Welcome to Obzervi! Think of this plugin as the security camera and flight recorder for your WordPress website. It quietly runs in the background, keeping a detailed log of who logs in, what changes are made, and any potential security risks.
Part 1: How to Find Obzervi in Your WordPress Site
Before you can monitor your website, you need to know where the control room is.
Log In to WordPress Start by logging into the back-end of your website (usually by going to yourwebsitename.com/wp-admin). Enter your standard WordPress username and password.
Locate the Left Sidebar Once you are logged in, look at the dark vertical menu on the left side of your screen. This is your main WordPress navigation menu.
Find the Obzervi Icon Scroll down this menu until you see Obzervi Logs. It features a distinct circular logo (a stylized eye/radar icon).
Click to Open Click directly on "Obzervi Logs" to open the plugin. You will automatically land on the main Dashboard.
Tip: The Dashboard is your "Mission Control" — designed to give you a quick overview of your website's health and recent activity at a single glance.
Part 2: Understanding Your Dashboard (Mission Control)
The Dashboard is the first screen you see when opening Obzervi. It is designed to give you a "morning coffee" overview of your website's health and recent activity at a single glance. You don't need to be a tech expert to understand what's happening here.
1. Quick Stats (Top KPI Cards)
At the very top, you will see four colored boxes with large numbers. These are your Key Performance Indicators (KPIs):
Activities Today
The total number of actions recorded on your site since midnight.
This Week
The total number of actions recorded over the last 7 days.
Active Users Today
How many distinct, individual people (or automated bots) have interacted with your site today.
Critical Actions — 24h
High-priority events, such as someone deleting a plugin, changing a major setting, or a severe security alert.
Pay attention to Critical Actions. If this number is higher than zero, you should review your logs immediately to verify you recognize the action that took place.
2. Live Status & The AI Assistant
Live Connection
In the upper right corner, a small indicator will say LIVE (green) or DISCONNECTED (red). This lets you know if Obzervi is actively recording real-time data.
AI Assistant (Purple Button)
One of Obzervi's most powerful tools! If you don't want to read through hundreds of logs manually, click this button. You can ask the AI to analyze the logs for Today, This Week, or This Month. It will generate a plain-English summary of your site's activity and highlight any potential security risks — for example, it may detect patterns of password guessing.
3. Currently Online
This section shows you exactly who is logged into the administrative side of your website right now. It displays:
Their name
Their user role (e.g., Administrator)
Their email address
Their current status (e.g., "Active just now")
4. Visual Charts
Visuals make it easier to spot strange behavior on your site.
Activity Timeline (Line Graph)
This graph shows your site's activity over the last 7 days. If your site normally has 50 actions a day and suddenly the graph spikes to 5,000 actions on a Tuesday, you know you need to investigate!
Action Types (Donut Chart)
This colorful circle breaks down exactly what kind of activities are happening (e.g., mostly Plugin Settings, Authentication, or Comments).
5. The "Top 10" Lists
These lists help you quickly identify the biggest "movers and shakers" on your site.
Top 10 Active Users
Ranks the users who have performed the most actions on your site.
Top 10 Critical Actions (Last 48h)
A fast way to see high-priority events without digging through all your data. It will show exactly what was activated, deactivated, or deleted recently.
6. Top 10 Recent Activity
At the bottom of the dashboard is a mini-spreadsheet showing the last 10 things that happened on your site, literally down to the second. It shows:
Datetime — Exactly when it happened (e.g., "4 seconds ago")
User — Who did it
Action & Type — What they did (e.g., "Login Failed - Authentication")
Actions (Eye Icon) — Clicking the eye icon will open a detailed report of that specific event
Pro tip: Click the eye icon on any recent activity entry to drill down into the full details of that event — including IP address, user agent, and exact changes made.
Dashboard FAQ
Not necessarily! A critical action might just be you or your web developer updating or deleting an old plugin. However, you should always check the "Top 10 Critical Actions" list below it to confirm you recognize the action that took place.
"Visitor" simply means someone who is not logged into a WordPress account. This could be a normal person leaving a blog comment, or it could be an automated bot trying to guess a login password.
The AI Assistant is very smart and will often point out multiple failed login attempts. If it flags this, you can navigate to the Settings tab to increase your IP Blocking and Brute Force protection.
Section 2
The "All Logs" Tab — Your Website's Master Record
If the Dashboard is your quick morning summary, the All Logs tab is your detailed diary. Every single recorded event on your WordPress site is listed here, giving you a complete, searchable, and filterable record of everything that has happened.
Part 1: How to Access the All Logs Tab
Open Obzervi Click on Obzervi Logs in the WordPress sidebar to open the plugin.
Find the All Logs Tab Look at the top navigation tabs within Obzervi. Click on All Logs.
View the Log Table You will see a full table of every recorded event on your site, sorted by most recent first.
Part 2: Reading the Log Table
The log table contains several columns, each providing a specific piece of information about every event:
Column
What It Shows
Example
Datetime
The exact date and time the event occurred, down to the second.
May 11, 2026, 5:26 PM
User
The avatar and username of the person who performed the action. "Visitor" with a yellow icon means someone who is not logged in.
admin, Visitor
Action & Type
What happened and its category. The action is the specific event, and the type groups it.
The specific item that was affected by the action.
Plugin name, User ID
Description
A plain-English sentence explaining what happened.
"Failed login attempt for user: admin"
IP
The digital "home address" of the computer that performed the action.
192.168.1.100
Actions
An eye icon button that opens the detailed "Log Details" card for that event.
Eye Icon
Digging Deeper: The Log Details Card
When you click the eye icon on any log entry, a detailed card opens showing additional information:
IP Address & Location — The country, state, and city of the IP address, complete with a country flag!
User Agent — The browser and operating system used (e.g., Chrome on Windows 10)
Part 3: Severity Levels (Color Codes)
Every log entry is assigned a severity level to help you prioritize what to investigate. Here are the five levels:
Critical
Security & Destructive Actions. These are the most serious events and should always be investigated. Examples include unauthorized access attempts and mass deletions.
High
Important Changes. Events that significantly affect your site, such as a plugin being activated, a new user being created, or theme changes.
Medium
Moderate Actions. Routine changes like settings being updated, a new blog post created, or a comment approved.
Low
Routine Actions. Normal day-to-day operations such as a post being updated, media being uploaded, or a comment being submitted.
Info
Informational. Simple actions like a user logging in or logging out. Nothing to worry about.
Part 4: Filtering Your Logs
With potentially thousands of log entries, filtering is essential. Obzervi provides powerful filtering options:
Filter by User
Use the dropdown to select a specific user and see only their actions.
Filter by Action
Use the dropdown to filter by a specific action type (e.g., Login Failed, Plugin Activated, Post Updated).
Filter by Date
Set a Date From and Date To range to narrow down your search to a specific time period.
Click the blue Filter Logs button to apply your filters. Click the gray Reset Filters button to start over with a clean view.
Part 5: Exporting and Cleaning Up Logs
Download Logs
Click the green Export Logs button to download your logs. Select a date range and choose your format:
CSV — Opens in Excel, Google Sheets, and other spreadsheet programs. Best for most users.
JSON — A developer-friendly format ideal for analysts or integrating with other tools.
Delete Logs
WARNING: Deleting logs is permanent! Once deleted, there is no way to recover them unless you have a Cloud Backup enabled. Always export a backup before deleting.
Cleanup Logs — Type a number of days (e.g., 90) and click Cleanup to delete all logs older than that period.
Delete All Logs — The red button that removes everything. Only use this if you want to start completely fresh.
All Logs FAQ
This is almost certainly a brute-force attack where an automated bot is guessing passwords. Go to Settings → IP Blocking, enable Brute Force Protection, and copy the offending IP address to your Blacklist. The attacker will be permanently blocked.
No. Only Administrators have access to log management functions. Regular users (Editors, Authors, Subscribers) cannot see or delete any logs. Even if an administrator deletes logs, that deletion itself is recorded.
This means someone changed the PHP session timeout or a plugin-specific timeout setting. It is usually a routine configuration change. Check the User column to see who made the change and confirm it was intentional.
