Does SleekView change what Patchstack blocks?

No. SleekView only reads wp_patchstack_firewall_log. The firewall rules, signature updates, and patches keep running through Patchstack itself.

Can I filter by country or rule?

Yes. Country, rule, URI, user agent, and IP are all first-class columns in SleekView, with combined filters and sort order saved per view.

Does it cover vulnerability records?

Yes. The vulnerability and patch records Patchstack tracks can sit in their own SleekView grid. You can correlate them against firewall events by date or rule reference.

Can I bulk-action firewall rows?

Yes. Tag, archive, or escalate multiple rows from a single bulk operation. Annotations live alongside the event so the next reviewer sees the prior context.

How does it perform on busy sites?

SleekView paginates server-side and uses the existing indexes on timestamp, rule, and IP. Even sites with heavy traffic and large firewall logs stay responsive.

Does it respect WordPress roles?

Yes. Capability checks follow WordPress roles. You can also gate specific saved views to a smaller group when the data is sensitive.

Can I export filtered events for a SIEM?

Yes. JSON exports respect the active filter and visible columns, which works as input for SIEMs and other security tools.

What about multisite installs?

SleekView respects multisite context. A super-admin view can join firewall events across sites, while site-level admins see only the slice that belongs to their site.

SleekView for Patchstack: firewall log & vulnerability records as tables

Patchstack writes blocked requests to wp_patchstack_firewall_log and tracks vulnerability events alongside it. SleekView turns both into a single sortable grid with saved views, role scoping, and inline annotations.

Get SleekView

♾️ Lifetime License available

Firewall events that bend to your questions

Patchstack stores its main event stream in wp_patchstack_firewall_log, with one row per blocked or flagged request: IP, country, rule ID, URI, user agent, and timestamp. Vulnerability and patching activity is written alongside it through the plugin's own logger. The default screens summarise the data well, but only let you filter by a fixed shortlist of fields.

SleekView reads wp_patchstack_firewall_log directly and treats every column, including the rule reference, the country, and the user agent fragment, as a first-class filter. Saved views capture filters, columns, and sort order so a triage screen for SQL injection attempts or a watchlist for known IP ranges takes a click rather than a SQL query.

Inline annotations let you tag a request as already actioned, archive a noisy rule, or flag an entry for follow-up without leaving the grid. Patchstack continues writing events through its own pipeline; SleekView only adds the operational layer on top.

Workflow

From Patchstack logs to a working firewall grid

Connect to the firewall log

Create a SleekView against wp_patchstack_firewall_log. Time, IP, country, rule, URI, and user agent are detected and offered as the starting field set.

Compose triage columns

Promote the columns your team uses for triage, including rule and country, and hide the noisy ones. Save the column set so it travels with the view.

Save reusable views

Pin SQL injection attempts, XSS attempts, rate-limit traffic, or good-bot traffic as separate views. Each captures the active filter, the columns, and the sort.

Annotate and export

Tag a row as actioned, archive a noisy entry, or escalate one for follow-up. Export the visible columns as CSV or JSON for tickets, SIEMs, or audits.

Sample columns

A typical Patchstack firewall view

One row per blocked request with rule, country, URI, and action from wp_patchstack_firewall_log.

Source: wp_patchstack_firewall_log, wp_options (vulnerability and patch records)

When	IP	Country	Rule	URI	Action
Today 06:14	198.51.100.4	RO	sql-injection	/wp-login.php	Blocked
Today 07:02	203.0.113.55	US	xss-attempt	/?s=

Here's Something Special For You