cPanel logs provide a goldmine of information to quickly resolve various customer issues and server errors.
Here’s a list of the cPanel logs most commonly used by our expert server administrators, and the commonly sought information in them.
cPanel mail logs – SMTP (Exim), POP/IMAP (Courier/Dovecot) and Webmail (Horde/RoundCube/Squirrelmail)
| Incoming and outgoing mail log | /var/log/exim_mainlog – Find out what happened to an email sent to an outside server, or one that came into this server. |
|---|---|
| POP or IMAP login/transaction records | /var/log/maillog – Find out when a mailbox was accessed, from which IP, and if it was successful. |
| Anti-spam logs (eg. SpamAssassin) | /var/log/maillog – Find out if a mail was tagged as spam, and the reason for it. |
| Mails rejected by Exim SMTP sever | /var/log/exim_rejectlog – Find out if a mail was rejected at connection level due to an Exim security policy. |
| SMTP/POP/IMAP server crash logs | /var/log/messages, /var/log/maillog, /var/log/exim_paniclog – Find out why Exim/Courier/Dovecot servers crashed. |
| Mailman logs | /usr/local/cpanel/3rdparty/mailmain/logs/* – Logs under this directory shows what happened to various mailing lists. |
| RoundCube delivery and error logs | /var/cpanel/roundcube/log/* – Logs under this directory shows mail delivery details and RoundCube access errors. |
| Horde error logs | /var/cpanel/horde/log/* – Logs under this directory show Horde errors. |
| SquirrelMail logs | /var/cpanel/squirrelmail/* – Logs related to SquirrelMail errors. |
See how our cPanel server experts help you!
cPanel web server logs – Apache
| Web site access logs | /usr/local/apache/domlogs/[DOMAIN_NAME] – Find out which IP accessed the site at a given time, and the status of access. |
|---|---|
| Web site and server error log | /usr/local/apache/logs/error_log – Details of error returned in the web site. |
| Mod Security error log | /usr/local/apache/logs/modsec_audit.log – Details of the mod_security deny error. |
| SuPHP audit log | /usr/local/apache/logs/suphp_log – Find out under which user ownership a script was executed. |
| Apache restarts through cPanel/WHM | /usr/local/cpanel/logs/safeapacherestart_log – Find out at what all times Apache was restarted through WHM. |
cPanel FTP logs – ProFTPd/PureFTPd
| File upload logs | /usr/local/apache/domlogs/ftp.[DOMAIN_NAME]-ftp_log – Find out which IP uploaded the files, under which user ownership, and status of upload. |
|---|
cPanel/WHM services log
| Brute force protection log | /usr/local/cpanel/logs/cphulkd.log – Check if an IP was blocked by cPHulkd. |
|---|---|
| Login failures on all cPanel/Webmail services | /usr/local/cpanel/logs/login_log – Find out at what all times a user was unable to login to cPanel/Webmail services. |
| User logins and activity log | /usr/local/cpanel/logs/access_log – Find out what a user did after logging into cPanel. For eg. what did they upload through file manager. |
| Accounts audit log | /var/cpanel/accounting.log – See the changes to accounts like creation, owner change, deletion, etc. |
| Backup logs | /usr/local/cpanel/logs/cpbackup – See if an account was successfully backed up and when. |
| Web statistics update log | /usr/local/cpanel/logs/stats_log – See if statistics were processed for a domain. |
| cPanel license update logs | /usr/local/cpanel/logs/license_log – Find if license update had any errors. |
| Service status logs | /var/log/chkservd.log – Find at what all times various services were responding. |
| Tailwatch daemon log | /usr/local/cpanel/logs/tailwatchd_log – Trace any errors related to Tailwatch daemon’s working. |
| WebDisk logs | /usr/local/cpanel/logs/cpdavd_error_log – Trace issues related to Web Disk daemon functioning. |
| Account bandwidth usage | /var/cpanel/bandwidth/[DOMAIN_NAME] – See the history of bandwidth usage for a given domain. |
| cPanel error log | /usr/local/cpanel/logs/error_log – Trace reasons for errors returned by cPanel interfaces. |
| cPanel fatal error log | /usr/local/cpanel/logs/panic_log – Trace reasons for cPanel service crashes. |
| cPanel update log | /var/cpanel/updatelogs/* – Trace issues related to cPanel updates. |
| EasyApache installation logs | /usr/local/cpanel/logs/easy/apache/* – Cross verify errors seen in Apache with rebuild times. |
| cPanel installation log | /var/log/cpanel – Trace issues noted in cPanel installation. |
[ Take care of your customers, before your competitors do. Get world-class support specialists to delight your customers. ]
Important system and 3rd party tools logs
| Cron server log | /var/log/cron – Find out if a cron ran as per schedule. |
|---|---|
| Default system log file | /var/log/messages – Most system errors and events will be logged here. |
| LFD firewall log (if CSF/LFD is installed) | /var/log/lfd.log – Find out why an IP was blocked. |
| Maldetect logs (if LMD is installed) | /usr/local/maldetect/event_log – Find out what malware was detected, or why a file upload failed. |
| Server authentication logs | /var/log/secure – Find out who all tried to login to the server, and from which all IPs. |
| Server update log | /var/log/yum.log – Find out what all packages were updated, and when. |
MySQL log
| MySQL error log | /var/lib/mysql/[SERVER_NAME].err – Find out what caused a database server crash. |
|---|---|
| MySQL slow query log | /var/log/slowqueries – Find out which database and user has un-optimized queries. |
Listed above are just the most common files we refer in day-to-day troubleshooting. If you need assistance in fixing any specific issue in your server, just drop us a line.
0 Comments