API Request Monitor: Monitor Incoming & Outgoing API Requests and Manage Webhooks

Kaiizen API Request Monitor is an advanced API monitoring and debugging plugin for WordPress. Track incoming REST API requests, outbound HTTP requests, webhook activity, API performance, authentication failures, and WooCommerce API events in real time.

Whether you’re building custom integrations, troubleshooting API errors, testing endpoints, monitoring webhooks, or auditing API security, Kaiizen API Request Monitor provides the tools needed to understand exactly how data moves through your WordPress site.

Perfect for:

WordPress developers
WooCommerce developers
API integrators
Agencies managing client websites
DevOps and support teams
Plugin and theme developers

Core Features

• Request Logger — Logs all incoming WordPress REST API requests: method, endpoint, headers, body, response code, response time, user, and IP address.
• Outbound Logger — Intercepts all outbound HTTP requests made via wp_remote_* functions and logs URL, headers, payload, and response.
• Webhook Logger — Captures and logs both incoming and outgoing webhooks, including WooCommerce webhooks.
• API Explorer — A built-in HTTP client that lets you build and fire REST requests (GET, POST, PUT, PATCH, DELETE) directly from your WordPress admin. Save requests as reusable templates.
• Performance Analytics — Dashboard with hourly request volume charts, slowest endpoints, most-used endpoints, requests per minute, and error rate metrics.
• Security Monitor — Detects brute-force API authentication failures and fires configurable alerts via Email, Slack, or Discord.
• Activity Timeline — WooCommerce integration that tracks order, product, customer, and coupon changes made through the REST API.

Security & Privacy

• All logs are stored in your own database — no data is sent to external services unless you configure Slack or Discord webhook alerts.
• Configurable field masking automatically redacts sensitive keys (passwords, tokens, API keys, Authorization headers) from stored logs.
• Log retention is configurable (default: 30 days); old logs are pruned automatically via daily cron.
• Dashboard access is restricted to WordPress administrators (manage_options capability).

External Services

This plugin can optionally send security alert notifications to third-party webhook services. This only happens when you explicitly configure a webhook URL in Settings and enable alerts.

• Slack — Alert payloads (event type and details) are sent to your configured Slack Incoming Webhook URL. Terms: https://slack.com/terms-of-service | Privacy: https://slack.com/privacy-policy
• Discord — Alert payloads (event type and details) are sent to your configured Discord Webhook URL. Terms: https://discord.com/terms | Privacy: https://discord.com/privacy

No data is transmitted to external services unless you configure these integrations.

Source Code

The plugin includes a compiled JavaScript bundle (build/index.js) generated from source files in the src/ directory using @wordpress/scripts (webpack). The full source is included in the plugin package under src/. To rebuild: npm install && npm run build.

Requirements

• WordPress 6.0 or higher
• PHP 7.4 or higher
• WooCommerce (optional) — required only for the Activity Timeline and WooCommerce webhook logging features.