Httpd Log File

  

Apache server logs contain a wealth of information about the visitors to your site. We show you a few basic tips and tricks for managing and parsing those log files to find the wheat in an ocean. On Linux as well as most other Unix-like systems, httpd is started as the 'root' user; UID=root, GID=root. This is necessary because only this user can bind to port 80 and 443 (anything below 1024 in fact).

  • Locations of configuration and log files of major components
    • Postfix
    • Dovecot
    • Amavisd

SSL certificate

FormatHttpd Log File

The self-signed SSL certificate generated during iRedMail installation:

  • on RHEL/CentOS:

    • /etc/pki/tls/certs/iRedMail.crt
    • Private key: /etc/pki/tls/private/iRedMail.key
  • on Debian/Ubuntu:

    • /etc/ssl/certs/iRedMail.crt
    • Private key: /etc/ssl/private/iRedMail.key
  • on FreeBSD:

    • /etc/ssl/certs/iRedMail.crt
    • Private key: /etc/ssl/private/iRedMail.key
  • on OpenBSD:

    • /etc/ssl/iRedMail.crt
    • Private key: /etc/ssl/iRedMail.key

Postfix

  • on Linux and OpenBSD, Postfix config files are placed under /etc/postfix/.
  • on FreeBSD, Postfix config files are placed under /usr/local/etc/postfix/.

Main config files:

  • main.cf: contains most configurations.
  • master.cf: contains transport related settings.
  • aliases: aliases for system accounts.
  • helo_access.pcre: PCRE regular expressions of HELO check rules.
  • ldap/*.cf: used to query mail accounts. LDAP backends only.
  • mysql/*.cf: used to query mail accounts. MySQL/MariaDB backends only.
  • pgsql/*.cf: used to query mail accounts. PostgreSQL backend only.

Log files

  • on RHEL/CentOS, FreeBSD, OpenBSD, it's /var/log/maillog.
  • on Debian, Ubuntu, it's /var/log/mail.log.

Dovecot

  • on Linux and OpenBSD, Dovecot config files are placed under /etc/dovecot/.
  • on FreeBSD, Dovecot config files are placed under /usr/local/etc/dovecot/.

Config files

Httpd Log File Location

Main config file is dovecot.conf. It contains most configurations.

Additional config files under /etc/dovecot/:

  • dovecot-ldap.conf: used to query mail users and passwords. LDAP backends only.
  • dovecot-mysql.conf: used to query mail users and passwords. MySQL/MariaDB backends only.
  • dovecot-pgsql.conf: used to query mail users and passwords. PostgreSQL backend only.
  • dovecot-used-quota.conf: used to store and query real-time per-user mailbox quota.
  • dovecot-share-folder.conf: used to store settings of shared IMAP mailboxes.
  • dovecot-master-users-password or dovecot-master-users: used to store Dovecot master user accounts.

Log files

  • /var/log/dovecot.log: main log file.

  • Since iRedMail-0.9.8, log files are under /var/log/dovecot/ directory.

  • Since iRedMail-0.9.6, on Linux:

    • /var/log/dovecot-imap.log: IMAP service related log.
    • /var/log/dovecot-pop3.log: POP3 service related log.
    • /var/log/dovecot-sieve.log: Managesieve service related log.
    • /var/log/dovecot-lda.log: Local mail delivery related log, including both sieve and LMTP.
  • In iRedMail-0.9.5 and earlier versions, all Linux and BSD system:

    • /var/log/dovecot-sieve.log: sieve LDA (Local Delivery Agent) related log. Mail delivery related log will be logged in this file. NOTE: on old iRedMail releases, it's /var/log/sieve.log.
    • /var/log/dovecot-lmtp.log: LMTP related log. Mail delivery (via LMTP) related log will be logged in this file. Note: there's no such file on iRedMail-0.8.6 and old iRedMail releases.

Nginx

  • On Linux and OpenBSD:
    • Nginx config files are placed under /etc/nginx/
    • uWSGI config files are placed under /etc/uwsgi/
  • On FreeBSD:
    • Nginx config files are placed under /usr/local/etc/nginx
    • Web applications are stored under /usr/local/www
    • uWSGI config files are placed under /usr/local/etc/uwsgi/

Main config files are nginx.conf and default.conf.

