# AuditEasy: Magento 2 admin activity log and audit trail

> Track every admin login, action, and data change in your Magento store - with revert, security alerts, and automated backups.

---

## Overview

AuditEasy is a Magento 2 admin activity logging module. Every login, product edit, configuration change, and data export is recorded with before-and-after values, the admin user responsible, and a timestamp. When something changes unexpectedly, you can trace it back in seconds - and on Growth or Pro plans, revert it without touching the database.

![AuditEasy admin actions log](images/overview.png)

This module helps you:

- Know exactly who changed what and when - products, prices, CMS, customers, configuration
- Receive instant email alerts when an admin exports order or customer data, or logs in from a new location
- Revert individual field changes or complete save actions without manual database edits (Growth/Pro)
- Keep your audit history backed up locally or to a remote FTP/SFTP server (Pro)
- See a per-entity changelog directly on the product or customer edit form

---

## When to use this

Use AuditEasy when you want to:

- Hold your team accountable for price or inventory changes that shouldn't have happened
- Detect unauthorized access - new login locations, brute-force attempts, off-hours logins
- Satisfy compliance or internal audit requirements with exportable logs
- Investigate a customer complaint by seeing the exact state of their record at any point in time
- Get notified whenever someone exports sensitive order or customer data

---

## Key capabilities

- Admin access log - records every login and logout with IP address, browser, and location
- Admin actions log - captures attribute-level before/after values for products, categories, CMS, customers, configuration, and more
- Revert functionality - undo a full save or a single field change directly from the actions log (Growth/Pro)
- Security notifications - email alerts for failed logins, new locations, export events, and unusual patterns (Growth/Pro)
- In-page changelogs - embedded audit history tab on product and customer edit forms
- Backup system - scheduled local or remote FTP/SFTP export of audit data (remote: Pro only)
- Plan-gated retention - 7 days (Seed), 30 days (Growth), 365 days (Pro)
- CSV export - download the access or actions log for offline analysis

---

## Installation

AuditEasy installs via Composer, then activates with a license key from your Moogento.com account. The whole flow takes about 5 minutes.

### Step 1: Get your Composer keys from Moogento.com

1. Sign in at **https://www.moogento.com** and open **My Plugins** in your account menu.
2. Find **AuditEasy** in the list of plugins you own.
3. Generate (or reveal) the Composer access keys for that plugin - a **public key** and a **private key**.
4. **Add your install domain to the key.** Each Composer key is tied to a specific domain - if you're installing on `yourstore.com`, add `yourstore.com` to the key's allowed domains. The Composer download will be rejected on any other domain.

If you run staging and production on different domains, add both - separate keys per environment are fine too.

### Step 2: Install the module with Composer

From your Magento 2 root directory:

```
composer require moogento/module-auditeasy
```

When Composer asks for credentials, paste the **public key** as the username and the **private key** as the password. They'll be cached in `~/.composer/auth.json` for future runs.

### Step 3: Enable the module in Magento

```
php bin/magento setup:upgrade
php bin/magento setup:di:compile
php bin/magento cache:clean
```

If you run `php bin/magento module:status Moogento_Auditeasy` you should see it listed as enabled.

### Step 4: Add your license key in the Moogento admin

1. Still on **https://www.moogento.com > My Plugins**, copy the **license key** for AuditEasy (separate from the Composer keys you used above).
2. In your Magento admin, go to **Stores > Configuration > Moogento > Licenses**.
3. Find the row for **AuditEasy** and paste the license key.
4. Click **Save Config**, then run `php bin/magento cache:clean` once.

The license validates within a few seconds. You should see the module's status flip to active. If it stays inactive, double-check the domain on the license matches where you've installed - domain mismatch is the most common cause.

---

## Setup overview

Most setup happens in:

Stores > Configuration > Moogento > AuditEasy

You'll mainly work with:

- General - enable the module
- Audit & Log: Scope - choose which sections and admin users to monitor, and how long to keep logs
- Security: Backups - configure local or remote backup tasks
- Security: Notifications - set up email alerts for critical security events

---

## Common setups

### Track all admin changes to products and prices

Enable comprehensive logging so every product edit, price change, or inventory adjustment is recorded with the before and after values.

