All CWP projects based on the installer (or using the cwp-core module) include the silverstripe/auditor module which collect such security-related events as:
- Login attempts (failed and successful)
- Page manipulations that may potentially affect the live site
- Security-related changes such as Members being added to groups or permission changes.
To inspect the audit log, proceed to the centralised logging system, select the stream related to your environment and search for:
See the centralised logging system for more information on working with Graylog.