  • On Linux and FreeBSD: log files are placed under /var/log/nginx/.
  • On OpenBSD: log files are placed under /var/www/logs/ (same as Apache).

PHP

Main config file:

  • on RHEL/CentOS: it's /etc/php.ini
  • on Debian/Ubuntu:
    • If you're running Apache as web server:
      • If you're running PHP-5: it's /etc/php5/apache2/php.ini (Debian 8, Ubuntu 14.04)
      • If you're running PHP-7: it's /etc/php/7.0/cli/php.ini (Ubuntu 16.04)
    • If you're running Nginx as web server: it's /etc/php5/fpm/php.ini.
      • If you're running PHP-5: it's /etc/php5/fpm/php.ini (Debian 8, Ubuntu 14.04)
      • If you're running PHP-7: it's /etc/php/7.0/fpm/php.ini (Ubuntu 16.04)
  • on FreeBSD: it's /usr/local/etc/php.ini.
  • on OpenBSD: it's /etc/php-5.X.ini

OpenLDAP

Main config file:

  • on RHEL/CentOS: it's /etc/openldap/slapd.conf.
  • on Debian/Ubuntu: it's /etc/ldap/slapd.conf.
  • on FreeBSD: it's /usr/local/etc/openldap/slapd.conf.
  • on OpenBSD: it's /etc/openldap/slapd.conf.

Schema files are stored under schema/ directory (same directory as slapd.conf).

OpenLDAP is configured to log to /var/log/openldap.log by default, if it'sempty, please check normal syslog log file /var/log/messages or/var/log/syslog instead.

MySQL, MariaDB

Main config file:

  • on RHEL/CentOS: /etc/my.cnf.
  • on Debian/Ubuntu, it's /etc/mysql/my.cnf. If you're running MariaDB, it's /etc/mysql/mariadb.conf.d/mysqld.cnf.
  • on FreeBSD: /var/db/mysql/my.cnf.
  • on OpenBSD: /etc/my.cnf.

Roundcube webmail

  • Root Directory. Roundcube webmail is installed under below directory by default:

    • RHEL/CentOS: /opt/www/roundcubemail. It's a symbol link to roundcubemail-x.y.z under same directory.

      Note: with old iRedMail releases, it's /var/www/roundcubemail.

    • Debian/Ubuntu: /opt/www/roundcubemail. It's a symbol link to /opt/www/roundcubemail-x.y.z.

      Note: with old iRedMail releases, it's /usr/share/apache2/roundcubemail,it's a symbol link to /usr/share/apache2/roundcubemail-x.y.z/.

    • FreeBSD: /usr/local/www/roundcube.

    • OpenBSD: /opt/www/roundcubemail. It's a symbol link to roundcubemail-x.y.z under same directory.

      Note: with old iRedMail releases, it's /var/www/roundcubemail.

  • Config files:

    • Main config file is config/config.inc.php under Roundcube webmail directory.

      If you're running old Roundcube webmail (0.9.x and earlierreleases), it has two separate config files: config/db.inc.php andconfig/main.inc.php.

    • Config files of plugins are placed under plugin directory. for example, config file of password plugin is plugins/password/config.inc.php.

  • Log file. Roundcube is configured to log to Postfix log file by default.

Warning

Roundcube stores all default settings in config/defaults.inc.php, please donot modify it, instead, you should copy the settings you want to modify fromconfig/defaults.inc.php to config/config.inc.php, then modify the one inconfig/config.inc.php.

Amavisd

Main config files

  • on RHEL/CentOS: it's /etc/amavisd/amavisd.conf.
  • on Debian/Ubuntu: it's /etc/amavis/conf.d/50-user.

    Debian/Ubuntu have some additional config files under /etc/amavis/conf.d/,but you can always override them in /etc/amavis/conf.d/50-user.When we mention amavisd.conf in other documents, it always means 50-useron Debian/Ubuntu.

  • on FreeBSD: it's /usr/local/etc/amavisd.conf.

  • on OpenBSD: it's /etc/amavisd.conf.

Log files

Amavisd is configured to log to Postfix log file by iRedMail.

SpamAssassin

Attention

With default iRedMail settings, SpamAssassin is called by Amavisd, not run as a daemon.

Main config file:

  • On Linux/OpenBSD, it's /etc/mail/spamassassin/local.cf.
  • On FreeBSD, it's /usr/local/etc/mail/spamassassin/local.cf.