#### How to set it up

1. Go to:
   Stores > Configuration > Moogento > AuditEasy > Audit & Log: Scope > Log which: Sections

2. Set:
   - Access: Admin = On
   - Edits: Products = On
   - Edits: Categories = On (recommended)
   - Edits: Config. = On (recommended)

3. Go to:
   Stores > Configuration > Moogento > AuditEasy > Audit & Log: Scope > Log which: Admins

4. Set:
   - Enable each admin user you want to monitor in the permissions table

5. Save config

![Audit & Log Scope configuration](images/config-actions.png)

#### Notes

- Failed logins from all users are always recorded as long as "Access: Admin" is enabled - this setting only controls successful logins and action logging
- Enabling more sections produces larger log tables; start with the sections your team edits most frequently
- Your plan limits how many admin users can be monitored: 2 on Seed, 5 on Growth, unlimited on Pro

---

### Get email alerts when someone exports order or customer data

Security notifications warn you immediately when an admin exports sensitive data or logs in from an unfamiliar location.

#### How to set it up

1. Go to:
   Stores > Configuration > Moogento > AuditEasy > Audit & Log: Scope > Log which: Sections

2. Set:
   - Access: Admin = On
   - Exports: Order data = On
   - Exports: Customer data = On

3. Go to:
   Stores > Configuration > Moogento > AuditEasy > Security: Notifications

4. Set:
   - Enable: critical warning emails = Yes
   - Send to: Email = your security contact address

5. Save config

![Security Notifications configuration](images/config-security_notifications.png)

#### Notes

- Security notifications require "Access: Admin" section to be enabled - the depends rule in config enforces this
- Use the built-in "Send test email" button to confirm delivery before relying on the alerts
- This feature requires a Growth or Pro license

---

### Set up automated backups of audit data

Schedule regular exports of your audit logs to local storage or a remote FTP/SFTP server so the data survives even if the database is reset.

#### How to set it up

1. Go to:
   Stores > Configuration > Moogento > AuditEasy > Security: Backups

2. Add a backup task:
   - Method = Local (all plans) or Remote FTP/SFTP (Pro only)
   - Frequency = Hourly or Daily

3. For remote backups, fill in:
   - Protocol = FTP or SFTP
   - Host, Port, Username, Password, Path
   - Use the built-in connection test to validate before saving

4. Save config

![Security Backups configuration](images/config-backup.png)

#### Notes

- Remote FTP/SFTP backup is available on the Pro plan only
- Local backups are written to `var/moogento_auditeasy/backups/` - make sure the web server user has write permission to that directory
- Backup retention is separate from the log retention period set in "Log which: Period"

---

## Features reference

### General

- **What it does**: Master on/off switch for AuditEasy, plus an optional debug log toggle
- **When to use it**: Keep the module enabled at all times in production; enable debug logging only when investigating an issue
- **Config path**: `moogento_auditeasy/general/enable`

---

### Audit & Log: Scope - Log which: Period

- **What it does**: Controls how many days of audit data are retained before automatic cleanup
- **When to use it**: Set this to the maximum your plan allows - 7 days (Seed), 30 days (Growth), or 365 days (Pro). Make sure the value is greater than the revert time limit set per user in the admins table
- **Config path**: `moogento_auditeasy/actions/period/log_days`

---

### Audit & Log: Scope - Log which: Admins

- **What it does**: Lets you choose which admin users are monitored and set per-user revert time limits
- **When to use it**: Select every user who manages products, prices, or customer data; restrict high-privilege accounts with shorter revert windows
- **Config path**: `moogento_auditeasy/actions/admins/users_permissions`

---

### In-page changelogs

- **What it does**: Embeds an "AuditEasy Changelog" fieldset directly on the product edit form and the customer edit form, showing log entries scoped to the current entity
- **When to use it**: Lets you check a product's or customer's full edit history without navigating away from the form
- **Config path**: No separate config switch - follows the main enable setting and the section toggles for Products / Customers

---

## Advanced configuration

### Log retention and plan limits

#### What it does

The retention period is capped by your license plan. If you set `log_days` to a value higher than your plan allows, AuditEasy enforces the plan ceiling. The cleanup cron runs nightly and removes records older than the effective retention value.

