cPanel Log file locations

cPanel log file areas and Basic troubleshooting, the most famous activity that follows on a server to log data, so that you can go back and analyze log records for difficulties, instead of having to be on the server at the period of the following.

Kernel Boot & Hardware error logs

Path : /var/log/dmesg
Use the command ” dmesg ” in the root shell to display all the kernel ring defensedefense (last 64 K) stored in the memory. Just use ” dmesg > boot. messages ” to store the logs in a separate file, and if you want to clear the dmesg just type ” dmesg -c “.

System Informations

Path : /var/log/messages
Use “ tail -f /var/log/message ” to list what is working on with your policy and with your DNS. This log helps the admin to find any form of tcp/udp and other forms of attacks.

Bad Login / Logout logs

Path : /var/log/btmp
Stores all the bad login and logout attempts with each loser or success. Just practice the lastb facility to list all the records in a clear form with date/time etc to track and block the crime source. This kind of ssh attack is regularly done doing a script with Brute force password crackers.

Login / Logout logs

Path : /var/log/wtmp
Similar to the bad login/logout this log property the good/authorized system login and logout can be listed doing the” last “ command.

Last Logins Logs

Path : /var/log/lastlog
Database times of earlier user logins. The lastlog file is a database that checks info on the last login of each user. Use the ” lastlog ” command to retrieve the data from the reports.

Authentication logs

Path : /var/log/secure
Logs all daemons which require PAM Authentication.

Common Cpanel logs

cPanel/WHM Initial Installation Errors
Path : /var/log/cpanel*install*
Logs use to record the missing dependency or any error which is encounter during the cpanel connection process including the hardware driver failures/mismatches.

Cpanel License Error Logs

Path : /usr/local/cpanel/logs/license_log
License and its updated information are saved here, if you are encountering any license issue just execute the command /usr/local/cpanel/cpkeyclt to update the license from the Cpanel.

Cpanel/WHM Accounting Logs

Path: /var/cpanel/accounting.log
Holds a list of accounting gatherings offered through WHM, including account removal and creation. So the administrator can make of these logs to check who removed the account and from which IP etc.

Cpanel/WHM Service Status Logs

Path: /var/log/chkservd.log
Separate logs for the cpanel’s chkservd daemon which logs the service failure and information.

Cpanel Stats Daemon Logs

Path : /usr/local/cpanel/logs/stats_log
The stats daemon (cpanellogd) logs the output from all stats generators (Awstats, Webalizer, Analog) here.

Cpanel login and access logs

Path : /usr/local/cpanel/logs/access_log
All the login attempts and logins will be logged in these logs which helps the administrator to check who logged in to the panel on which time/IP address etc.

Cpanel Bandwidth Logs

Path : /var/cpanel/bandwidth
Files contain a list of the bandwidth history for each account. Each named after their respective user.

Tailwatchd Daemon logs

Path : /usr/local/cpanel/logs/tailwatchd_log
Logs for daemon configured under tailwatchd ie. cPBandwd, Eximstats, Antirelayd.

Cpanel Ftp logs

Ftp General login and Failure

Path : /var/log/messages

FTP Data Transactions log

Path : /var/log/xferlog

Is a symbolic link in most cases to /usr/local/apache/domlogs/ftpxferlog, which contains a history of the transactions made by FTP users.

FTP account Raw logs.

Path : /usr/local/apache/domlogs/ftp.domainname-ftp_log

Store all the ftp login/transfers ftp commands, client connection status etc.

Pure-ftp log

Path : /var/log/pureftpd.log

It will be disabled by default and only works if you enable it in the /etc/pure-ftpd.conf .

Pro-ftp log

Path : /var/log/pro-ftpd.log

It will be disabled by default and only works if you enable it in the /etc/pro-ftpd.conf

Cpanel Mysql logs

MySQL General Information and Errors

Path : /var/lib/mysql/$(hostname).err

This path could vary but is usually located in /var/lib/mysql. Could also be located at /var/log/mysqld.log.

Cpanel Apache logs

Apache Access Logs:

Path : /usr/local/apache/logs/access_log

The complete web server access log records of all applications prepared by the server.

General Error and Auditing Logs

Path : /usr/local/apache/logs/error_log

All differences caught by httpd along with official error output from CGI applications are logged here, including apache crash, etc.

Apache SuExec Logs

Path : /usr/local/apache/logs/suexec_log

Auditing data is reported by suexec each time a CGI administration is produced. Useful for debugging internal server failures, with no related information being recorded to the Apache error_log, check here for potential suexec policy crimes.

Domain Access & error logs

Path: /usr/local/apache/domlogs/

Indefinite access and error log file for any domain configured with cPanel.

Cpanel Exim logs

Mail Receive and Delivery

Path : /var/log/exim_mainlog or /var/log/exim/mainlog(FreeBSD)

Receives an entry every time a message is received or delivered.

ACLs/Policies based RejectLog

Path : /var/log/exim_rejectlog

An entry is written to this log every time a message is rejected based on either ACLs or other policies eg: aliases configured to : fail

Panic/Fatal Errors :

Path : /var/log/exim_paniclog

Logs any records Exim doesn’t know how to manage. It’s commonly a really bad thing when log records are being signed here, and they should be accurately investigated


Path : /var/log/maillog & /var/log/messages

The IMAP, POP, and SpamAssassin duties all log here. This involves all general logging data (login attempts, transactions, spam scoring), along with fatal errors.

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Stats and Monitoring Process tool

Mysqlmymonlite Stats and Monitoring process free tool, Bash shell script tool used to gather...

cPanel Game Server Installation

cPGS is a software module that allows you to set up and run a game server. You are even able to...

Attracta SEO Tools Installation

Attracta SEO tool will verify that your website has not been flagged by Google as containing...

Server load alerts shell script

Simple Server load alerts shell script to monitor your server load average, Free Memory and Swap...

Powered by WHMCompleteSolution