Section 3
The Analytics Tab — Your Site's Big Picture
Think of Analytics as your monthly review. While the Dashboard shows today's snapshot and All Logs shows every detail, the Analytics tab groups everything into beautiful charts and graphs so you can see trends, patterns, and potential issues at scale.
Part 1: Accessing Analytics & Setting Your View
At the top of the Analytics tab, you can customize the time period and scope of the data displayed:
Period — Choose from 1 month, 6 months, or set a custom date range.
User Filter — View data for All Users or filter to a specific individual.
Part 2: KPI Scorecards
The Analytics tab features multiple sets of KPI scorecards that provide at-a-glance metrics for different areas:
Activity KPIs
Total Activity
The total number of all recorded events in the selected period.
Average Daily Activity
The mean number of events per day, helping you establish your site's "normal" baseline.
Active Users
The number of distinct users who performed actions during the selected period.
Critical Events
The total count of critical-severity events that occurred during the time range.
Content KPIs — Posts
New Blog Posts
How many new blog posts were published during the selected period.
Blog Posts Deleted
How many blog posts were permanently removed.
Users That Edit Posts
The number of distinct users who made changes to blog posts.
Blog Posts Updated
The total count of edit and update actions on existing blog posts.
Content KPIs — Pages
New Pages
How many new pages (Homepage, About Us, Contact, etc.) were created.
Pages Deleted
How many pages were permanently removed during the selected period.
Users That Edit Pages
The number of distinct users who made changes to pages.
Pages Updated
The total count of edit and update actions on existing pages.
Part 3: Visual Charts
Timeline Charts
Activity Over Time (Line Chart)
A line graph showing the volume of activity across the selected period. Spikes indicate unusual days that may need investigation.
Activity by Day (Bar Chart)
A bar chart breaking down activity by day of the week, so you can see which days are busiest.
Activity by Hour (Green Bar Chart)
Shows activity distribution across all 24 hours (00:00–23:00). Great for identifying quiet hours versus peak activity times.
Weekly Activity Trends (Curved Line)
A smoothed line chart showing weekly patterns, making it easy to spot gradual increases or decreases in activity over time.
Categorized Charts
Activity by Event Type (Horizontal Bar)
Shows the breakdown of different event types (Login, Logout, Setting Changed, Plugin Activated, etc.) so you can see what happens most on your site.
Activity by Object Type
Groups events by the type of object affected: Settings, Authentication, Plugins, Themes, Posts, Pages, and more.
Part 4: Monitoring Users & System Health
Most Active Users (Purple Bar Chart)
Identifies which users are performing the most actions on your site. Useful for tracking team productivity or detecting compromised accounts.
Top 10 IP Addresses (Orange Bar Chart)
Shows which IP addresses are most active. If an unknown IP is at the top with hundreds of actions, it may be a bot or attacker. Investigate and consider blacklisting.
Severity Levels (Pie Chart)
Visualizes the proportion of events at each severity level. A healthy site will show mostly Blue (Low) and Gray (Info). If Red (Critical) is a significant slice, investigate immediately.
Active Users IP & Security Logs
A mini-table showing only Critical and High severity events, providing a focused security overview without the noise of routine activity.
Analytics FAQ
Click on the All Logs tab and filter by the date range of the spike. Look for repeated actions from a single IP address or user. Common causes include bot attacks (hundreds of "Login Failed"), bulk content imports, or plugin updates affecting many settings at once.
It depends on volume. A few failed logins per day is normal (people forget passwords). However, if "Login Failed" dominates your chart with hundreds or thousands of entries, you are likely under a brute-force attack. Enable IP Blocking in Settings immediately.
Currently, the best approach is to take a screenshot of the Analytics tab or use the Export Logs feature in the All Logs tab to download the raw data as CSV. You can then create custom charts in Excel or Google Sheets for presentation purposes.
Section 4
Configuring Obzervi (Settings Tab)
The Settings tab is your control panel. Here you decide what to record, who sees the records, and how much protection to activate. Think of it as the preferences screen for your security camera system.
Part 1: How to Access Settings
Open Obzervi Click on Obzervi Logs in the WordPress sidebar.
