/var/log/yum.log
Logs to see if the email is created/deleted in cpanel server
root@server [/usr/local/cpanel/logs]# grep mytest ./access_log | grep addpop
208.46.180.9 – arunp [05/17/2012:04:57:57 -0000] “GET /cpsess4756242303/json-api/cpanel?cpanel_jsonapi_version=2&cpanel_jsonapi_module=Email&cpanel_jsonapi_func=addpop&email=mytest&password=__HIDDEN__"a=250&domain=arunp.in&cache_fix=1337230678750 HTTP/1.1″ 200 0 “http://72.44.91.97:2082/cpsess4756242303/frontend/x3/mail/pops.html” “Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.168 Safari/535.19″
root@server [/usr/local/cpanel/logs]#
root@server [/usr/local/cpanel/logs]# grep mytest ./access_log | grep delpop
208.46.180.9 - arunp [05/17/2012:05:01:00 -0000] “GET /cpsess4756242303/json-api/cpanel?cpanel_jsonapi_version=2&cpanel_jsonapi_module=Email&cpanel_jsonapi_func=delpop&email=mytest&domain=arunp.in&cache_fix=1337230862987 HTTP/1.1″ 200 0 “http://72.44.91.97:2082/cpsess4756242303/frontend/x3/mail/pops.html” “Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.168 Safari/535.19″
root@server [/usr/local/cpanel/logs]#
Plesk log files
HTTPD LOGS
/etc/httpd/logs/error_log
EMAIL LOG
/usr/local/psa/var/log/maillog
PLESK ERROR LOG
/var/log/sw-cp-server/error_log
Path of toplog
/var/log/dcpumon/toplog…..
Cpanel log files
=================================
APACHE ERROR LOG
/usr/local/apache/logs/error_log
=================================
DOMAIN ACCESS LOGS
/usr/local/apache/domlogs/username/
=======================================================
DOMAIN FTP LOGS
/usr/local/apache/domlogs/USERNAME/
================================================
APACHE ACCESS LOG
/usr/local/apache/logs/access_log
==================================
EASY APACHE LOGS
/usr/local/cpanel/logs/easy/apache/build.1
=================================
UPCP LOG
/var/cpanel/updatelogs
=================================
TAILWATCHD log
/usr/local/cpanel/logs/tailwatchd_log
==================================
BACKUP LOG
/usr/local/cpanel/logs/cpbackup/
==============================================
Feb 24 00:02:18 server su: pam_unix(su-l:session): session opened for user root by (uid=0)
cat /var/log/secure
============
Feb 14 00:12:18 server su: pam_unix(su-l:session): session opened for user root by (uid=0)
============
Normally this happens when a VPS is accessed from a node.
cpbackup log file path
WHM backup log path
/usr/local/cpanel/logs/cpbackup/
Apache restart log
grep “Doing graceful restart” /usr/local/apache/logs/error_log | wc -l