Log webdisk usage
Is there a good way of seeing how much the webdisk features is being used on a server?
For instance a log of who logged (IP-address and cPanel username) in and when would be a good way to see if anybody is actually using the feature.
I see there is a log file called cpdavd_session_log but it for instance doesn't log the username. Is there a better way of seeing webdisk usage?
-
Hello, The cpdavd_session_log file is currently the only log you can use to review cpdavd sessions. I encourage you to open a feature request if you'd like to see expanded logging for cpdavd: Submit A Feature Request Thank you. 0 -
Is it really possible that cPanel still does not log any WebDisk usage or I am missing something? File cpdavd_session_log does not actually log anything useful. It does not even show login success or failure, username, etc. In addition to those basic login logs, we would also need to have info about file transfers, but we currently do not even have the most basic information about WebDisk access...? This is so basic, that such service should not even be in production use without that, and unfortunatelly it looks like it is for few years now. 0 -
@dexus - the main cPanel access log at /usr/local/cpanel/logs/access_log will show basic login details to the cpdavd system. There currently isn't a log that tracks file transfers or other activity, and after searching just now I didn't find a feature request open for this. If you want to see additional data logged it would be best to put in a new feature request as our development team does manually review every one that gets submitted. 0 -
I have just tested WebDisk login again, and there is nothing logged in /usr/local/cpanel/logs/access_log 0 -
@dexus - while checking this, I also noticed the versions of Mac OS were out-of-date in the cPanel >> Webdisk >> Configure Client access area, so I opened case CPANEL-35237 with our development team to get that updated. I did check the data on case CPANEL-5610 that is referenced in the original feature request thread here: Thanks for bringing this up! 0 -
Thank you. That is good news. I hope it will be fixed fast. I have only noticed that you have stated wrong log file. As I can see in that feature implementation, it looks like it should go to login_log which actually does make more sense... login_log file since 2015 till today, and I can also inform you that we do not have a single SUCCESS log line from 2015 till today, so it looks like this "completed" feature request actually never got to production... :) root@XXXXXX [~]# zcat /usr/local/cpanel/logs/archive/login_log-11-2019.gz | head -n1 XXXXXXXXX - root [01/01/2015:22:43:27 -0000] "POST /login/?login_only=1 HTTP/1.1" DEFERRED LOGIN whostmgrd: brute force attempt (user root) has locked out IP XXXXXXXXX root@XXXXXX [~]# zgrep SUCC /usr/local/cpanel/logs/archive/login_log-11-2019.gz | wc -l 0 root@XXXXXX [~]# grep SUCC /usr/local/cpanel/logs/login_log | wc -l 00 -
I'll definitely update that case with those details :D 0
Please sign in to leave a comment.
Comments
7 comments