Skip to main content

Where are failed logs stored for invalid API token connection attempts?

spaceman
Hi All, I'm experimenting with a cURL API token connection attempt from my local Windows PC to one of our WHM servers. I can see successful connections being logged here, no problem. /usr/local/cpanel/logs/api_tokens_log But when I deliberately make an invalid attempt (e.g. I change the API token to an invalid one), this does NOT get logged to the api_tokens_log. Which suggests either: 1. We need to enable some sort of extended/enhanced logging for api_tokens_log to also show failed connection attempts, or 2. I'm looking in the wrong log file. Either way, what I really hope to achieve is logging that gives clarity to the REASON why the connection attempt is unsuccessful. This is to help us debug some remote software that used to successfully connect to one of our WHM servers, but stopped for reasons unknown. Thx!

Comments

2 comments

Date Votes
  • cPanelThomas
    There's a few other logs you can see API login failures in, which one you read really depends on what format you think is easier to work with/gives you the data you want. Access Log: Located at /usr/local/cpanel/logs/access_log. In the case of local API usage, the log line would look something like 127.0.0.1 - root [08/12/2023:00:04:07 -0000] "GET /json-api/version HTTP/1.1" 403 0 "-" "-" "a" "-" 2087
    Login Log: Located at /usr/local/cpanel/logs/login_log. Entries look something like: [2023-04-10 05:01:21 +0000] info [whostmgrd] 10.2.65.46 - root "POST /json-api/version HTTP/1.1" FAILED LOGIN whostmgrd: login attempt to WHM with bad accesshash or API token
    These examples were taken from a testing host I have had up, so it had plenty of good examples for me to choose from. Based on your requirements, I'd suspect you want to check the login_log. Hope this helps!
    0
  • spaceman
    Thanks! That helped.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post