Recorded information includes the time of the incident, the severity, the responsible IP and user or session, and the action, such as a failed authorization check. For security reasons, audit logs are not visible on the regular web user interface and can only be viewed in the application service logs or searched in a terminal using the CLI commands documented below.
|alert||panic||security alert, e.g. an attack has been detected|
|critical||fatal||critical security incidents and application errors|
|error||error||failed authorization checks, application errors|
|warning||warning||file deletions, failed logins, and invalid api requests|
|info||info||expected and uncritical actions e.g. file uploads|
|debug||debug||informational messages, e.g. successful logouts|
The general verbosity level of log messages can be set with
PHOTOPRISM_LOG_LEVEL. In addition, incidents with a level equal to or higher than
PHOTOPRISM_AUDIT_LEVEL are recorded in the database in a structured way so that they can be searched.
|Environment Variable||CLI Flag||Default||Description|
|PHOTOPRISM_LOG_LEVEL||--log-level||info||log message verbosity
|PHOTOPRISM_AUDIT_LEVEL||--audit-level||warning||audit log recording
Use the following terminal commands to search the database for login attempts, user actions and incidents, or application errors:
||Displays login attempts|
||Displays audit logs|
||Displays error logs|
You can combine them with these flags to change the output format and the maximum number of search results:
||format as machine-readable Markdown|
||export as semicolon separated values|
||export as tab separated values|
||LIMIT number of results (default: 100)|
photoprism-pro audit clear to clear all recorded incidents and reset the database to a clean state.
For detailed information on specific product features, services, and related resources, see our Knowledge Base, or read the User Guide for help using the web user interface: