cPanel logs location

Finding cPanel logs been always an issue for everyone. cPanel seems to distribute the logs in all over the disk. Saying that, cPanel got a nice Poster that you can print out but the PDF file is 42MB. This post is a collection of all the cPanel logs location for access, Apache, email, error, ftp, mysql, WHM and other possible applications.

If you live in USA, Canada or Mexico, they will even send you a high resolution printed copy. Select open in New Window to on the image below to view full-size.

cPanel logs location - blackMORE Ops - DropMini

Following log locations are covered in this guide:

  1. Access logs
  2. Apache Web Server Logs
  3. Email logs
  4. Error logs
  5. Ftp logs
  6. MySQL logs and
  7. WHM logs.

If you want to access logs via WHM GUI, cPanel documentation got more details here.

cPanel logs

Access logs and user actions /usr/local/cpanel/logs/access_log
Account transfers and misc. logs /var/cpanel/logs
Auditing log (account creations, deletions, etc) /var/cpanel/accounting.log
Backup logs /usr/local/cpanel/logs/cpbackup
Brute force protection (cphulkd) log /usr/local/cpanel/logs/cphulkd.log
Cpanel dnsadmin dns clustering daemon /usr/local/cpanel/logs/dnsadmin_log
Cpanel taskqueue processing daemon /usr/local/cpanel/logs/queueprocd.log
DBmapping /usr/local/cpanel/logs/setupdbmap_log
EasyApache build logs /usr/local/cpanel/logs/easy/apache/
Error log /usr/local/cpanel/logs/error_log
Installation log /var/log/cpanel
License updates and errors /usr/local/cpanel/logs/license_log
Locale database modifications /usr/local/cpanel/logs/build_locale_database_log
Login errors (CPSRVD) /usr/local/cpanel/logs/login_log
Horde /var/cpanel/horde/log/
RoundCube /var/cpanel/roundcube/log/
SquirrelMail /var/cpanel/squirrelmail/
Panic log /usr/local/cpanel/logs/panic_log
Per account bandwidth history (Cached) /var/cpanel/bandwidth.cache/{USERNAME}
Per account bandwidth history (Human Readable) /var/cpanel/bandwidth/{USERNAME}
Service status logs /var/log/chkservd.log
Tailwatch driver tailwatchd log /usr/local/cpanel/logs/tailwatch_log
Update analysis reporting /usr/local/cpanel/logs/updated_analysis/{TIMESTAMP}.log
Update (UPCP) log /var/cpanel/updatelogs/updated.{TIMESTAMP}.log
WebDisk (CPDAVD) /usr/local/cpanel/logs/cpdavd_error_log
Website statistics log /usr/local/cpanel/logs/stats_log

cPanel access log

Access logs and user actions /usr/local/cpanel/logs/access_log

cPanel apache log

Apache restarts done through cPanel and WHM /usr/local/cpanel/logs/safeapcherestart_log
Domain access logs /usr/local/apache/domlogs/{DOMAIN}
Processing of log splitting /usr/local/cpanel/logs/splitlogs_log
suPHP audit log /usr/local/apache/logs/suphp_log
Web server and CGI application error log /usr/local/apache/logs/error_log

cPanel email log

Delivery and receipt log /var/log/exim_mainlog
Incoming mail queue /var/spool/exim/input/
Log of messages rejected based on ACLS or other policies /var/log/exim_rejectlog
Unexpected/Fatal error log /var/log/exim_paniclog
IMAP, POP login attempts, transactions, fatal errors and spam scoring /var/log/maillog /var/log/messages
Mailman /usr/local/cpanel/3rdparty/mailmain/logs

MySQL log

MySQL error log /var/lib/mysql/{SERVER_NAME}.err
MySQL slow query log (if enabled in my.cnf) /var/log/slowqueries

Conclusion

I am keeping this post mostly for myself as this is a cumulative collection of usual cPanel logs location. You should be able to find logs using this guide and that would help you to narrow down on possible issues. My thanks goes to Jacob Nicholson from InMotionHosting who originally posted this here.

Please share and RT. Thanks.

Check Also

Unattended Upgrade

How to configure automatic updates in Ubuntu Server

This guide explains how to configure automatic updates in Ubuntu Server 20.04. This tutorial is …

Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs

Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs

This Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, …

Leave your solution or comment to help others.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from blackMORE Ops

Subscribe now to keep reading and get access to the full archive.

Continue reading