SpamAssassin doesn't have a separated log file, to debug SpamAssassin, pleaseset $sa_debug = 1; in Amavisd config file, then restart Amavisd service.

Fail2ban

Main config file:

  • On Linux/OpenBSD, it's /etc/fail2ban/jail.local.
  • On FreeBSD, it's /usr/local/etc/fail2ban/jail.local.

Warning

All custom settings should be placed in jail.local, and don't touchjail.conf, so that upgrading Fail2ban binary package won't lose/overrideyour custom settings.

Filters:

Log File Analyzer

  • On Linux/OpenBSD, all filters are defined in files under /etc/fail2ban/filter.d/.
  • On FreeBSD, all filters are defined in files under /usr/local/etc/fail2ban/filter.d/.

Ban/Unban actions:

  • On Linux/OpenBSD, all actions are defined in files under /etc/fail2ban/action.d/.
  • On FreeBSD, all filters are defined in files under /usr/local/etc/fail2ban/action.d/.

Log file: Fail2ban logs to default syslog log file.

Log
  • on RHEL/CentOS/OpenBSD/FreeBSD, it's /var/log/messages.
  • on Debian/Ubuntu, it's /var/log/syslog.

SOGo Groupware

  • Main config file is
    • on Linux/OpenBSD: /etc/sogo/sogo.conf
    • on FreeBSD: /usr/local/etc/sogo/sogo.conf
  • Log file is /var/log/sogo/sogo.log.

mlmmjadmin

How To Open Log Files

  • Config file: /opt/mlmmjadmin/settings.py (same on all Linux/BSD distributions)
  • Log file: /var/log/mlmmjadmin/mlmmjadmin.log
  • Data directories:
    • All active mailing lists: /var/vmail/mlmmj. Including archive.
    • Removed and archived mailing lists: /var/vmail/mlmmj-archive

iRedAPD

  • Main config file is /opt/iredapd/settings.py on all Linux/BSD distributions.
  • Log file:

    • With iRedAPD-1.7.0 and later releases, log file is /var/log/iredapd/iredapd.log.
    • With iRedAPD-1.6.0 and older releases, log file is /var/log/iredapd.log.

iRedAdmin

Main config file:

  • on RHEL/CentOS, it's /opt/www/iredadmin/settings.py.

    Note: on old iRedMail releases, it's /var/www/iredadmin/settings.py.

  • on Debian/Ubuntu, it's /opt/www/iredadmin/settings.py.

    Note: on old iRedMail releases, it's /usr/share/apache2/iredadmin/settings.py.

  • on FreeBSD, it's /opt/www/iredadmin/settings.py.

    Note: on old iRedMail releases, it's /usr/local/www/iredadmin/settings.py.

  • on OpenBSD, it's /opt/www/iredadmin/settings.py.

    Note: on old iRedMail releases, it's /var/www/iredadmin/settings.py.

iRedAdmin is a web application, when debug mode is turned on, it will log errormessage to:

  • If you're running Apache, it logs to Apache ssl error log file.
  • If you're running Nginx with uwsgi:
    • on Debian/Ubuntu, it logs to /var/log/uwsgi/app/iredadmin.log.
    • on RHEL/CentOS, it logs to /var/log/messages.
    • on OpenBSD, it logs to /var/www/logs/uwsgi.log.
    • on FreeBSD, it logs to /var/log/uwsgi-iredadmin.log.

Note: If you modified any iRedAdmin files (not just config file), please restartApache or uwsgi service (if you're running Nginx) to reload modified files.

Apache

  • On RHEL/CentOS: Apache config files are placed under /etc/httpd/.

    • Main config file is /etc/httpd/conf/httpd.conf.
    • Module config files are placed under /etc/httpd/conf.d/ (old releases) or /etc/httpd/conf.modules.d/.
    • Root directory used to store web applications is /var/www, document root is /var/www/html/.
    • Log files are placed under /var/www/httpd/.
  • On Debian/Ubuntu: Apache config files are placed under /etc/apache2.

    • Main config file is /etc/apache2/apache2.conf.
    • Module config files are placed under /etc/apache2/conf.d/ (old releases) or /etc/apache2/conf-available/.
    • Root directory used to store web applications is /usr/share/apache2, document root is /var/www/ (old releases) or /var/www/html/.
    • Log files are placed under /var/log/apache2/.
  • On FreeBSD: Apache config files are placed under /usr/local/etc/apache2.

