Signals

The raw events behind every alert.

A signal is a single, typed event from your site — one login attempt, one PHP warning, one cron tick, one config change. Logystera captures signals automatically. You never write queries. You read alerts.

What a signal is

Dashboards tell you that something happened. Signals are what happened. A login attempt — successful or failed, from a particular IP, at a particular moment. A configuration save — which object, which user, which category. A PHP error — file, line, source plugin. Every signal is one event, captured once, shipped once.

Signals are not logs in the free-text sense. They are structured, typed, and bounded. You cannot accidentally flood Logystera with unbounded data. Each signal type has a rate limit per request, and the total is hard-capped at 200 events per request regardless.

Why raw signals matter

Most monitoring tools give you dashboards and ask you to write rules. That requires you to know, in advance, what failure looks like. Logystera does the opposite: your site emits raw signals, and our processor — not you — correlates them into 69+ pre-built metrics and 17+ pre-built alerts. Brute-force detection, cron stalls, config tampering, failed emails, slow admin pages — all derived from signals you never had to name.

When something fires, the alert includes the exact signals that triggered it. Not “something is wrong” — but “12 failed logins from 3 IPs in the last 5 minutes, here they are.” The investigation is already done.

Signals to metrics to alerts

The flow is always the same: your site emits signals → the Logystera processor aggregates them into metrics → rule definitions correlate metrics into alerts. Every layer is open. You can inspect every metric, read every rule, and see every signal that fed them.

1. Signal

auth.attempt

A single login attempt, success or failure.

2. Metric

wp_auth_failed_total

Failed attempts counted per IP, over time.

3. Alert

Brute-force attack

Clustered failures from the same IP trigger it.

Privacy built in

Usernames are HMAC-hashed before they leave your site. SQL queries are never transmitted — only a SHA-1 hash. PHP backtrace arguments are stripped. Authorization headers and cookies are never captured. Configuration values are never sent — only the names of config objects that changed. IP addresses can be optionally anonymized.

Signals are designed to give us enough to detect threats and correlate failures, not enough to reconstruct your site’s content.

See the signals for your platform

Each integration has its own signal set, shaped around the host platform’s events and hooks.

WordPress signals

17 signal types: HTTP requests, auth attempts, cron health, PHP errors, plugin/theme state, file integrity, memory pressure, database errors.

Drupal signals

18 signal types: config saves, user lifecycle, module install/uninstall, authentication, HTTP requests, content moderation, views changes, slow queries.

Send real signals from your own site.

Install the plugin or module, connect to Logystera, and watch signals flow into dashboards. Free tier includes the core metrics and alerts.

Request a demo View pricing
Logystera Logystera
Monitoring for WordPress and Drupal sites. Install a plugin or module to catch silent failures — cron stalls, failed emails, login attacks, PHP errors — before users report them.
Product
Overview How it works Features Integrations Compare Pricing Changelog Status
Guides
WordPress Cron Not Running WordPress Emails Not Sending Log-Based Monitoring Blog Documentation
Solutions
For Agencies For SMEs For Government For Education For Enterprise Services What Logystera Is FAQ
Legal
Privacy Terms Security Cookies
Company
Contact About
Follow us
Twitter LinkedIn
Copyright © 2026 Logystera. All rights reserved.