#### Setup

1. Go to Stores > Configuration > Moogento > AuditEasy > Audit & Log: Scope > Log which: Period
2. Set the number of days. Practical recommended values:
   - Seed: 7
   - Growth: 30
   - Pro: 90–365 depending on database capacity

#### Notes

- Large log tables can slow admin grids. If you're on Pro with 365-day retention and a high-volume store, monitor table sizes with the query in the Troubleshooting section and optimize the tables periodically
- Retention here controls the live database only; remote backups keep their own copy independently

---

### Per-user revert time limits

#### What it does

Each admin user in the monitored users table can have an individual revert window (in hours or days). Once that window passes, the revert button disappears for that action - this prevents unintended rollbacks of changes that are already in production.

#### Setup

1. Go to Stores > Configuration > Moogento > AuditEasy > Audit & Log: Scope > Log which: Admins
2. In the users permissions table, set the revert limit for each monitored user
3. Make sure the log retention period is longer than the longest revert window you set

#### Notes

- Revert requires the ACL resource `Moogento_Auditeasy::revert` - verify that role before testing
- Revert is available on Growth and Pro plans only

---

## Tips & best practices

- Restrict access to the AuditEasy configuration section to a single admin role (usually the store owner). The config comment warns that access control for this section should be limited to prevent admins from turning off their own monitoring
- Export the access and actions logs monthly to an offline location, in addition to any backup tasks, to cover the period before your retention window
- When investigating a suspicious change, use the filter on the Admin Actions Log grid to narrow by admin user, entity type, and date range - the grid can hold many thousands of rows
- For stores with large catalogs and frequent bulk imports, consider enabling logging only for the sections you actually need to audit, rather than everything. Unused log sections just add noise and database size
- After enabling security notifications, send a test email to confirm it arrives. Queue consumers must be running for notifications to process - see the Troubleshooting section if the test email doesn't arrive
- On Growth and Pro plans, review the Admin Access Log weekly for any unfamiliar IP addresses or login times. The location column (powered by IP geolocation) makes it easy to spot logins that don't match your team's usual locations

---

## Troubleshooting

### Admin activities are not appearing in the log

No entries appear in the access log or actions log after an admin saves a product or logs in.

- **Cause:** The module is enabled but the relevant sections and/or admin users are not selected for monitoring
- **Check:** Go to Stores > Configuration > Moogento > AuditEasy > Audit & Log: Scope and confirm the relevant section toggles are on, and that the admin user is listed in "Log which: Admins"
- **Resolution:** Enable the required sections, add the admin user to the monitored users table, save config, and run `php bin/magento cache:clean`

---

### Revert button is not visible on an action log entry

The revert control does not appear next to an action you expect to be revertible.

- **Cause:** Either the action is outside the revert time window, the entity no longer exists, or the current admin user lacks the revert ACL resource
- **Check:** Confirm the plan is Growth or Pro. Check the ACL resource `Moogento_Auditeasy::revert` is granted to the admin role. Check the revert time limit set for that user in the admins permissions table
- **Resolution:** Extend the revert window for the user if appropriate, or grant the ACL resource. For time-expired entries, revert is not available - restore the previous values manually

---

### Security notification emails are not arriving

Test emails and alert emails do not reach the inbox.

- **Cause:** Queue consumers may not be running, or general Magento email delivery is misconfigured
- **Check:** Confirm that "Access: Admin" section logging is enabled (required for notifications). Test general Magento transactional email delivery. Check whether queue consumers are active: `php bin/magento queue:consumers:list`
- **Resolution:** Start the relevant consumer: `php bin/magento queue:consumers:start mooauditeasy.admin.login.failed.communication.topic.name`. Verify SMTP settings in Stores > Configuration > Advanced > System > Mail Sending Settings

---

### Remote backup is failing

Audit data is not being uploaded to the configured FTP/SFTP server.