    • Main config file is /usr/local/etc/apache2/httpd.conf.
    • Module config files are placed under /usr/local/etc/apache2/Includes/.
    • Root directory used to store web applications is /usr/local/www/, document root is /usr/local/www/apacheXX/data/.
    • Log files are placed under /var/log/, main log files are /var/log/httpd-access.log and /var/log/httpd-error.log.
  • On OpenBSD: Apache (the one shipped in OpenBSD base system) config files are placed under /var/www/conf.

    • Main config file is /var/www/conf/httpd.conf.
    • Module config files are placed under /var/www/conf/modules/.
    • Root directory used to store web applications is /var/www/, document root is /var/www/htdocs/.
    • Log files are placed under /var/www/logs/.

Cluebringer

Warning

Policyd/Cluebringer were removed since iRedMail-0.9.3.

Main config file:

  • RHEL/CentOS: /etc/policyd/cluebringer.conf, /etc/policyd/webui.conf (web admin panel).
  • Debian/Ubuntu: /etc/cluebringer/cluebringer.conf, /etc/cluebringer/cluebringer-webui.conf (web admin panel).
  • FreeBSD: /usr/local/etc/cluebringer.conf, /usr/local/etc/apache24/cluebringer.conf (web admin panel).
  • OpenBSD: Not applicable, cluebringer is not available on OpenBSD.
Httpd Log File

Init script:

  • RHEL/CentOS: /etc/init.d/cbpolicyd
  • Debian/Ubuntu: /etc/init.d/postfix-cluebringer
  • FreeBSD: /usr/local/etc/rc.d/policyd2
  • OpenBSD: N/A. we don't have Cluebringer installed on OpenBSD.

All documents are available in GitHub repository, and published under Creative Commons license. You can download the latest version for offline reading. If you found something wrong, please do contact us to fix it.

Error Log

Related ModulesRelated Directives

The server error log, whose name and location is set by the ErrorLog directive, is the most important log file. This is the place where Apache httpd will send diagnostic information and record any errors that it encounters in processing requests. It is the first place to look when a problem occurs with starting the server or with the operation of the server, since it will often contain details of what went wrong and how to fix it.

The error log is usually written to a file (typically error_log on Unix systems and error.log on Windows and OS/2). On Unix systems it is also possible to have the server send errors to syslog or pipe them to a program.

The format of the error log is relatively free-form and descriptive. But there is certain information that is contained in most error log entries. For example, here is a typical message.

[Wed Oct 11 14:32:52 2000] [error] [client 127.0.0.1] client denied by server configuration: /export/home/live/ap/htdocs/test

The first item in the log entry is the date and time of the message. The second item lists the severity of the error being reported. The LogLevel directive is used to control the types of errors that are sent to the error log by restricting the severity level. The third item gives the IP address of the client that generated the error. Beyond that is the message itself, which in this case indicates that the server has been configured to deny the client access. The server reports the file-system path (as opposed to the web path) of the requested document.

A very wide variety of different messages can appear in the error log. Most look similar to the example above. The error log will also contain debugging output from CGI scripts. Any information written to stderr by a CGI script will be copied directly to the error log.

It is not possible to customize the error log by adding or removing information. However, error log entries dealing with particular requests have corresponding entries in the access log. For example, the above example entry corresponds to an access log entry with status code 403. Since it is possible to customize the access log, you can obtain more information about error conditions using that log file.

Discover Sky Go. Switching devices made easy. Watch on compatible tablets, mobiles & laptops and switch between them easily. Take Sky Go with you. Watch when you're out and about via 3G, 4G or Wi-Fi. Live and on demand TV. Stream unmissable shows instantly, live and on demand. Includes Catch Up TV. Watch the TV you love anywhere, at no extra cost. And with Sky Mobile, you can watch Sky TV on the go without using your data. Sky Go is included at no extra cost to your Sky TV subscription. Install now for iOS. Can i get sky go without having sky. Go to sky.com/skygo, click to sign up and follow the instructions on screen. You can also download the free app through iTunes or Google Play Catch up wherever you are.

During testing, it is often useful to continuously monitor the error log for any problems. On Unix systems, you can accomplish this using: