cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0fdb0435a5f22976ebd5390dd25bb3166f426845
Linux-Server-Management-Too…/lib/log-paths.sh
T
Developer 64793cb7b8 feat: Add comprehensive log path mapping for all platforms 
NEW FILES:
- lib/log-paths.sh: Derives all log file paths based on detected system

ENHANCEMENTS:
- Added detect_mail_system() to lib/system-detect.sh
  - Detects: Exim (cPanel), Postfix (Plesk), Sendmail
- Updated initialize_system_detection() to call derive_all_log_paths()
- Updated launcher.sh to source log-paths.sh

LOG PATH CATEGORIES NOW DERIVED:
1. Web Server Logs (domain + main access/error)
2. Authentication Logs (SSH, sudo, logins)
3. Mail System Logs (Exim, Postfix, Sendmail)
4. Firewall Logs (CSF, firewalld, iptables)
5. Control Panel Logs (cPanel, Plesk, InterWorx)
6. Database Logs (MySQL, MariaDB, PostgreSQL)
7. Security Scanner Logs (ClamAV, Maldet, Rkhunter, Imunify)
8. System Logs (messages/syslog, kernel, auth)
9. PHP Logs (FPM, error logs)
10. Service Logs (FTP, DNS, SSH)

All paths now account for:
- Control panel differences (cPanel vs Plesk vs InterWorx vs Standalone)
- OS differences (RHEL/CentOS/AlmaLinux vs Ubuntu/Debian)
- Mail system differences (Exim vs Postfix vs Sendmail)
- Database differences (MySQL vs MariaDB vs PostgreSQL)
2026-03-20 02:42:29 -04:00

368 lines
12 KiB
Bash
Raw Blame History

#!/bin/bash
#############################################################################
# System Log Paths Mapping
# Derives platform-specific log file locations based on detected system info
# Must be sourced AFTER lib/system-detect.sh has set SYS_* variables
#############################################################################
# Source guard
if [ -n "${_LOG_PATHS_LOADED:-}" ]; then
return 0
fi
readonly _LOG_PATHS_LOADED=1
#############################################################################
# WEB SERVER LOGS
#############################################################################
derive_web_server_logs() {
# Domain/vhost access logs
case "$SYS_CONTROL_PANEL" in
cpanel)
# cPanel uses centralized domlogs directory
export SYS_LOG_WEB_DOMAIN_ACCESS="/var/log/apache2/domlogs"
export SYS_LOG_WEB_DOMAIN_ERROR="/var/log/apache2/domlogs"
;;
plesk)
# Plesk version 18.0.50+ has different structure
if [ -d "/var/www/vhosts/system" ]; then
export SYS_LOG_WEB_DOMAIN_ACCESS="/var/www/vhosts/system"
export SYS_LOG_WEB_DOMAIN_ERROR="/var/www/vhosts/system"
else
export SYS_LOG_WEB_DOMAIN_ACCESS="/var/www/vhosts"
export SYS_LOG_WEB_DOMAIN_ERROR="/var/www/vhosts"
fi
;;
interworx)
# InterWorx stores logs per user/domain
export SYS_LOG_WEB_DOMAIN_ACCESS="/home"
export SYS_LOG_WEB_DOMAIN_ERROR="/home"
;;
*)
# Standalone - no per-domain logs
export SYS_LOG_WEB_DOMAIN_ACCESS=""
export SYS_LOG_WEB_DOMAIN_ERROR=""
;;
esac
# Main web server logs (varies by web server and OS)
case "$SYS_WEB_SERVER" in
apache|httpd)
if [ "$SYS_OS_TYPE" = "ubuntu" ] || [ "$SYS_OS_TYPE" = "debian" ]; then
export SYS_LOG_WEB_ACCESS="/var/log/apache2/access.log"
export SYS_LOG_WEB_ERROR="/var/log/apache2/error.log"
else
# RHEL, CentOS, AlmaLinux, CloudLinux
export SYS_LOG_WEB_ACCESS="/var/log/httpd/access_log"
export SYS_LOG_WEB_ERROR="/var/log/httpd/error_log"
fi
;;
nginx)
if [ "$SYS_OS_TYPE" = "ubuntu" ] || [ "$SYS_OS_TYPE" = "debian" ]; then
export SYS_LOG_WEB_ACCESS="/var/log/nginx/access.log"
export SYS_LOG_WEB_ERROR="/var/log/nginx/error.log"
else
export SYS_LOG_WEB_ACCESS="/var/log/nginx/access.log"
export SYS_LOG_WEB_ERROR="/var/log/nginx/error.log"
fi
;;
litespeed|openlitespeed)
export SYS_LOG_WEB_ACCESS="/usr/local/lsws/logs/access.log"
export SYS_LOG_WEB_ERROR="/usr/local/lsws/logs/error.log"
;;
*)
export SYS_LOG_WEB_ACCESS=""
export SYS_LOG_WEB_ERROR=""
;;
esac
}
#############################################################################
# AUTHENTICATION LOGS
#############################################################################
derive_auth_logs() {
case "$SYS_OS_TYPE" in
ubuntu|debian)
export SYS_LOG_AUTH="/var/log/auth.log"
export SYS_LOG_WTMP="/var/log/wtmp"
export SYS_LOG_BTMP="/var/log/btmp"
;;
*)
# RHEL, CentOS, AlmaLinux, CloudLinux, Rocky Linux
export SYS_LOG_AUTH="/var/log/secure"
export SYS_LOG_WTMP="/var/log/wtmp"
export SYS_LOG_BTMP="/var/log/btmp"
;;
esac
}
#############################################################################
# MAIL SYSTEM LOGS
#############################################################################
derive_mail_logs() {
case "$SYS_MAIL_SYSTEM" in
exim)
# cPanel, InterWorx typically use Exim
export SYS_LOG_MAIL_MAIN="/var/log/exim_mainlog"
export SYS_LOG_MAIL_REJECT="/var/log/exim_rejectlog"
export SYS_LOG_MAIL_PANIC="/var/log/exim_paniclog"
;;
postfix)
# Plesk default, or standalone Postfix
if [ "$SYS_OS_TYPE" = "ubuntu" ] || [ "$SYS_OS_TYPE" = "debian" ]; then
export SYS_LOG_MAIL_MAIN="/var/log/mail.log"
else
# RHEL-based
export SYS_LOG_MAIL_MAIN="/var/log/maillog"
fi
export SYS_LOG_MAIL_REJECT=""
;;
sendmail)
if [ "$SYS_OS_TYPE" = "ubuntu" ] || [ "$SYS_OS_TYPE" = "debian" ]; then
export SYS_LOG_MAIL_MAIN="/var/log/mail.log"
else
export SYS_LOG_MAIL_MAIN="/var/log/maillog"
fi
;;
*)
export SYS_LOG_MAIL_MAIN=""
export SYS_LOG_MAIL_REJECT=""
;;
esac
# Mail queue directory (for queue checks)
case "$SYS_MAIL_SYSTEM" in
exim)
export SYS_MAIL_QUEUE_DIR="/var/spool/exim"
;;
postfix)
export SYS_MAIL_QUEUE_DIR="/var/spool/postfix"
;;
sendmail)
export SYS_MAIL_QUEUE_DIR="/var/spool/mqueue"
;;
*)
export SYS_MAIL_QUEUE_DIR=""
;;
esac
}
#############################################################################
# FIREWALL LOGS
#############################################################################
derive_firewall_logs() {
case "$SYS_FIREWALL" in
csf)
export SYS_LOG_FIREWALL="/var/log/lfd.log"
export SYS_LOG_FIREWALL_BLOCK="/var/log/lfd.log"
;;
firewalld)
# firewalld logs to journal, but may have a log file
if [ -f "/var/log/firewalld" ]; then
export SYS_LOG_FIREWALL="/var/log/firewalld"
else
export SYS_LOG_FIREWALL="/var/log/messages" # Falls back to syslog
fi
;;
iptables)
# iptables logs to syslog/messages
if [ "$SYS_OS_TYPE" = "ubuntu" ] || [ "$SYS_OS_TYPE" = "debian" ]; then
export SYS_LOG_FIREWALL="/var/log/syslog"
else