Click the Settings Tab Look at the top navigation tabs within Obzervi and click on Settings.
Navigate Sub-Tabs Within Settings, you will see sub-tabs: General, Tracking, Role Access, Integrations, and IP Blocking. Click each one to configure that area.
Part 2: General Tab
The General tab controls the overall behavior of Obzervi, including an overview of your current configuration and database management tools.
Database Management
Enable Auto-Purge — Automatically delete old logs after a set number of days to keep your database lean.
Retention Period — Set how many days to keep logs (e.g., 90 days). Logs older than this are automatically removed.
Click Save to apply your changes.
Import / Export Settings
You can export your entire Obzervi configuration to a file and import it on another WordPress site. This is useful when migrating to a new server or setting up multiple sites with the same configuration.
Part 3: Tracking Settings
This is where you decide exactly what Obzervi monitors. You will see a series of checkboxes for different event categories:
Posts — Track when blog posts are created, edited, published, or deleted.
Users — Track when user accounts are created, modified, or removed.
Plugins — Track when plugins are installed, activated, deactivated, updated, or deleted.
Themes — Track when themes are changed, updated, or customized.
Media — Track when images, videos, and other files are uploaded or deleted.
Plugin Settings Tracking
Obzervi can also track changes to the settings of other plugins installed on your site. You will see two lists:
Available — Plugins that can be tracked but are not currently monitored.
Tracked — Plugins whose settings changes are actively being recorded.
To add a plugin, select it from the Available list and click Add to move it to the Tracked list.
Part 4: Role Access
Control which WordPress user roles can see and interact with Obzervi.
Role
Default Access
Options
Administrator
Full Access (always)
Cannot be changed — administrators always have full access to all logs and settings.
Editor
No Access
"View Own Logs Only" or "No Access"
Author
No Access
"View Own Logs Only" or "No Access"
Note: "View Own Logs Only" means the user can see activity related to their own account but cannot view other users' logs, settings, or any administrative functions.
Part 5: Integrations
Connect Obzervi to external services so you never miss a critical event, even when you are not logged in to WordPress.
Slack Integration
Send real-time activity notifications to a Slack channel. Great for teams that use Slack for communication.
Email Notifications
Receive email alerts when specific severity levels are triggered. CRITICAL: Select only the severity levels that matter to you. We recommend selecting Critical and High only to avoid inbox overload.
Weekly Report
Enable a weekly summary email that arrives on your chosen day (e.g., Sunday). This gives you a quick digest of the past week's activity without needing to log in.
Email tip: If you enable email notifications for ALL severity levels, you may receive dozens of emails per day. Stick to Critical + High for the best signal-to-noise ratio.
Part 6: IP Blocking (Your Security Shield)
This is one of Obzervi's most powerful security features. It lets you automatically and manually block malicious IP addresses.
Brute Force Protection
Enable — Toggle on to activate automatic brute force protection.
Max Attempts — Set the number of failed login attempts before an IP is locked (recommended: 5 or 10).
Lock Tier 2 — Second lockout duration (if they try again): 360 minutes (6 hours).
IP Whitelist (VIP List)
ALWAYS add your own IP address to the Whitelist! This ensures you can never accidentally lock yourself out of your own website. Also add the IP addresses of your team members and trusted partners.
IP Blacklist (Permanent Ban)
If you see a malicious IP address in your logs that keeps attacking your site, copy it and paste it into the Blacklist. That IP will be permanently banned from accessing your WordPress login page.
Workflow: Go to All Logs → find the malicious IP → copy it → go to Settings → IP Blocking → paste it into Blacklist → Save. Done!
Settings FAQ
If you accidentally blocked your own IP, you will need to access your WordPress database directly via your hosting provider's phpMyAdmin and remove your IP from the Obzervi blacklist table, or temporarily rename the Obzervi plugin folder via FTP to disable it.
Check three things: 1) Ensure Weekly Report is enabled in Settings → Integrations. 2) Check that your WordPress email system is working by sending a test email from another plugin. 3) Check your spam or junk folder. WordPress emails are often filtered by email providers.
