cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add comprehensive log path mapping for all platforms

Browse Source 
NEW FILES:
- lib/log-paths.sh: Derives all log file paths based on detected system

ENHANCEMENTS:
- Added detect_mail_system() to lib/system-detect.sh
  - Detects: Exim (cPanel), Postfix (Plesk), Sendmail
- Updated initialize_system_detection() to call derive_all_log_paths()
- Updated launcher.sh to source log-paths.sh

LOG PATH CATEGORIES NOW DERIVED:
1. Web Server Logs (domain + main access/error)
2. Authentication Logs (SSH, sudo, logins)
3. Mail System Logs (Exim, Postfix, Sendmail)
4. Firewall Logs (CSF, firewalld, iptables)
5. Control Panel Logs (cPanel, Plesk, InterWorx)
6. Database Logs (MySQL, MariaDB, PostgreSQL)
7. Security Scanner Logs (ClamAV, Maldet, Rkhunter, Imunify)
8. System Logs (messages/syslog, kernel, auth)
9. PHP Logs (FPM, error logs)
10. Service Logs (FTP, DNS, SSH)

All paths now account for:
- Control panel differences (cPanel vs Plesk vs InterWorx vs Standalone)
- OS differences (RHEL/CentOS/AlmaLinux vs Ubuntu/Debian)
- Mail system differences (Exim vs Postfix vs Sendmail)
- Database differences (MySQL vs MariaDB vs PostgreSQL)
This commit is contained in:
Developer
2026-03-20 02:42:29 -04:00
parent 7361b89f0e
commit 64793cb7b8
3 changed files with 412 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/log-paths.sh
+367
View File
@@ -0,0 +1,367 @@
#!/bin/bash
#############################################################################
# System Log Paths Mapping
# Derives platform-specific log file locations based on detected system info
# Must be sourced AFTER lib/system-detect.sh has set SYS_* variables
#############################################################################
# Source guard
if [ -n "${_LOG_PATHS_LOADED:-}" ]; then
return 0
fi
readonly _LOG_PATHS_LOADED=1
#############################################################################
# WEB SERVER LOGS
#############################################################################
derive_web_server_logs() {
# Domain/vhost access logs
case "$SYS_CONTROL_PANEL" in
cpanel)
# cPanel uses centralized domlogs directory
export SYS_LOG_WEB_DOMAIN_ACCESS="/var/log/apache2/domlogs"
export SYS_LOG_WEB_DOMAIN_ERROR="/var/log/apache2/domlogs"
;;
plesk)
# Plesk version 18.0.50+ has different structure
if [ -d "/var/www/vhosts/system" ]; then
export SYS_LOG_WEB_DOMAIN_ACCESS="/var/www/vhosts/system"
export SYS_LOG_WEB_DOMAIN_ERROR="/var/www/vhosts/system"
else
export SYS_LOG_WEB_DOMAIN_ACCESS="/var/www/vhosts"
export SYS_LOG_WEB_DOMAIN_ERROR="/var/www/vhosts"
fi
;;
interworx)
# InterWorx stores logs per user/domain
export SYS_LOG_WEB_DOMAIN_ACCESS="/home"
export SYS_LOG_WEB_DOMAIN_ERROR="/home"
;;
*)
# Standalone - no per-domain logs
export SYS_LOG_WEB_DOMAIN_ACCESS=""
export SYS_LOG_WEB_DOMAIN_ERROR=""
;;
esac
# Main web server logs (varies by web server and OS)
case "$SYS_WEB_SERVER" in
apache|httpd)
if [ "$SYS_OS_TYPE" = "ubuntu" ] || [ "$SYS_OS_TYPE" = "debian" ]; then
export SYS_LOG_WEB_ACCESS="/var/log/apache2/access.log"
export SYS_LOG_WEB_ERROR="/var/log/apache2/error.log"
else
# RHEL, CentOS, AlmaLinux, CloudLinux
export SYS_LOG_WEB_ACCESS="/var/log/httpd/access_log"
export SYS_LOG_WEB_ERROR="/var/log/httpd/error_log"
fi
;;
nginx)
