Recorded information includes the time of the incident, the severity, the responsible IP and user or session, and the action, such as a failed authorization check. For security reasons, audit logs are not visible on the regular web user interface and can only be viewed in the application service logs or searched in a terminal using the CLI commands documented below.
Severity Levels
| Severity | Log Level | Description |
|---|---|---|
| alert | panic | security alert, e.g. an attack has been detected |
| critical | fatal | critical security incidents and application errors |
| error | error | failed authorization checks, application errors |
| warning | warning | file deletions, failed logins, and invalid api requests |
| info | info | expected and uncritical actions e.g. file uploads |
| debug | debug | informational messages, e.g. successful logouts |
Config Options
The general verbosity level of log messages can be set with PHOTOPRISM_LOG_LEVEL. In addition, incidents with a level equal to or higher than PHOTOPRISM_AUDIT_LEVEL are recorded in the database in a structured way so that they can be searched.
| Environment Variable | CLI Flag | Default | Description |
|---|---|---|---|
| PHOTOPRISM_LOG_LEVEL | --log-level | info | log message verbosity LEVEL (trace, debug, info, warning, error, fatal, panic) |
| PHOTOPRISM_AUDIT_LEVEL | --audit-level | warning | audit log recording LEVEL (debug, info, warning, error, fatal, panic) |
Audit Commands
Use the following terminal commands to search the database for login attempts, user actions and incidents, or application errors:
| Command | Description |
|---|---|
photoprism audit logins [search] |
Displays login attempts |
photoprism audit logs [search] |
Displays audit logs |
photoprism audit errors [search] |
Displays error logs |
You can combine them with these flags to change the output format and the maximum number of search results:
| Command Flag | Description |
|---|---|
--md, -m |
format as machine-readable Markdown |
--csv, -c |
export as semicolon separated values |
--tsv, -t |
export as tab separated values |
-n LIMIT |
LIMIT number of results (default: 100) |
Run photoprism audit clear to clear all recorded incidents and reset the database to a clean state.
PhotoPrism® Documentation
For more information on specific features, services and related resources, please refer to the other documentation available in our Knowledge Base and User Guide:
