Action uncanny-automator

automator_security_event

Fires after a security event is logged by the API integration for automator actions, passing the log data.

add_action( 'automator_security_event', $callback, 10, 1 );

Description

Fires after a security event is logged by the API. Developers can use this action to perform custom logging, send notifications, or trigger additional security-related actions based on the event data. The `$log_data` parameter contains details about the security event.

Usage

add_action( 'automator_security_event', 'your_function_name', 10, 1 );

Parameters

$log_data (mixed)
This parameter contains an array with the security event's message, timestamp, and any associated context.

Examples

/**
 * Example function to hook into the 'automator_security_event' action.
 * This function will log security events to a custom log file or database.
 *
 * @param array $log_data An array containing security event details.
 *                        Expected keys: 'message', 'timestamp', 'context'.
 */
function my_custom_security_logger( $log_data ) {
    // Ensure $log_data is an array and has the expected keys.
    if ( ! is_array( $log_data ) || ! isset( $log_data['message'] ) || ! isset( $log_data['timestamp'] ) || ! isset( $log_data['context'] ) ) {
        error_log( 'automator_security_event received invalid $log_data.' );
        return;
    }

    $message   = sanitize_text_field( $log_data['message'] );
    $timestamp = absint( $log_data['timestamp'] );
    $context   = wp_kses_post( json_encode( $log_data['context'] ) ); // Sanitize context, assume it's an array that can be JSON encoded.

    // For demonstration, we'll append to a simple log file.
    // In a real-world scenario, you might log to the WordPress DB,
    // an external logging service, or use WP's built-in WP_Debug_Log.
    $log_file_path = WP_CONTENT_DIR . '/security_events.log';
    $log_entry = sprintf(
        "[%s] %s - Context: %sn",
        date( 'Y-m-d H:i:s', $timestamp ),
        $message,
        $context
    );

    // Append the log entry to the file.
    // Consider using file locking in a high-traffic environment.
    file_put_contents( $log_file_path, $log_entry, FILE_APPEND );

    // Example of performing another action based on the security event.
    if ( strpos( $message, 'failed login attempt' ) !== false ) {
        // Potentially trigger an IP ban or notification for failed logins.
        error_log( 'High-priority security event detected: ' . $message );
    }
}
add_action( 'automator_security_event', 'my_custom_security_logger', 10, 1 ); // Hook with priority 10, accepting 1 argument.

Placement

This code should be placed in the functions.php file of your active theme, a custom plugin, or using a code snippets plugin.

Source Code

src/api/components/security/class-security.php:399

public static function log_security_event( string $message, array $context = array() ): void {
		// Only log if someone is listening
		if ( ! has_action( 'automator_security_event' ) ) {
			return;
		}

		$log_data = array(
			'message'   => $message,
			'timestamp' => time(),
			'context'   => $context,
		);

		do_action( 'automator_security_event', $log_data );
	}
Scroll to Top