1. J

    SOLVED mod_sec conficting information in logs Failed to access DBM

    Hello. I hope everyone is safe and healthy. I've been having an issue with conflicting log information. When ruid is ON I am recieving the following conflict between two logs and despite the bad error in apache error logs users are reportin a mix of pages loading and some report pages don't...
  2. H

    Location of Logs

    From which location i will get the following log details. - root [07/08/2021:11:52:03 -0000] "GET /cpsess4565082798/scripts12/terminal HTTP/1.1" 200 0 "https://server.myhosting.com:2087/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)...
  3. S

    Reading the Imunify logs

    Hello, Im trying to make a comand line here either with grep grep domainname /var/log/imunify360/console.log or using something like imunify360-agent get but I cant get around it. Thing is data in the /var/log/imunify360/console.log file is not really user friendly and I'd like to extract there...
  4. S

    Turn off apache logs per domain?

    I have a bunch of domains as usual. can I turn off logging for any of them individually? So domain??? won't get log files anymore at these locations? I'm using the latest cPanel/WHM v94.0.11. eg. /apps/apache/logs/domlogs/someuser/domain??? and /home/someuser/access-logs/domain???
  5. P

    How to find hackers access point

    One of the accounts on the server had a file changed by a hacker. I was able to find the hackers IP in the access log. The entry in the log indicated the change was made via cpanels file manager so I searched the logs to see if I could find how that IP logged in. The only thing I could find for...
  6. J

    modsec_audit always empty

    Hello. In my attempt to track down a malicious IP address attacking the server I've been looking at logs. Not only cannot I not find the malicious IP address in any logs which I know was attacking because a different service has logged it in it's application and it shows in that database -...
  7. P


    hello my logs are missing from /usr/local/cpanel/logs anyone can help me about this?
  8. S

    Blackhole on exim logs

    Hello everyone. I face a situation where : A user received an email but it didn't come in to his inbox and also there are no logs in track delivery but according to /var/log/exim_maillog it received on that email address. What does it mean? The log file as follow: 2021-04-19 12:51:10...
  9. L

    Can you tell me how to see Logs text in such *.gz files...?

    SSH access from Web Terminal at WHM/cPanel: Home » Server Configuration » Terminal [[email protected]***-***-***-*** logs]# pwd /home/yyyy/logs [[email protected]***-***-***-*** logs]# ls -la | grep "Apr-2021" -rw-r--r-- 1 yyyy yyyy 2497 Apr 19 15:05 api.zzz.city-Apr-2021.gz -rw-r--r-- 1 yyyy yyyy 1874 Apr 19...
  10. J

    How do I exclude logs directory without excluding other directories that end in logs from backup?

    Folks, How do I exclude logs directory without excluding other directories that end in logs from backup? Current /etc/cpbackup-exclude.conf entry: logs/* Current Log file examples: Skipping public_html/wp-includes/js/tinymce/plugins/wpdialogs/plugin.js Skipping...
  11. P


    hi whay my /usr/local/cpanel/logs are empty?no file found
  12. J

    Recommendations on Linux SIEM tools?

    I've seen two threads here discuss OSSEC, Splunk, and LogWatch. However, both are well over 5 years old. What works best with dedicated cPanel server environments? Which is best for learning more about cybersecurity and incident response in general?
  13. The Old Man

    Understanding SuExec Logs

    Hi, Please could you help clarify the SuExec log, which is fairly unclear as to what it is actually reporting: e.g. [2020-10-08 02:59:44]: uid: (1000/abc123) gid: (1002/abc123) cmd: ea-php73 Is that example entry saying that a PHP script (although it doesn't say what is was) was successfully...
  14. C

    SOLVED [EA-9123] Only IPv6 logs show to access log

    Hello : On web sites using Cloudflare problem is only for access log writed for ipv6 not show for ipv4 visitors reguest.I'm check it for my 6 cpanel servers same issue is started. This issue was started 2020-6-17 and I see for June 17 EA 4 some updates : EasyApache 4 Change Log 2020 | cPanel &...
  15. G

    Last Update time in Download Current Raw Access Logs Not Changing

    Hi There, Started in May month, the issue is the Raw Access log activity which should be started at 00:00:00 seconds moved to further 05:00:000 and now at 06:00:00. Can you guys plz tell me, how to get start the log activity beginning of the new day not further in the day. Plz check the image...
  16. G

    phpMyAdmin logs out each time my IP changes

    I'm trying to start using my mobile hotspot for home internet instead of DSL, because (a) it's paid for, (b) it's cheaper, and (c) it's about 5 times faster! But I'm coming across a few tiny little nuisances that I'm trying to eliminate one by one. I usually keep a few Chrome tabs pinned with...
  17. R

    Download logs

    Hi, i need to download logs located in /var/log, is it possible? Thanks
  18. L

    Current Raw Access Logs

    Can somebody tell me why my "Current Raw Access Logs" don't update in real-time during a whole day? I'm doing tests on my own website but can't see the results in my logs until the next day or until the archive log file have been processed after 24 hours. I remember not so long ago that the...
  19. L

    Raw Access Logs

    Hello, need help with the raw access logs. How often do they update during the day? I'm a newbie at this but I remember that it was almost instantly not so long ago. Now, I almost have to wait an entire day to see something on these logs even if I'm sure something was recorded. Can somebody...
  20. D

    cpanellogd waiting for child to process logs for http

    Hi, It seems that Cpanellogd (or related services) are causing high load on the server that I'm managing. It seems that this service is launched every hour and spawns more than 30 processes, like so: root 19631 0.6 0.2 214456 18424 ? S 09:01 0:00 cpanellogd - waiting for...