25 May

Watch cpanel log files

From time to time you will need to examine logs looking to identify problems. An easy way to watch these files is with tail, grep, and zgrep. I will cover both and provide a few examples that I think will make it easier to quickly find issues on a Cpanel server without getting overly complicated.

Tail:  built to display the last few lines of files. Read the tail man page to find a full list of options.

Display xyz.com file with (-f) follow then (-n)  the last 20 lines of the file. The second command displayed below will follow and display the three listed files, add more files by adding “-f -n /file” as many times as needed, or use a wildcard such as “*.com”. When using a wildcard care should be used as the number of sites you host fitting the wild card example could lead to a mess instead of usable info. Maybe this is a good time to set your window or scroll back to a few thousand lines plus. Also note when using tail and other programs that leave the file open for reading remove the follow option or your script will hang.

tail -f -n 20 /usr/local/apache/domlogs/xyz.com
tail -f -n 20 /usr/local/apache/domlogs/xyz.com -f -n 20 /usr/local/apache/domlogs/xyz.net -f -n 20 /usr/local/apache/domlogs/xyz.org

Optionally

tail -f -n 20 /usr/local/apache/domlogs/*.com

Grep: Print lines matching a pattern

Grep: Provides an easy way to look into specific files or groups of files. Open xyz.com file (-r) recursively looking for a specific pattern, only needed when looking into multiple files. Read the grep and zgrep man pages to find a full list of options.

Generic example:

grep "data-to-find" /file/location/xyz.com

Cpanel example:

grep "data-to-find" /usr/local/apache/domlogs/xyz.com

You can grep on multiple files at one.
Generic example

grep -r "data-to-find" /var/log/*

Cpanel example:

grep -r "data-to-find" /usr/local/apache/domlogs/*.com

zgrep: Allows you to look into archived log so no need to decompress before reading. The main different between grep and zgrep in this instance is that you do not need the (-r) option as zgrep recursively looks at multiple files if selected.

zgrep "data-to-find" /usr/local/apache/domlogs/xyz.com.tar.gz

Assuming Cpanel is set to archive past logs.

zgrep "data-to-find" /home/username/logs/*.gz