cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b5130e37a3fd2a5e1652dbbb7cb110f0d0d381b7
Linux-Server-Management-Too…/modules/security/web-traffic-monitor.sh
T
cschantz d651a8b94f CRITICAL FIX: Update InterWorx log file name from access_log to transfer.log 
VALIDATION RESULTS from real InterWorx server revealed:
InterWorx uses 'transfer.log' NOT 'access_log' for access logs!

VERIFIED FINDINGS:
• Log location: /home/USER/var/DOMAIN/logs/ ✓ CORRECT
• Access log name: transfer.log (NOT access_log) ✓ FIXED
• Error log name: error.log ✓ CORRECT
• Logs are symlinks to dated files (transfer-2025-11-20.log)
• Older logs automatically zipped

UPDATED MODULES (9 files):
1. modules/security/tail-apache-access.sh
2. modules/security/web-traffic-monitor.sh
3. modules/security/bot-analyzer.sh (3 locations)
4. modules/security/malware-scanner.sh
5. modules/security/live-attack-monitor.sh
6. modules/website/website-error-analyzer.sh (3 locations)
7. modules/website/500-error-tracker.sh

UPDATED DOCUMENTATION:
• REFDB_FORMAT.txt - Added VERIFIED comment
• .sysref - Updated PATH|interworx|access_log

ALL REFERENCES CHANGED:
• find /home/*/var/*/logs -name "access_log" → "transfer.log"
• /home/USER/var/DOMAIN/logs/access_log → transfer.log

This was discovered by running validate-interworx.sh on real server:
  Server: interworx-3rdshift.raptorburn.com
  InterWorx Version: 6.14.5
  Test Date: 2025-11-20

All modules now use correct log file names for InterWorx!
2025-11-20 15:50:45 -05:00

55 lines
2.1 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
source "$SCRIPT_DIR/lib/common-functions.sh"
source "$SCRIPT_DIR/lib/system-detect.sh"
print_banner "Web Traffic Monitor - Multi-Panel Support"
echo ""
echo "Monitoring Apache access logs in real-time..."
echo "Control Panel: ${SYS_CONTROL_PANEL}"
echo "Press Ctrl+C to exit"
echo ""
# Multi-panel log discovery
log_files=""
if [ "$SYS_CONTROL_PANEL" = "interworx" ]; then
# InterWorx: Monitor recent access logs (uses 'transfer.log', limit for performance)
log_files=$(find /home/*/var/*/logs -type f -name "transfer.log" -mmin -60 2>/dev/null | head -10)
elif [ "$SYS_CONTROL_PANEL" = "plesk" ]; then
# Plesk: System logs
log_files=$(find /var/www/vhosts/system/*/logs -type f -name "access_log" -o -name "access_ssl_log" 2>/dev/null | head -10)
elif [ -n "$SYS_LOG_DIR" ] && [ -d "$SYS_LOG_DIR" ]; then
# cPanel: Use detected log directory
log_files=$(find "$SYS_LOG_DIR" -type f ! -name "*-bytes_log" ! -name "*error_log" 2>/dev/null)
else
# Standalone: Try common locations
[ -f "/var/log/httpd/access_log" ] && log_files="/var/log/httpd/access_log"
[ -f "/var/log/apache2/access.log" ] && log_files="$log_files /var/log/apache2/access.log"
fi
if [ -n "$log_files" ]; then
tail -f $log_files 2>/dev/null | while read line; do
ip=$(echo "$line" | awk '{print $1}')
request=$(echo "$line" | awk '{print $6, $7}' | tr -d '"')
status=$(echo "$line" | awk '{print $9}')
# Color code by status
if [[ "$status" =~ ^5 ]]; then
color="\033[1;31m" # Red for 5xx
elif [[ "$status" =~ ^4 ]]; then
color="\033[1;33m" # Yellow for 4xx
elif [[ "$status" =~ ^2 ]]; then
color="\033[0;32m" # Green for 2xx
else
color="\033[0;37m" # White for others
fi
printf "${color}%-15s %s %s\033[0m\n" "$ip" "$status" "$request"
done
else
print_error "No Apache access logs found"
echo "Control panel: $SYS_CONTROL_PANEL"
echo "Log directory: $SYS_LOG_DIR"
exit 1
fi
Reference in New Issue View Git Blame Copy Permalink