export SYS_LOG_FIREWALL="/var/log/messages"
fi
;;
plesk)
export SYS_LOG_FIREWALL="/var/log/swsoft/swsoft.log"
;;
*)
export SYS_LOG_FIREWALL=""
;;
esac
}
#############################################################################
# CONTROL PANEL LOGS
#############################################################################
derive_control_panel_logs() {
case "$SYS_CONTROL_PANEL" in
cpanel)
export SYS_LOG_PANEL="/usr/local/cpanel/logs"
export SYS_LOG_PANEL_ERROR="/usr/local/cpanel/logs/error_log"
export SYS_LOG_PANEL_ACCESS="/usr/local/cpanel/logs/access_log"
;;
plesk)
export SYS_LOG_PANEL="/var/log/plesk"
export SYS_LOG_PANEL_ERROR="/var/log/plesk/panel.log"
export SYS_LOG_PANEL_ACCESS="/var/log/plesk/panel.log"
;;
interworx)
export SYS_LOG_PANEL="/home/interworx/var/log"
export SYS_LOG_PANEL_ERROR="/home/interworx/var/log/iworx.log"
export SYS_LOG_PANEL_ACCESS="/home/interworx/var/log/siteworx.log"
;;
*)
export SYS_LOG_PANEL=""
export SYS_LOG_PANEL_ERROR=""
export SYS_LOG_PANEL_ACCESS=""
;;
esac
}
#############################################################################
# DATABASE LOGS
#############################################################################
derive_database_logs() {
case "$SYS_DB_TYPE" in
mysql|mariadb)
if [ "$SYS_OS_TYPE" = "ubuntu" ] || [ "$SYS_OS_TYPE" = "debian" ]; then
export SYS_LOG_DB_ERROR="/var/log/mysql/error.log"
export SYS_LOG_DB_SLOW="/var/log/mysql/slow.log"
else
# RHEL-based
if [ "$SYS_DB_TYPE" = "mariadb" ]; then
export SYS_LOG_DB_ERROR="/var/log/mariadb/mariadb.log"
else
export SYS_LOG_DB_ERROR="/var/log/mysqld.log"
fi
export SYS_LOG_DB_SLOW="/var/log/mysql/slow.log"
fi
;;
postgresql)
if [ "$SYS_OS_TYPE" = "ubuntu" ] || [ "$SYS_OS_TYPE" = "debian" ]; then
export SYS_LOG_DB_ERROR="/var/log/postgresql/postgresql.log"
else
export SYS_LOG_DB_ERROR="/var/log/pgsql/postgresql.log"
fi
export SYS_LOG_DB_SLOW=""
;;
*)
export SYS_LOG_DB_ERROR=""
export SYS_LOG_DB_SLOW=""
;;
esac
}
#############################################################################
# SECURITY SCANNER LOGS
#############################################################################
derive_security_logs() {
# ClamAV
if [ -f "/var/log/clamav/clamscan.log" ]; then
export SYS_LOG_CLAMAV="/var/log/clamav/clamscan.log"
else
export SYS_LOG_CLAMAV="/var/log/clamav.log"
fi
# Maldet
export SYS_LOG_MALDET="/var/log/maldet.log"
# Rkhunter
export SYS_LOG_RKHUNTER="/var/log/rkhunter.log"
# Imunify
if [ -d "/var/log/imunify360" ]; then
export SYS_LOG_IMUNIFY="/var/log/imunify360"
elif [ -d "/var/log/imunifyav" ]; then
export SYS_LOG_IMUNIFY="/var/log/imunifyav"
else
export SYS_LOG_IMUNIFY="/var/log/imunify.log"
fi
}
#############################################################################
# SYSTEM LOGS
#############################################################################
derive_system_logs() {
case "$SYS_OS_TYPE" in
ubuntu|debian)
export SYS_LOG_SYSTEM="/var/log/syslog"
export SYS_LOG_MESSAGES="/var/log/syslog"
export SYS_LOG_KERN="/var/log/kern.log"
export SYS_LOG_PKG_MGR="/var/log/apt/history.log"
;;
*)
# RHEL-based
export SYS_LOG_SYSTEM="/var/log/messages"
export SYS_LOG_MESSAGES="/var/log/messages"
export SYS_LOG_KERN="/var/log/kern.log"
export SYS_LOG_PKG_MGR="/var/log/yum.log"
;;
esac
# Audit log (standard across all)
export SYS_LOG_AUDIT="/var/log/audit/audit.log"
}
#############################################################################
# PHP LOGS
#############################################################################
derive_php_logs() {
# PHP-FPM error log
if [ -d "/var/log/php-fpm" ]; then
export SYS_LOG_PHP_FPM="/var/log/php-fpm"
else
export SYS_LOG_PHP_FPM="/var/log/php-fpm.log"
fi
# PHP error log (from ini, but common defaults)
if [ "$SYS_CONTROL_PANEL" = "cpanel" ]; then
export SYS_LOG_PHP_ERROR="/usr/local/php/lib/php.log"
else
export SYS_LOG_PHP_ERROR="/var/log/php-errors.log"
fi
}
#############################################################################
# SERVICE-SPECIFIC LOGS
#############################################################################
derive_service_logs() {
# FTP
export SYS_LOG_FTP="/var/log/vsftpd.log"
# DNS
export SYS_LOG_DNS="/var/log/named.log"
# SSH (same as auth)
case "$SYS_OS_TYPE" in
ubuntu|debian)
export SYS_LOG_SSH="/var/log/auth.log"
;;
*)
export SYS_LOG_SSH="/var/log/secure"
;;
esac
}
#############################################################################
# MAIN DERIVATION FUNCTION
#############################################################################
derive_all_log_paths() {
derive_web_server_logs
derive_auth_logs
derive_mail_logs
derive_firewall_logs
derive_control_panel_logs
derive_database_logs
derive_security_logs
derive_system_logs
derive_php_logs
derive_service_logs
}
# Auto-run if sourced with detection complete
if [ -n "${SYS_DETECTION_COMPLETE:-}" ]; then
derive_all_log_paths
fi
Reference in New Issue View Git Blame Copy Permalink