Page tree
Skip to end of metadata
Go to start of metadata

Overview

TailWatch monitors a log file for certain activities, and then takes action based upon the activity. Driver modules monitor specific services and contain instructions for which actions to perform (for example, which log to monitor and what to do with the information).

As of cPanel & WHM version 56, we ship the following stock drivers:

  • chkservd
  • cpbandwd
  • eximstats
  • jailmanager
  • modseclog
  • recentauthedmailiptracker

Note:

 In cPanel & WHM version 11.52, we removed the antirelayd driver and added the recentauthedmailiptracker driver.

You can enable or disable TailWatch drivers in WHM's Service Manager interface (Home >> Service Configuration >> Service Manager).

The chkservd driver

The chkservd driver determines whether a process is online and whether to restart it. By default, the chkservd driver checks each service every five minutes to determine whether the server is online.

  • If a service is online, the chkservd driver will move on to the next service. 
  • If a service is offline, the chkservd driver will use one of the cPanel restart scripts, located at /scripts/restartsrv_*, to attempt to restart the service.

You can view the results of the chkservd checks in any of the following formats:

  • The /var/log/chkservd.log log file contains the results from each check that it performs. 
  • WHM's Server Information interface (Home >> Server Status >> Server Information) displays the results from each check. 
  • You can choose to have the results from each check emailed to you.

Notes:

  • To choose which services the chkservd driver will monitor, use WHM's Service Manager interface (Home >> Service Configuration >> Service Manager).
  • To modify the chkservd driver's configuration options, use the System section of WHM's Tweak Settings interface (Home >> Server Configuration>> Tweak Settings)

Common problem

One of the most common chkservd driver issues occurs when you do not monitor and have not disabled a service, but it continues to appear as offline in WHM's Service Manager interface (Home >> Service Configuration >> Service Manager). To fix this error, you may need to remove or edit certain files.

To fix this error, perform the following steps, where service represents the name of the service with which you experience problems:

  1. To remove the run file, run the following command:

    rm -f /var/run/chkservd/service 
  2. To remove the chkservd configuration file, run the following command:

    rm -f /etc/chkserv.d/service 
  3. In your preferred text editor, remove the service's line from the /etc/chkserv.d/chkservd.conf configuration file.

  4. To restart the chkservd driver, run the following command:

    /scripts/restartsrv_chkservd
  5. Navigate to WHM's Service Manager interface (Home >> Service Configuration >> Service Manager). 
  6. Click Save at the bottom of the interface without any additional changes.

Other drivers (antirelayd, eximstats, jailmanager, cpbandwd, and modseclog)

Unlike the chkservd driver, the other TailWatch drivers do not have their own log files or configuration.

Note:

The system writes these drivers' activities to the main /usr/local/cpanel/logs/tailwatchd_log log file.

Process control and status

To control the TailWatch process, pass command line flags to the /usr/local/cpanel/libexec/tailwatchd file.

For a full list of available flags, run the following command:

 /usr/local/cpanel/libexec/tailwatchd --help

Custom functionality

To add custom functionality to TailWatch, add a new driver. The PerlDoc for the TailWatch Module contains full documentation and examples for customizations.

To access this documentation, run the following command:

/usr/local/cpanel/libexec/tailwatchd --perldoc

Place your new drivers in the /usr/local/cpanel/Cpanel/TailWatch directory, then restart TailWatch to load the new drivers.

Additional documentation