cPanel logs provide a goldmine of information to quickly resolve various customer issues and server errors.
Here’s a list of the cPanel logs most commonly used by our expert server administrators, and the commonly sought information in them.
cPanel mail logs – SMTP (Exim), POP/IMAP (Courier/Dovecot) and Webmail (Horde/RoundCube/Squirrelmail)
Incoming and outgoing mail log | /var/log/exim_mainlog – Find out what happened to an email sent to an outside server, or one that came into this server. |
---|---|
POP or IMAP login/transaction records | /var/log/maillog – Find out when a mailbox was accessed, from which IP, and if it was successful. |
Anti-spam logs (eg. SpamAssassin) | /var/log/maillog – Find out if a mail was tagged as spam, and the reason for it. |
Mails rejected by Exim SMTP sever | /var/log/exim_rejectlog – Find out if a mail was rejected at connection level due to an Exim security policy. |
SMTP/POP/IMAP server crash logs | /var/log/messages, /var/log/maillog, /var/log/exim_paniclog – Find out why Exim/Courier/Dovecot servers crashed. |
Mailman logs | /usr/local/cpanel/3rdparty/mailmain/logs/* – Logs under this directory shows what happened to various mailing lists. |
RoundCube delivery and error logs | /var/cpanel/roundcube/log/* – Logs under this directory shows mail delivery details and RoundCube access errors. |
Horde error logs | /var/cpanel/horde/log/* – Logs under this directory show Horde errors. |
SquirrelMail logs | /var/cpanel/squirrelmail/* – Logs related to SquirrelMail errors. |
See how our cPanel server experts help you!
cPanel web server logs – Apache
Web site access logs | /usr/local/apache/domlogs/[DOMAIN_NAME] – Find out which IP accessed the site at a given time, and the status of access. |
---|---|
Web site and server error log | /usr/local/apache/logs/error_log – Details of error returned in the web site. |
Mod Security error log | /usr/local/apache/logs/modsec_audit.log – Details of the mod_security deny error. |
SuPHP audit log | /usr/local/apache/logs/suphp_log – Find out under which user ownership a script was executed. |
Apache restarts through cPanel/WHM | /usr/local/cpanel/logs/safeapacherestart_log – Find out at what all times Apache was restarted through WHM. |
cPanel FTP logs – ProFTPd/PureFTPd
File upload logs | /usr/local/apache/domlogs/ftp.[DOMAIN_NAME]-ftp_log – Find out which IP uploaded the files, under which user ownership, and status of upload. |
---|
cPanel/WHM services log
Brute force protection log | /usr/local/cpanel/logs/cphulkd.log – Check if an IP was blocked by cPHulkd. |
---|---|
Login failures on all cPanel/Webmail services | /usr/local/cpanel/logs/login_log – Find out at what all times a user was unable to login to cPanel/Webmail services. |
User logins and activity log | /usr/local/cpanel/logs/access_log – Find out what a user did after logging into cPanel. For eg. what did they upload through file manager. |
Accounts audit log | /var/cpanel/accounting.log – See the changes to accounts like creation, owner change, deletion, etc. |
Backup logs | /usr/local/cpanel/logs/cpbackup – See if an account was successfully backed up and when. |
Web statistics update log | /usr/local/cpanel/logs/stats_log – See if statistics were processed for a domain. |
cPanel license update logs | /usr/local/cpanel/logs/license_log – Find if license update had any errors. |
Service status logs | /var/log/chkservd.log – Find at what all times various services were responding. |
Tailwatch daemon log | /usr/local/cpanel/logs/tailwatchd_log – Trace any errors related to Tailwatch daemon’s working. |
WebDisk logs | /usr/local/cpanel/logs/cpdavd_error_log – Trace issues related to Web Disk daemon functioning. |
Account bandwidth usage | /var/cpanel/bandwidth/[DOMAIN_NAME] – See the history of bandwidth usage for a given domain. |
cPanel error log | /usr/local/cpanel/logs/error_log – Trace reasons for errors returned by cPanel interfaces. |
cPanel fatal error log | /usr/local/cpanel/logs/panic_log – Trace reasons for cPanel service crashes. |
cPanel update log | /var/cpanel/updatelogs/* – Trace issues related to cPanel updates. |
EasyApache installation logs | /usr/local/cpanel/logs/easy/apache/* – Cross verify errors seen in Apache with rebuild times. |
cPanel installation log | /var/log/cpanel – Trace issues noted in cPanel installation. |
[ Take care of your customers, before your competitors do. Get world-class support specialists to delight your customers. ]
Important system and 3rd party tools logs
Cron server log | /var/log/cron – Find out if a cron ran as per schedule. |
---|---|
Default system log file | /var/log/messages – Most system errors and events will be logged here. |
LFD firewall log (if CSF/LFD is installed) | /var/log/lfd.log – Find out why an IP was blocked. |
Maldetect logs (if LMD is installed) | /usr/local/maldetect/event_log – Find out what malware was detected, or why a file upload failed. |
Server authentication logs | /var/log/secure – Find out who all tried to login to the server, and from which all IPs. |
Server update log | /var/log/yum.log – Find out what all packages were updated, and when. |
MySQL log
MySQL error log | /var/lib/mysql/[SERVER_NAME].err – Find out what caused a database server crash. |
---|---|
MySQL slow query log | /var/log/slowqueries – Find out which database and user has un-optimized queries. |
Listed above are just the most common files we refer in day-to-day troubleshooting. If you need assistance in fixing any specific issue in your server, just drop us a line.
0 Comments