cPanel & WHM Version 98 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!

Log when an account is accessed with a root/reseller password

Feature Importer shared this idea 9 years ago
Completed

As a Server Administrator, I want cPanel & WHM to log when an account is accessed with a root/reseller password, so that I can track account access fo


Hello David Placing it in another file would work fine and may be a better option for the reasons you indicated. As long as the information is available it would meet my needs. I believe this information is very valuable while performing ...


This is a feature that has been migrated over from the cPanel Forums. All previous comments and discussions concerning this feature can be located at:

http://forums.cpanel.net/f145/logging-use-root-reseller-password-access-user-account-262531.html#post1095891

Best Answer
photo

cPanel & WHM version 58 went to CURRENT yesterday, and contains this feature. You'll see the login_log looks a bit like this:


  1. [~] # tail -f /usr/local/cpanel/logs/login_log
  2. [2016-04-18 13:07:02 -0400] info [cpsrvd] 10.1.5.19 - root - SUCCESS LOGIN whostmgrd
  3. [2016-04-18 13:07:13 -0400] info [cpsrvd] 10.1.5.19 - root - SUCCESS LOGIN cpaneld
  4. [2016-04-18 13:07:15 -0400] info [cpsrvd] 10.1.5.19 - reseller (possessor: root) - SUCCESS LOGIN cpaneld
  5. [2016-04-18 13:08:24 -0400] info [cpsrvd] 10.1.5.19 - reseller - SUCCESS LOGIN webmaild
  6. [2016-04-18 13:08:27 -0400] info [cpsrvd] 10.1.5.19 - emailaccount@reseller.com (possessor: reseller) - SUCCESS LOGIN webmaild10.1.5.19 - salinas
  7. [04/18/2016:17:09:10 -0000] "GET" SUCCEEDED LOGIN cpdavd: WebDAV10.1.5.19 - salinas [04/18/2016:17:09:10 -0000] "GET" SUCCEEDED LOGIN cpdavd: WebDAV

Let me know if you have any questions or concerns!

Replies (4)

photo
1

Yes this would be great.

photo
1

Would be great if cpanel has a feature such as this. Logging successful login just like the failed login. Would prefer if all three cpanel user logins are logged as it would help with security audits.

A simple table with SNo, Username, ServerDate, ServerTime, IPv4, Service with the option to mail a daily/ weekly/monthly digest would be fine. Right now, LFD (CSF/LFD Suite) does send email to root.

photo
1

We should see this added in version 58, which is set to be released in around 12-14 weeks.

photo
1

cPanel & WHM version 58 went to CURRENT yesterday, and contains this feature. You'll see the login_log looks a bit like this:


  1. [~] # tail -f /usr/local/cpanel/logs/login_log
  2. [2016-04-18 13:07:02 -0400] info [cpsrvd] 10.1.5.19 - root - SUCCESS LOGIN whostmgrd
  3. [2016-04-18 13:07:13 -0400] info [cpsrvd] 10.1.5.19 - root - SUCCESS LOGIN cpaneld
  4. [2016-04-18 13:07:15 -0400] info [cpsrvd] 10.1.5.19 - reseller (possessor: root) - SUCCESS LOGIN cpaneld
  5. [2016-04-18 13:08:24 -0400] info [cpsrvd] 10.1.5.19 - reseller - SUCCESS LOGIN webmaild
  6. [2016-04-18 13:08:27 -0400] info [cpsrvd] 10.1.5.19 - emailaccount@reseller.com (possessor: reseller) - SUCCESS LOGIN webmaild10.1.5.19 - salinas
  7. [04/18/2016:17:09:10 -0000] "GET" SUCCEEDED LOGIN cpdavd: WebDAV10.1.5.19 - salinas [04/18/2016:17:09:10 -0000] "GET" SUCCEEDED LOGIN cpdavd: WebDAV

Let me know if you have any questions or concerns!

Replies have been locked on this page!