PrackHost : Hosting Premium Web LiteSpeed

Logs of cPanel

Where they store all the logs of cPanel?

The Control Panel cPanel tells on numerous logs that they help to detect us to errors in the different services of the servant. We showed main logs to you of cPanel, why they serve and in what route are in the servant:


  • cPanel/WHM initial Errors of installation:
    Route: /var/log/cpanel *install*
    Description: These archives of registry contain registries of installation of cPanel and make reference in the first place to the problems that arise from the new facilities of cPanel.
  • Registries of state on watch Cpanel/WHM:
    Route: /var/log/chkservd.log
    Description: The supervision demon on watch (chkservd) registers all the verifications on watch in this file. The service bankrupt imagines with [-] and the active services are represented by [+].
  • Accounting records of Cpanel/WHM:
    Route: /var/cpanel/accounting.log
    Description: It contains a list of realised countable functions through WHM, including the elimination and creation of accounts.


Specific requests and errors of cPanel/WHM

  • cPanel error logs:
    Route: /usr/local/cpanel/logs/error_log
    Description: cPanel registers any error which here it incurs. This must verify when you find strange errors or behaviors in cPanel/WHM.
  • Registries of error of license of cPanel:
    Route: /usr/local/cpanel/logs/license_log
    Description: All the attempts of update of license are registered here. If you are with some error related to the license when initiating session, it consults here.
  • Registries of statistics of the demons:
    Route: /usr/local/cpanel/logs/stats_log
    Description: Daemon of statistics (cpanellogd) registers the exit of all the generators of statistics (Awstats, Webalizer, Analog) here.
  • Information of the client, asked for registries of URL:
    Route: /usr/local/cpanel/logs/access_log
    Description: The general information related to the access to the requests of cPanel is registered here.
  • Registries of update cPanel/WHM:
    Route: /var/cpanel/updatelogs/update- [TIMESTAMP] .log
    Description: [Contains all the results of each update of cPanel upcp]. One names with the date of time in which the process began upcp.
  • Registries of bandwidth:
    Route: /var/cpanel/bandwidth
    Description: The archives contain a list of the file of bandwidth for each account. Each named after its respective user.
  • Tailwatchd:
    Route: /usr/local/cpanel/logs/tailwatchd_log
    Description: Registries for demons formed in tailwatchd that is to say: cPBandwd, Eximstats, Antirelayd.

Logs de Apache

  • Publication and document record department of errors and audit:
    Route: /usr/local/apache/logs/error_log
    Description: All the exceptions detected by httpd along with the exit of standard error of applications cgi. It is the first place that you must look when service httpd fails or incurs errors when acceding to the website.
  • Apache SuExec Logs:
    Route: /usr/local/apache/logs/suexec_log
    Description: Audit of information reported by suexec whenever an application cgi is executed. Useful for the purification of internal errors of the servant, without one has inquired into no excellent information to error_log of Apache. It verifies here possible violations of the policy of suexec.
  • Domain Logs Access:
    Route: /usr/local/apache/domlogs/
    Description: File of registry of general access for each domain formed with cPanel.
  • Apache Logs Access:
    Route: /usr/local/apache/logs/access_log
    Description: Complete registry of access to the Web server that registers all the requests processed by the servant.


  • Reception and delivery of messages:
    Route: /var/log/exim_mainlog or /var/log/exim/mainlog
    Description: It receives an entrance whenever a message is received or given.
  • Exim ACLs/Policies based on RejectLog:
    Route: /var/log/exim_rejectlog
    Description: An entrance is written in this registry whenever a message based on ACL or other policies is rejected, for example: formed alias stop: fail
  • Unexpected or fatal errors:
    Route: /var/log/exim_paniclog
    Description: It registers any entrance that Exim does not know how to handle. Generally, he is something really negative when the registry entrances write here, and must be investigated suitably.
  • General IMAP/POP/SpamAssassin Logging and Errors:
    Route: /var/log/maillog & /var/log/messages
    Description: The services IMAP, MGP and SpamAssassin are registered here. This includes all the general information of registry (attempts of beginning of session, transactions, score of Spam), along with fatal errors.


  • Homes of session of FTP and general errors:
    Route: /var/log/messages
    Description: Here one registers the general information and the attempts of beginning of session.
  • Registry of transactions FTP:
    Route: /var/log/xferlog or /var/log/messages
    Description: It is a symbolic connection in the majority of the cases to /usr/local/apache/domlogs/ftpxferlog, that it contains a file of the transactions realised by the FTP users.


  • General information and errors of MySQL:
    Route: /var/lib/mysql/ $ (hostname) .err
    Description: This route can vary, since it depends from where it is defined in the configuration file MySQL (/etc/my.conf), but it is generally in /var/lib/mysql. Also it could be located in /var/log/mysqld.log


  • Attempts of authentication:
    Route: /var/log/secure
    Description: Daemons registers all that require Authentication PAM.
  • Tracking all the Bad Logins and Logouts:
    Route: /var/log/btmp
    Description: Registry on all the attempts of incorrect beginnings of session in the system. Acceded through last commando.
  • Tracking all the beginnings of session and the closings of session:
    Route: /var/log/wtmp
    Description: The file wtmp registers all the beginnings of session and the closings of session.
  • Last beginnings of session:
    Route: /var/log/lastlog
    Description: The file lastlog is a data base that contains information on the last beginning of session of each user.
  • WebDav or WebDisk Log:
    Route: /usr/local/cpanel/logs/cpdavd_error_log
    Description: Daemon of cpdavd is €œWebDav€ (more well-known as €œWebDisk€) that was introduced in cPanel 11 to allow the users to mount its personal directory in its computer.
  • Cphulkd Logs:
    Route: /usr/local/cpanel/logs/cphulkd_errors.log
    Description: cPHulk Brute FORCE Protection avoids that hostile forces try to accede to the services of your servant being guessed the password of beginning of session for that service. It puts in a black list the IP that tries to execute a brute force attack.
  • Registry of faults:
    Route: /var/log/faillog
    Description: Faillog formats the contents of the registry of faults of the data base /var/log/faillog. Also it is possible to be used to maintain accountants and limits of failures.
  • Messages of beginning error/starting, kernel and hardware:
    Route: /var/log/dmesg
    Description: It is a buffer of message of kernel. The content of this file is referred by the commando dmesg. It shows to the registry of starting and the errors of hardware.

Administered VPS

Published in ,
Transformation for PrackHost


Hosting specialized in Joomla! , Wordpress, Prestashop and Moodle. Services of hosting in the cloud. Dedicated servers VPS and.

It leaves a commentary