if [ "$SYS_OS_TYPE" = "ubuntu" ] || [ "$SYS_OS_TYPE" = "debian" ]; then
export SYS_LOG_WEB_ACCESS="/var/log/nginx/access.log"
export SYS_LOG_WEB_ERROR="/var/log/nginx/error.log"
else
export SYS_LOG_WEB_ACCESS="/var/log/nginx/access.log"
export SYS_LOG_WEB_ERROR="/var/log/nginx/error.log"
fi
;;
litespeed|openlitespeed)
export SYS_LOG_WEB_ACCESS="/usr/local/lsws/logs/access.log"
export SYS_LOG_WEB_ERROR="/usr/local/lsws/logs/error.log"
;;
*)
export SYS_LOG_WEB_ACCESS=""
export SYS_LOG_WEB_ERROR=""
;;
esac
}
#############################################################################
# AUTHENTICATION LOGS
#############################################################################
derive_auth_logs() {
case "$SYS_OS_TYPE" in
ubuntu|debian)
export SYS_LOG_AUTH="/var/log/auth.log"
export SYS_LOG_WTMP="/var/log/wtmp"
export SYS_LOG_BTMP="/var/log/btmp"
;;
*)
# RHEL, CentOS, AlmaLinux, CloudLinux, Rocky Linux
export SYS_LOG_AUTH="/var/log/secure"
export SYS_LOG_WTMP="/var/log/wtmp"
export SYS_LOG_BTMP="/var/log/btmp"
;;
esac
}
#############################################################################
# MAIL SYSTEM LOGS
#############################################################################
derive_mail_logs() {
case "$SYS_MAIL_SYSTEM" in
exim)
# cPanel, InterWorx typically use Exim
export SYS_LOG_MAIL_MAIN="/var/log/exim_mainlog"
export SYS_LOG_MAIL_REJECT="/var/log/exim_rejectlog"
export SYS_LOG_MAIL_PANIC="/var/log/exim_paniclog"
;;
postfix)
# Plesk default, or standalone Postfix
if [ "$SYS_OS_TYPE" = "ubuntu" ] || [ "$SYS_OS_TYPE" = "debian" ]; then
export SYS_LOG_MAIL_MAIN="/var/log/mail.log"
else
# RHEL-based
export SYS_LOG_MAIL_MAIN="/var/log/maillog"
fi
export SYS_LOG_MAIL_REJECT=""
;;
sendmail)
if [ "$SYS_OS_TYPE" = "ubuntu" ] || [ "$SYS_OS_TYPE" = "debian" ]; then
export SYS_LOG_MAIL_MAIN="/var/log/mail.log"
else
export SYS_LOG_MAIL_MAIN="/var/log/maillog"
fi
;;
*)
export SYS_LOG_MAIL_MAIN=""
export SYS_LOG_MAIL_REJECT=""
;;
esac
# Mail queue directory (for queue checks)
case "$SYS_MAIL_SYSTEM" in
exim)
export SYS_MAIL_QUEUE_DIR="/var/spool/exim"
;;
postfix)
export SYS_MAIL_QUEUE_DIR="/var/spool/postfix"
;;
sendmail)
export SYS_MAIL_QUEUE_DIR="/var/spool/mqueue"
;;
*)
export SYS_MAIL_QUEUE_DIR=""
;;
esac
}
#############################################################################
# FIREWALL LOGS
#############################################################################
derive_firewall_logs() {
case "$SYS_FIREWALL" in
csf)
export SYS_LOG_FIREWALL="/var/log/lfd.log"
export SYS_LOG_FIREWALL_BLOCK="/var/log/lfd.log"
;;
firewalld)
# firewalld logs to journal, but may have a log file
if [ -f "/var/log/firewalld" ]; then
export SYS_LOG_FIREWALL="/var/log/firewalld"
else
export SYS_LOG_FIREWALL="/var/log/messages" # Falls back to syslog
fi
;;
iptables)
# iptables logs to syslog/messages
if [ "$SYS_OS_TYPE" = "ubuntu" ] || [ "$SYS_OS_TYPE" = "debian" ]; then
export SYS_LOG_FIREWALL="/var/log/syslog"
else
export SYS_LOG_FIREWALL="/var/log/messages"
fi
;;
plesk)
export SYS_LOG_FIREWALL="/var/log/swsoft/swsoft.log"
;;
*)
export SYS_LOG_FIREWALL=""
;;
esac
}
#############################################################################
# CONTROL PANEL LOGS
#############################################################################
derive_control_panel_logs() {
case "$SYS_CONTROL_PANEL" in
cpanel)
export SYS_LOG_PANEL="/usr/local/cpanel/logs"
export SYS_LOG_PANEL_ERROR="/usr/local/cpanel/logs/error_log"
export SYS_LOG_PANEL_ACCESS="/usr/local/cpanel/logs/access_log"
;;
plesk)
export SYS_LOG_PANEL="/var/log/plesk"
export SYS_LOG_PANEL_ERROR="/var/log/plesk/panel.log"
export SYS_LOG_PANEL_ACCESS="/var/log/plesk/panel.log"
;;
interworx)
export SYS_LOG_PANEL="/home/interworx/var/log"
export SYS_LOG_PANEL_ERROR="/home/interworx/var/log/iworx.log"
export SYS_LOG_PANEL_ACCESS="/home/interworx/var/log/siteworx.log"
;;
*)
export SYS_LOG_PANEL=""
export SYS_LOG_PANEL_ERROR=""
export SYS_LOG_PANEL_ACCESS=""
;;
esac
}
#############################################################################
# DATABASE LOGS
#############################################################################
derive_database_logs() {
case "$SYS_DB_TYPE" in
mysql|mariadb)
if [ "$SYS_OS_TYPE" = "ubuntu" ] || [ "$SYS_OS_TYPE" = "debian" ]; then
export SYS_LOG_DB_ERROR="/var/log/mysql/error.log"
export SYS_LOG_DB_SLOW="/var/log/mysql/slow.log"
else
# RHEL-based
if [ "$SYS_DB_TYPE" = "mariadb" ]; then
export SYS_LOG_DB_ERROR="/var/log/mariadb/mariadb.log"
else
export SYS_LOG_DB_ERROR="/var/log/mysqld.log"
fi
export SYS_LOG_DB_SLOW="/var/log/mysql/slow.log"
fi
;;
postgresql)
if [ "$SYS_OS_TYPE" = "ubuntu" ] || [ "$SYS_OS_TYPE" = "debian" ]; then
export SYS_LOG_DB_ERROR="/var/log/postgresql/postgresql.log"
else
export SYS_LOG_DB_ERROR="/var/log/pgsql/postgresql.log"
fi
export SYS_LOG_DB_SLOW=""
;;
*)
export SYS_LOG_DB_ERROR=""
export SYS_LOG_DB_SLOW=""
;;
esac
}
#############################################################################
# SECURITY SCANNER LOGS
#############################################################################
derive_security_logs() {
# ClamAV
if [ -f "/var/log/clamav/clamscan.log" ]; then
export SYS_LOG_CLAMAV="/var/log/clamav/clamscan.log"
else
export SYS_LOG_CLAMAV="/var/log/clamav.log"
fi
# Maldet
export SYS_LOG_MALDET="/var/log/maldet.log"
# Rkhunter
export SYS_LOG_RKHUNTER="/var/log/rkhunter.log"
# Imunify
if [ -d "/var/log/imunify360" ]; then
export SYS_LOG_IMUNIFY="/var/log/imunify360"
elif [ -d "/var/log/imunifyav" ]; then
export SYS_LOG_IMUNIFY="/var/log/imunifyav"
else
export SYS_LOG_IMUNIFY="/var/log/imunify.log"
fi
}
#############################################################################
# SYSTEM LOGS
#############################################################################
derive_system_logs() {
case "$SYS_OS_TYPE" in
ubuntu|debian)
export SYS_LOG_SYSTEM="/var/log/syslog"
export SYS_LOG_MESSAGES="/var/log/syslog"
export SYS_LOG_KERN="/var/log/kern.log"
export SYS_LOG_PKG_MGR="/var/log/apt/history.log"
;;
*)
# RHEL-based
export SYS_LOG_SYSTEM="/var/log/messages"
export SYS_LOG_MESSAGES="/var/log/messages"
export SYS_LOG_KERN="/var/log/kern.log"
export SYS_LOG_PKG_MGR="/var/log/yum.log"
;;
esac
# Audit log (standard across all)
export SYS_LOG_AUDIT="/var/log/audit/audit.log"
}
#############################################################################
# PHP LOGS
#############################################################################
derive_php_logs() {
# PHP-FPM error log
if [ -d "/var/log/php-fpm" ]; then
export SYS_LOG_PHP_FPM="/var/log/php-fpm"
else
export SYS_LOG_PHP_FPM="/var/log/php-fpm.log"
fi
# PHP error log (from ini, but common defaults)
if [ "$SYS_CONTROL_PANEL" = "cpanel" ]; then
export SYS_LOG_PHP_ERROR="/usr/local/php/lib/php.log"
else
export SYS_LOG_PHP_ERROR="/var/log/php-errors.log"
fi
}
#############################################################################
# SERVICE-SPECIFIC LOGS
#############################################################################
derive_service_logs() {
# FTP
export SYS_LOG_FTP="/var/log/vsftpd.log"
# DNS
export SYS_LOG_DNS="/var/log/named.log"
# SSH (same as auth)
case "$SYS_OS_TYPE" in
ubuntu|debian)
export SYS_LOG_SSH="/var/log/auth.log"
;;
*)
export SYS_LOG_SSH="/var/log/secure"
;;
esac
}
#############################################################################
# MAIN DERIVATION FUNCTION
#############################################################################
derive_all_log_paths() {
derive_web_server_logs
derive_auth_logs
derive_mail_logs
derive_firewall_logs
derive_control_panel_logs
derive_database_logs
derive_security_logs
derive_system_logs
derive_php_logs
derive_service_logs
}
# Auto-run if sourced with detection complete
if [ -n "${SYS_DETECTION_COMPLETE:-}" ]; then
derive_all_log_paths
fi
lib/system-detect.sh
+44
View File
@@ -397,6 +397,43 @@ detect_firewall() {
return 1
}
#############################################################################
# MAIL SYSTEM DETECTION
#############################################################################
detect_mail_system() {
[ -n "$SYS_DETECTION_COMPLETE" ] || print_info "Detecting mail system..."
# Exim (cPanel default)
if command_exists exim; then
SYS_MAIL_SYSTEM="exim"
SYS_MAIL_SYSTEM_VERSION=$(exim -bV 2>/dev/null | head -1 | grep -oP 'Exim version \K[^ ]+' || echo "unknown")
print_success "Detected Exim ${SYS_MAIL_SYSTEM_VERSION}"
return 0
fi
# Postfix
if command_exists postqueue; then
SYS_MAIL_SYSTEM="postfix"
SYS_MAIL_SYSTEM_VERSION=$(postconf mail_version 2>/dev/null | grep -oP '\d+\.\d+\.\d+' | head -1 || echo "unknown")
print_success "Detected Postfix ${SYS_MAIL_SYSTEM_VERSION}"
return 0
fi
# Sendmail
if command_exists sendmail; then
SYS_MAIL_SYSTEM="sendmail"
SYS_MAIL_SYSTEM_VERSION=$(sendmail -d0.1 -O QueueDirectory=/tmp 2>&1 | head -1 | grep -oP '\d+\.\d+\.\d+' || echo "unknown")
print_success "Detected Sendmail ${SYS_MAIL_SYSTEM_VERSION}"
return 0
fi
SYS_MAIL_SYSTEM="none"
SYS_MAIL_SYSTEM_VERSION=""
print_warning "No mail system detected"
return 1
}
#############################################################################
# SYSTEM RESOURCES (Comprehensive - like user's example)
#############################################################################
@@ -564,10 +601,16 @@ initialize_system_detection() {
detect_php_versions
detect_cloudflare
detect_firewall
detect_mail_system
get_system_resources
# Mark as initialized
export SYS_DETECTION_COMPLETE="yes"
# Derive platform-specific log paths (requires detect_* functions to have run first)
if command -v derive_all_log_paths &>/dev/null; then
derive_all_log_paths
fi
}
# Export all functions for use in subshells and sourced scripts
@@ -578,6 +621,7 @@ export -f detect_database
export -f detect_php_versions
export -f detect_cloudflare
export -f detect_firewall
export -f detect_mail_system
export -f get_system_resources
export -f show_system_info
export -f initialize_system_detection