Cloud Backup is a premium feature that automatically syncs your activity logs to Obzervi's secure cloud servers. This means even if your website is compromised or your server crashes, you have an off-site backup of all your security logs for forensic analysis.
Section 5
Content History — Your Website's Time Machine
Did someone accidentally delete a paragraph? Want to track what your editor changed on the About Us page? Content History lets you see every version of every page and post, compare changes side by side, and know exactly who changed what and when.
Part 1: How to Access Content History
Open Obzervi Click on Obzervi Logs in the WordPress sidebar.
Click the Content History Tab Look at the top navigation tabs within Obzervi and click on Content History.
Part 2: The History List
The Content History tab displays a table listing every tracked page and post:
Column
What It Shows
Example
Type
Whether the content is a PAGE or a POST.
PAGE, POST
Post Title
The name of the page or post, along with its internal ID number.
About Us (ID: 42)
Versions
How many saved versions exist for this content.
5 versions
Last Modified
When the most recent change was made.
May 15, 2026
Actions
Two buttons: View History (compare versions) and Edit Post (go to editor).
View History / Edit Post
Part 3: Comparing Changes (View History)
This is where Content History really shines. Follow these steps to compare versions:
Find Your Page or Post Locate the page or post you want to review in the history list.
Click "View History" Click the View History button to open the version comparison tool.
Use the Slider A slider control lets you move through different saved versions over time. Slide left for older versions, right for newer ones.
Review the Two Columns You will see two columns side by side: content highlighted in red was removed, and content highlighted in green was added.
Edit if Needed Click Edit Post to go directly to the WordPress editor and fix or restore any content.
Tip: Content History is especially valuable for teams where multiple people edit the same pages. You can always trace exactly who changed what and when, eliminating "who did that?" confusion.
Content History FAQ
Content History requires at least 2 versions to compare. If a page shows "1 versions" it means only the original version has been saved. Once you or another user edits and saves the page again, a second version will be created and you can then compare the two.
Obzervi Content History shows you exactly what changed, but it does not have a one-click revert button. Instead, use the View History comparison to identify the old content, then click Edit Post to manually restore the previous text.
No. Content History uses WordPress's built-in revision system which is extremely lightweight. The tracking only activates when a post or page is saved, not during normal page views by your visitors.
Section 6
Account & Licensing
The Account tab is your billing and subscription area. Here you can view your license details, manage your plan, and keep your Obzervi installation up to date.
Part 1: How to Access Account Settings
Open Obzervi Click on Obzervi Logs in the WordPress sidebar.
Click the Account Tab Look at the top navigation tabs within Obzervi and click on Account.
Part 2: Account Details
CRUCIAL NOTE: The Name and Email shown in the Account tab belong to the license purchaser (often the developer or agency who set up your site), NOT the current WordPress user. This is normal and does not mean someone else has access to your logs.
The Account Details section displays the name and email address associated with the Obzervi license purchase. If a developer or agency purchased the license on your behalf, their information will appear here.
Part 3: License & Plan
This section shows the status of your Obzervi subscription:
Version — The current version of Obzervi installed (e.g., 1.0.32 Premium).
Plan & Expiration — Your plan tier (e.g., PRO) and when your license expires. An expiration badge shows your renewal date.
License Key — Your license key is hidden for security (shown as ***). You do not need to share this with anyone.
Action Buttons
Sync License
Forces a check with Obzervi's servers to update your license status. Useful after renewing your subscription.
Change License
Enter a different license key if you are switching plans or transferring a license from another site.
Deactivate License
Removes the license from this site so it can be activated on a different WordPress installation. The plugin will revert to the free version.
Account & Licensing FAQ
Only if they have an active WordPress administrator account on your site. The license purchaser name shown in the Account tab does not grant any access. Log visibility is controlled entirely by WordPress user roles and Obzervi's Role Access settings.
No. Your logs are stored in your WordPress database and remain there even if your license expires. However, you will lose access to premium features like AI Analysis, Cloud Backup, and advanced analytics until you renew.
Enabling the beta program checkbox opts you in to receive early access to new Obzervi features before they are officially released. Beta versions may contain bugs, so this is recommended only for development or staging sites, not production websites.
Section 7
Contact Us & Support
Obzervi includes a direct built-in hotline to the support team. You don't need to leave your WordPress dashboard to get help — just fill out the contact form and the team will get back to you.
Part 1: How to Access Support
Open Obzervi Click on Obzervi Logs in the WordPress sidebar.
Click the Contact Us Tab Look at the top navigation tabs within Obzervi and click on Contact Us.
Part 2: Choosing a Topic & Sending Your Message
When submitting a support request, you will first be asked to choose a topic category:
Technical Support
Something is broken, not working correctly, or you need help with a feature.
Billing Issue
Questions about charges, refunds, plan upgrades, or license renewals.
Feature Request
Have an idea for a new feature or improvement? The team loves hearing suggestions.
Customization
Need custom modifications to Obzervi for your specific use case.
Pre-Sale Question
Considering purchasing Obzervi? Ask questions before you buy.
Press
Media inquiries, partnership requests, and press-related communications.
Bug Report
Found a bug? Report it with as much detail as possible so the team can fix it quickly.
Part 3: Submitting Your Request
Freemius Notice: Obzervi uses Freemius, a trusted third-party service, to handle support tickets. When you first submit a request, you may see a Freemius notice — simply click Continue to proceed.
After selecting your topic and writing your message, click the green SUBMIT button. The support team will respond via email, typically within 24-48 hours.
Support FAQ
No. Obzervi only sends emails you have explicitly enabled, such as weekly reports or severity-based alerts. The Contact Us form uses Freemius, a trusted service, solely for support ticket communication.
The built-in contact form does not currently support file attachments. If you need to share a screenshot, mention it in your message and the support team will follow up via email where you can attach files directly.
Master FAQ
General Security & Logging FAQ
These are the most common questions about Obzervi that don't fit neatly into a single section. They cover performance, security, privacy compliance, and troubleshooting.
Performance & Database Storage
No. Obzervi is designed to be extremely lightweight. It logs events asynchronously in the background and does not add any overhead to your front-end page loading times. Your visitors will not notice any performance difference.
It depends on your site's activity level. A typical small business site generates about 50–200 MB of logs per year. Use the Auto-Purge feature in Settings to automatically delete logs older than a set number of days to keep storage under control.
Enable Auto-Purge in Settings and set a reasonable retention period (e.g., 90 days). Also check if you are tracking events you do not need — go to Settings → Tracking and uncheck categories that are not relevant to your monitoring needs.
Security & Reliability
If a hacker gains full database access, they could potentially modify any data including logs. This is why the Cloud Backup premium feature exists — it stores an off-site copy that cannot be tampered with from your WordPress installation.
No. Obzervi is an activity logger and IP blocker, not a firewall or malware scanner. It works best alongside a security plugin like Wordfence or Sucuri. Think of Obzervi as the security camera and the firewall as the locked door — you need both.
Yes. Obzervi logs server-side events (logins, settings changes, content edits) which happen before any caching layer. Caching plugins like WP Rocket, W3 Total Cache, or LiteSpeed Cache will not interfere with Obzervi's tracking.
Privacy & Compliance (GDPR/CCPA)
IP addresses are considered personal data under GDPR. You should disclose IP logging in your privacy policy, have a legitimate interest basis for security monitoring, and use the Auto-Purge feature to limit data retention. Consult a legal professional for your specific situation.
Obzervi primarily tracks WordPress admin-side activity (logins, content changes, settings). It does not track general front-end browsing behavior. The only public-facing events logged are login attempts and comment submissions.
Troubleshooting & Conflicts
Verify that: 1) Weekly Reports are enabled in Settings → Integrations with a day selected. 2) Your WordPress site can send emails (test with another plugin). 3) Check spam/junk folders. 4) Consider using an SMTP plugin like WP Mail SMTP for reliable email delivery.
No. Obzervi is designed to complement security plugins, not replace them. It focuses on activity logging and monitoring while plugins like Wordfence handle firewalls and malware scanning. They can run side by side without conflicts.
Need More Help?
Explore quick links to the most popular topics or reach out to support directly.
