Skip to main content

Where are failed logs stored for invalid API token connection attempts?



  • cPanelThomas
    There's a few other logs you can see API login failures in, which one you read really depends on what format you think is easier to work with/gives you the data you want. Access Log: Located at /usr/local/cpanel/logs/access_log. In the case of local API usage, the log line would look something like - root [08/12/2023:00:04:07 -0000] "GET /json-api/version HTTP/1.1" 403 0 "-" "-" "a" "-" 2087
    Login Log: Located at /usr/local/cpanel/logs/login_log. Entries look something like: [2023-04-10 05:01:21 +0000] info [whostmgrd] - root "POST /json-api/version HTTP/1.1" FAILED LOGIN whostmgrd: login attempt to WHM with bad accesshash or API token
    These examples were taken from a testing host I have had up, so it had plenty of good examples for me to choose from. Based on your requirements, I'd suspect you want to check the login_log. Hope this helps!
  • spaceman
    Thanks! That helped.

Please sign in to leave a comment.