Logs on Webscale

Log files are plain text files with messages written to them by a server’s operating system and other installed software. These messages help explain the current state of the system and trace any changes made to the system. For instance, error logs contain any error messages the system has encountered, while access logs contain information about when specific files or programs were accessed.

The logs maintained by Webscale include:

• Audit logs
• Server access logs
• Webserver access and error logs
• Application logs (Magento, Wordpress, WooCommerce, etc)
• MySQL logs (if applicable)
• Event logs
• Content Security Policy logs
• Logs for all services that make up the operating system

In some Webscale environments, your application will send its logs to a dataserver. Once these logs are sent they are retained on that dataserver, and this is the central log server for your entire environment.

Webscale may also install the AWS CloudWatch agent. This agent sends important logs to AWS CloudWatch, a monitoring and log aggregation service provided by AWS. Not all logs are pushed to CloudWatch, but logs such as the webserver error/access logs, security event logs, and audit logs will be available through CloudWatch. If you are running Magento, Webscale can configure the Magento logs to also be sent to CloudWatch. If you are running a different application, you can work with Webscale to determine which logs must be kept for compliance purposes.

The logs available in the Traffic Viewer are web access logs. This captures all web requests sent by user browsers and devices to access the application, including different pages viewed in a session, add-to-cart and checkout operations. The traffic viewer enables visualization of access logs, and the ability to write search queries to analyze the data made available. Some event logs are also available in your Webscale Control Panel but for retention purposes, the logs accessible on the dataserver or pushed to CloudWatch are used.

Log Retention

Log retention can be configured by account admins for both online logs (seen Traffic Viewer) and archived logs. Account level settings control retention of account events, while log retention is configurable per-application and by log type.

Changing the log retention settings will effect your account billing.

Log retention fields:

• Online days - the number of days to keep logs in traffic viewer
• Online space allowance (GB) - storage limit for logs kept viewable in Traffic Viewer
• Archive days - number of days to keep archived logs
• Archive space allowance (GB) - storage limit for archived logs

Account Event Logs

Account event log retention can be set by going to Account settings > Event log retention.

To retrieve archived logs, go to Account settings > Log archives. There you can restore and download a selected range of logs that have been archived.

Application Logs

Application log retention can be set by going to Application > Edit > Log retention.

To retrieve archived logs, go to Application > Edit > Log archives. There you can restore and download a selected range of logs that have been archived.

FAQs:

• How long are my logs retained?

  Log retention depends on the Webscale plan you are subscribed to, and any specific log retention periods you are contracted for. Typically, Cloudwatch logs and traffic viewer logs are retained for at least 30 days by Webscale. It is possible to request extended log retention for up to 1 year for audit or compliance purposes. When extended log retention is enabled, the logs may be stored in storage services (such as S3 or Glacier on AWS).

• If I need to see or obtain copies of a specific log file, how would I go about this?

  Traffic viewer logs are available to download from the Webscale control panel for administrators of the account. If you are not sure where to find the log, the best thing would be to send in a support request.

• What are the paths/locations of the most common logs?

  The most common system logs are located under /var/log/ on the servers they apply to. Magento logs are in /var/www/site/var/logs/, and other logs created and managed by Webscale are at /var/log/webscale/. Any webserver logs end up separated by IP Address in /var/log/webscale/clients/. The var directory should always be a symlink to the NFS shared directory so that webservers can write to the logs.

Further Reading

• The Webscale Control Panel Dashboard
• How to Enforce a Content Security Policy
• Security How-Tos

Feedback

Was this page helpful?

Glad to hear it! Have any more feedback? Please share it here.

Sorry to hear that. Have any more feedback? Please share it here.