Compliance Audit Log

Compliance Audit Log turns your WHMCS into a regulator-ready system of record. It silently captures every meaningful admin and client action across 8 categories — authentication, clients, invoices, tickets, services, domains, configuration, and modules — and stores them with full actor, target, IP, severity, and field-level before/after metadata. A built-in dashboard with multi-filter search, a detail drawer, and CSV export are included for free.

Pro upgrades the log into compliance-grade evidence. Every entry is signed into an HMAC-SHA256 hash chain so tampered or deleted records can be detected in seconds. JSON / SIEM exports drop straight into Splunk, ELK, or any log pipeline. A one-click NIS2 Article 21 compliance report summarises logging, integrity, incident handling, access control, and retention status. Alert rules let you trigger email notifications when severity thresholds are crossed inside a time window, with action-pattern wildcards. Retention is configurable from 30 to 3650 days, and trusted-proxy CIDRs make the IP column accurate behind Cloudflare or load balancers.