPress admin UI, includes filters for method, status, and source
  • Added admin settings with the option to enable or disable logging
  • Added WP-CLI support: wp rest-api-log
  • Added .pot file to support translations

NOTE: if you are upgrading from the previous version, you can run the “wp rest-api-log migrate” WP-CLI command to migrate your existing logs into the new custom post type

v1.0.0-beta1 July 9, 2015

  • Initial release