- **Cause:** Connection credentials are incorrect, the remote path does not exist, or a firewall is blocking outbound connections
- **Check:** Use the built-in connection test button in Security: Backups. Check `var/log/moogento_auditeasy.log` for connection error messages
- **Resolution:** Correct the host, port, credentials, and remote path. Ensure the Magento server's outbound firewall allows connections on port 21 (FTP) or 22 (SFTP). Confirm the remote directory exists and the user has write permission

---

### Admin panel slows down after AuditEasy has been running for a while

The admin grids load slowly and database queries take longer than expected.

- **Cause:** The audit log tables have grown large and may benefit from index optimization
- **Check:** Query table sizes in your database:
  ```sql
  SELECT table_name,
         ROUND(((data_length + index_length) / 1024 / 1024), 2) AS 'Size (MB)'
  FROM information_schema.tables
  WHERE table_name LIKE 'moo_auditeasy_%';
  ```
- **Resolution:** Reduce the log retention period if the current value is higher than needed. Run `OPTIMIZE TABLE moo_auditeasy_access_log;` and `OPTIMIZE TABLE moo_auditeasy_action_log;` during a low-traffic window

---

## FAQs

<!-- seo: FAQPage schema - the page converter should emit JSON-LD for this section -->

## How do I see who changed a product price in Magento?

Go to **Moogento > AuditEasy > Admin Actions Log** and filter by entity type "Product" and the date range in question - each row shows the admin user, the field changed, and the before and after values. See [Common setups](#common-setups) for how to enable product change tracking.

## Can I undo an admin change without touching the database?

Yes, on Growth and Pro plans you can revert individual field changes or a complete save directly from the Admin Actions Log grid, as long as the action is within the revert time window configured for that user. See [Advanced configuration](#advanced-configuration) for revert setup details.

## How do I get an alert when someone exports my customer list?

Enable the "Exports: Customer data" section toggle in Audit & Log: Scope, then turn on Security Notifications and enter a recipient email in the Security: Notifications group. AuditEasy will send an email each time a customer data export is triggered. Growth or Pro license required.

## What happens to my audit logs if I disable AuditEasy?

Existing log entries remain in the database unchanged when you disable the module - they are not deleted. New activities will no longer be recorded until AuditEasy is re-enabled. Scheduled cleanup crons also stop running while disabled, so existing data persists until you re-enable and the cron runs again.

## How long does AuditEasy keep logs?

Retention depends on your plan: 7 days on Seed, 30 days on Growth, and 365 days on Pro. You set the exact number of days in Stores > Configuration > Moogento > AuditEasy > Audit & Log: Scope > Log which: Period, up to the plan ceiling.

## How many admin users can AuditEasy monitor?

The Seed plan monitors up to 2 admin users, Growth monitors up to 5, and Pro monitors an unlimited number. Choose which users to track in the "Log which: Admins" section of the config.

## Does AuditEasy work with Hyvä, Luma, and Porto themes?

Yes - AuditEasy is an admin-only module with no frontend output, so it is fully compatible with Hyvä, Luma, Porto, and any other storefront theme. Theme choice has no effect on audit logging or the admin log grids.

## Can AuditEasy log changes made by third-party modules?

AuditEasy logs Magento model save events, so it captures most changes regardless of which module triggers the save. It also includes built-in support for several Moogento modules - **PickPack**, **GiftEasy**, and **SmartCart** - as well as Amasty Gift Card actions.

## Where do I find the Admin Access Log?

Go to **Moogento > AuditEasy > Admin Access Log** in your Magento admin menu. The grid shows every login and logout with IP address, browser, device, and geolocation data. You can filter by user, date, or IP and export to CSV.

## What plan do I need for remote FTP/SFTP backup?

Remote FTP/SFTP backup of audit data requires the Pro plan. Local filesystem backups are available on all plans. See the [Security: Backups](#advanced-configuration) config group to set up backup tasks.

---

## Related guides

- [PickPack](../pickpack) - AuditEasy logs PickPack PDF template saves, so template change history is visible in the actions log
- [GiftEasy](../gifteasy) - AuditEasy tracks GiftEasy mass-delete and enable/disable actions in the actions log
- [SmartCart](../smartcart) - SmartCart order updates are captured by AuditEasy's action logging

---

## Need help?

- moo@moogento.com
- Include:
  - Magento version
  - Module name
  - What you're trying to do