SleekView for Sucuri Security: audit events as tables
Sucuri Security writes last-login rows into wp_sucuriscan_lastlogins and streams the audit log to Sucuri's API for retrieval. SleekView reads both sources, joins them to wp_users, and renders one row per event in a sortable, filterable grid.
♾️ Lifetime License available
An audit log that finally has a real workspace
Sucuri Security is the auditing and post-hack toolkit shipped by Sucuri Inc. It records failed and successful logins into the dedicated wp_sucuriscan_lastlogins table, monitors file integrity, and streams audit-log events to Sucuri's API so they survive a database compromise. The website firewall is the separate paid Sucuri CloudProxy product; the free plugin focuses on auditing and post-hack monitoring.
The plugin's default admin lists last-logins on one screen and the remote audit log on another, with separate filters and separate paginators. Comparing a failed-login spike to the file-integrity warnings that followed means clicking between two screens and cross-referencing timestamps by hand. The signal that ties them together is the user account.
SleekView reads the wp_sucuriscan_lastlogins table and pulls the audit log via the same Sucuri API the plugin uses. Both sources land in one grid, joined to wp_users by login. Each row carries the timestamp, the user, the event type, the IP, and the source. Saved filters carry across both surfaces, so a triage view becomes one screen instead of two.
Workflow
From two Sucuri screens to one triage queue
Pick the source
wp_sucuriscan_lastlogins for login events and at Sucuri's audit-log API for file-integrity and admin events. Both sources land in one grid.
Compose columns
Save and scope per role
Edit inline or jump out
Sample columns
Sucuri audit events across the site
wp_sucuriscan_lastlogins joined to the Sucuri audit log API and wp_users
| Time | User | Event | Source | IP | Severity |
|---|---|---|---|---|---|
| May 18 09:42 | alex@studio.co | Login success | lastlogins | 84.12.x.x | Info |
| May 18 09:18 | ria@design.io | Login failed | lastlogins | 203.0.113.x | Notice |
| May 18 09:05 | tom@hello.dev | File modified | audit | 45.61.x.x | Warning |
| May 17 23:11 | system | Core integrity diff | audit | internal | Warning |
Comparison
Default Sucuri Security admin vs SleekView
Default Sucuri Security
- Last-logins and audit-log screens live behind separate filters and separate paginators
- Failed-login spikes cannot be joined to file-integrity events in one view
- Per-user event history needs a manual cross-reference between two screens
- No saved view for the daily triage queue across both sources
- Audit-ready exports require navigating per-screen options
SleekView
-
One row per event whether it comes from
wp_sucuriscan_lastloginsor the audit log - Filter by user, event type, or source in one click
- Sort by severity to surface warnings ahead of informational rows
- Saved triage view for the daily security standup
- Inline jump from a login row to the user profile and the recent audit context
Features
What SleekView gives you for Sucuri Security
Two sources, one queue
Last-logins and audit-log events read in the same grid, joined to wp_users. Triage stops being two screens of pagination and becomes one filtered view.
Severity-first triage
Sort by severity and warnings surface ahead of routine login rows. A file-integrity warning that followed a failed-login spike becomes a one-glance signal.
Audit-ready CSV
Export any filtered slice to CSV with active filters preserved. Security reviews get a defensible sheet that carries both the login table and the audit log per event.
Audience
Who uses SleekView for Sucuri Security
Security leads
Daily triage queue that joins login failures and file-integrity warnings on one screen. The saved view surfaces incident-shaped events the same morning they happen.
Site admins
Filter by user to read every Sucuri-recorded event tied to an account, from last-logins to audit-log entries. The cross-reference happens in one grid.
Agencies
Per-client triage view that aggregates Sucuri events for the billing period. The CSV export gives the monthly security report a defensible source.
The bigger picture
Why two audit screens belong on one triage surface
Sucuri Security already does the hard work, it records logins into wp_sucuriscan_lastlogins and streams an audit log to Sucuri's API that survives a database compromise. The trouble is that those two sources land on two screens with two filters, which means joining a failed-login spike to the file-integrity warning that followed it is manual work. Security leads need both signals on the same morning queue.
Site admins need the per-user view that reads both stores at once. Agencies need the per-client CSV that carries both data sets. SleekView reads the lastlogins table and the audit-log API together, joins them to wp_users, and renders one grid where every event is one row.
Severity is a sortable column. Failures sort ahead of informational rows. The plugin keeps owning the audit work, and the team finally gets the triage queue the screens never tried to ship.
Questions
Common questions about SleekView for Sucuri Security
No. The Sucuri Firewall is the separate paid Sucuri CloudProxy service. SleekView only reads what the free Sucuri Security plugin stores locally and pulls via the audit-log API.
Yes for the audit-log stream. The wp_sucuriscan_lastlogins table is read locally without the key. With the key configured, both sources land in the same grid.
Yes. The event column carries Login failed and Login success values from the lastlogins table. Filter to Login failed to surface every failure across every account.
Yes. The audit log carries severity per event, and SleekView surfaces it as a sortable column. Warnings sort ahead of informational rows for the daily triage view.
Yes. File-integrity diffs are written into the Sucuri audit log and land in the grid with severity Warning. They sit next to login failures so the triage queue reads in one screen.
Yes. On multisite each subsite has its own wp_sucuriscan_lastlogins table, and SleekView respects that scope. The audit-log API can be configured per site or shared across the network.
Only the rows on the current page are queried from the lastlogins table, and the API stream is page-bounded. Sites with high login volume query the same as quiet ones because pagination keeps the row count constant.
Yes. The IP and matched user already fall under the WordPress privacy exporter surface, and SleekView CSV exports inherit the same fields. The plugin's existing privacy exporters continue to serve subject-access requests.
Pricing
More than 1000+
happy customers
Explore our flexible licensing options tailored to your needs. Upgrade your license anytime to access more features, or opt for a lifetime license for ongoing value, including lifetime updates and lifetime support. Our hassle-free upgrade process ensures that our platform can grow with you, starting from whichever plan you choose.
Lifetime ♾️
Most popular
EUR
once
- Unlimited websites
- Lifetime updates
- Lifetime support
...or get the Bundle Deal
and save €250 🎁
The Bundle (unlimited sites)
Pay once, own it forever
Elevate your WordPress site with our exclusive plugin bundle that includes all of our premium plugins in one package. Enjoy lifetime updates and lifetime support. Save significantly compared to buying plugins individually.
What’s included
-
SleekAI
-
SleekByte
-
SleekMotion
-
SleekPixel
-
SleekRank
-
SleekView
€749
Continue to checkoutBrowse more
- Edd Software Licenses
- Woocommerce Product Add Ons
- Wp Ecommerce
- Yith Woocommerce Quick View
- Woocommerce Zoho Books
- Woocommerce Zip Checkout
- Woo Direct Checkout
- Wcfm Delivery
- Woocommerce Pinterest Feed
- Woocommerce Taxify
- Yith Woocommerce Anti Fraud
- Woocommerce Eu Vat Number
- Paystack Woocommerce
- Woocommerce Stock Sync
- Woocommerce Blocks