Jolt Wiki

Have a Question?

If you have any question you can ask below or enter what you are looking for!

Accessing Web Server Logs

13 Mar, 2014 How To and DIY 0 Comments

Web servers allow for the maintenance of server error logs. If you aren’t familiar with Linux systems, it can be a challenge determining where these logs are stored. Continue reading this wiki in order to learn the location of the logs in the Linux filesystem.

Apache

Each of the Apache’s three logs serves a distinct purpose and records a different activity within the server.

  • access_log – keeps a record of all HTTP requests to websites which has the server’s hostname, or are directed to the server’s Internet Protocol: 
    /usr/local/apache/logs/access_log
  • error_log – keeps a record of all errors on all websites hosted on the web server: 
    /usr/local/apache/logs/error_log
  • domlogs – organises all the error logs, creating a folder for each site: 
    /usr/local/apache/domlogs

Exim (mail)

  • mainlog – comprises of details of all incoming and outgoing connections:/var/log/exim_mainlog
  • rejectlog – comprises of details of all rejected connections:/var/log/exim_rejectlog

cPanel

  • /usr/local/cpanel/logs/access_log
  • /usr/local/cpanel/logs/error_log

FTP

The FTP server automatically creates a log of all connections, downloads and uploads in one location regardless of which FTP daemon you install. You can find the log in:

/var/log/messages

Firewall

You will be able to access firewall logs as long as you have the ConfigServer Security & Firewall WHM plugin installed.

Step 1: Navigate to the WHM Graphical User Interface and you will find the ‘Plugins’ section in the left sidebar. Click ConfigServer Security & Firewall.

ConfigServer Security & Firewall WHM cPanel

Step 2: Next, you will be taken to the main page where you will see various options. Look in the top box (Server Information), then click the Watch System Logs box.

Step 3: You’ll then see a page which refreshes every 5 seconds. This page shows one of 15 different logs. From the drop-down menu, select the log you would like to view.

You will be shown the log located at /var/log/lfd.log when you first view the page. You can choose from the following logs:

  • /usr/local/apache/logs/error_log
  • /usr/local/apache/logs/modsec_audit.log
  • /usr/local/apache/logs/suphp_log
  • /usr/local/cpanel/logs/access_log
  • /usr/loca/cpanel/logs/error_log
  • /usr/local/cpanel/logs/stats_log
  • /var/log/chkservd.log
  • /var/log/cron
  • /var/log/exim_mainlog
  • /var/log/exim_paniclog
  • /var/log/exim_rejectlog
  • /var/log/lfd.log (by default, this is the log you will be shown when you first visit the log page)
  • /var/log/maillog
  • /var/log/messages
  • /var/log/secure

Many of this logs were aforementioned in this article, as you will doubtlessly have noticed; the reason being that it looks for any other logs on the server.

Leave a Reply

You must be logged in to post a comment.