RunCloud logs all important events happening on your server in a log file. There are three type of logs – here’s a breakdown of what each of them does.
Server Activity Logs
You can find server activity logs in the side menu when you open the RunCloud dashboard.
The screen displays a list of events and actions that have taken place on the server. The activity log contains a search bar that can be used to filter the log entries based on specific keywords. The log entries are listed in reverse chronological order, with the most recent events appearing at the top.
Each log entry includes a timestamp that indicates the date and time when the event occurred. The log entries also include a severity level that indicates the level of importance or urgency of the event. Here, you can see events such as the creation/deletion of databases and web applications:
Web Application Activity Logs
This screen provides a detailed log of events and actions that have taken place on the server, which can be helpful in identifying issues and troubleshooting problems.
To view the activity logs for a web application, open the application in the RunCloud dashboard and click on the “Activity Log” in the sidebar.
This log shows a list of events and actions that are relevant to this application. The logs are presented as a list of events in reverse chronological order, with the most recent events appearing at the top. You can also use the search bar to filter the log entries based on specific keywords.
Web Server Log
Apache2 and Nginx logs are essential tools for managing and optimizing WordPress sites. They provide valuable insights into server performance, user behavior, and security threats. By analyzing these logs you can identify areas where your site can be improved, and take proactive steps to ensure that your site is secure and performing at its best.
You can access these logs in the RunCloud dashboard easily. Just open the web application and click on “Web Server Log” to view the last 500 lines of log files related to the web application – including the Nginx access log, the Nginx error log, the Apache access log, the Apache error log, the G-Firewall, and the ModSec Audit log.
The log viewer also includes some basic navigation options, such as the ability to reload the log content, maximize the viewer window, and switch between light and dark modes.
Each log entry contains the IP address of the visitor, timestamp, HTTP request method, HTTP response code, user agent, and referrer.
Checking Server Logs via SSH
For advanced troubleshooting or real-time monitoring, you can access your web application logs directly via SSH. This is more powerful than using a GUI, as it lets you filter thousands of lines of data with standard Linux commands.
Step 1: Log in via SSH
First, you must log in to your server as the Web Application Owner (‘runcloud user’ by default).
Step 2: Locate Your Log Files
Once logged in, all web application logs are stored within the logs directory in the user’s home folder. Depending on your server stack (NGINX, Apache, or OpenLiteSpeed), the paths will vary slightly:
| Server Type | Access Log Path | Error Log Path |
| OpenLiteSpeed | ~/logs/app-name_access.log | ~/logs/app-name_error.log |
| Nginx | ~/logs/nginx/app-name_access.log | ~/logs/nginx/app-name_error.log |
| Apache | ~/logs/apache2/app-name_access.log | ~/logs/apache2/app-name_error.log |
To see all available logs, you can run the following commands:
# Navigate to the logs directory
cd ~/logs
# List files for OLS
ls -lh
# List files for Nginx or Apache
ls -lh nginx/
ls -lh apache2/Step 3: Review and Process Logs
Once you have located the correct log file, use the following commands to monitor or search for specific issues.
To see errors or traffic as they happen, use the tail -f command. This “follows” the file and updates your screen instantly.
# Watch Nginx errors in real-time
tail -f ~/logs/nginx/app-mywebapp_error.log
# Watch OLS access logs
tail -f ~/logs/app-astro_access.logIf you are looking for a specific issue, such as a 404 error or a specific IP address, use grep.
# Find all 404 (Not Found) errors in an access log
grep "404" ~/logs/nginx/app-mywebapp_access.log
# Search for a specific IP address to see their activity
grep "123.456.78.9" ~/logs/nginx/app-mywebapp_access.log
RunCloud automatically rotates and compresses older logs to save space (files ending in .gz). You can search these without unzipping them using zgrep.
# Search for an error in an archived log file
zgrep "Critical Error" ~/logs/nginx/app-Bagisto_error.log-20251001.gz
If you just want a quick snapshot of the most recent activity:
# View the last 50 lines of the log
tail -n 50 ~/logs/nginx/app-mills_access.log
To see how many times a specific error has occurred:
# Count how many "500 Internal Server Errors" occurred
grep "500" ~/logs/nginx/app-mywebapp_access.log | wc -l
If you have any other questions or need help – please feel free to get in touch with our 24/7 support team. We’re here to help!