What is TailWatchd? Details and Working

Posted at December 13, 2016 at 11:38 am by Jithin

What is TailWatchd

The tailwatchd is a newer concept in the history of cPanel. As the name explains, it is used to monitor the logs. Why should it be used? What are the functions of tailwatchd? What are the previous substitutions for the daemon? In this documentation, we are going to see the benefits of the tailwatchd.  It is used to process the logs. The tailwatchd keeps monitoring a log file for certain activities. Based on these activities, it takes the necessary action. In older days, there were three daemons used to collect various information. They are antirelayd, eximstats, and cpbandwd. These daemons will provide information on mail and bandwidth logs but now, these daemons are deprecated. Nowadays, Tailwatchd handles all the responsibilities done by the above daemons. The Tailwatchd is comparatively better because it is more robust and lightweight. It is certainly better that replacing three daemons with a single one. This has helped to reduce the server load in a considerable manner. Can you believe that while carrying out the functions of the three daemons, tailwatchd still consumes less memory than eximstats? That’s why the tailwatchd should be used.

 

How does tailwatchd works?

Let’s see how does the tailwatchd works. As we’ve seen earlier, the tailwatchd monitors a log file for certain activities and responses to the activities by taking appropriate actions. There is a driver module for the tailwatchd. This module controls the working of tailwatchd. It defines the specifics of the daemon. It includes which is the log file to monitor and what to do with the information in the logs. The below drivers are the drivers shipped by cPanel.

1) antirelayd

2) cpbandwd

3) chkservd

4) eximstats

Let’s see what are these.

 

Antirelayd

We know that the mail server used by cPanel is the exim. In the exim, there is a mechanism to allow pop-before-smtp relaying for sending emails. There is a file as /etc/relayhosts. The IP addresses that are allowed to relay on server will be added dynamically to this file. This is done by the antirelayd daemon. It is the use of antirelayd. This daemon checks /var/log/maillog for POP3 or IMAP logins to keep track of valid logins. This is then used with SMTP relaying. If you try to whitelist an IP address by adding it to the /etc/relayhosts file, it will be removed by the antirelayd as it is managed by the daemon. In this situation, you need to create a file as /etc/alwaysrelay and add the IP addresses into the file so that they will be whitelisted. The IP addresses can be added line by line. If there is already such a file, please edit the file and add the IP addresses.

 

Cpbandwd

As the name indicates, this is the cPanel bandwidth accounting system. This is used to calculate the band width usage. This can’t be disabled completely. You need to disable Awstats, Analog and Webalizer. This will prevent the stats programs from running, but cPanel will still calculate the bandwidth usage. This will help reduce the load on the server up to some extent.

 

Chkservd

It is the service in cPanel that ensures the services are running. The Chkservd is responsible to restart any service if need to. The “Service Manager” section in cPanel is managed by the Chkservd. This control panel interface will allow you to easily turn on or off the added services. To add a service, you need to edit the configuration file of the Chkservd. It is located at /etc/Chkserv.d/Chkservd.conf. You should add the below line to add a service.

service:1

The “1” stands for “On” which means the service is enabled. To disable a service, it will be “0”. For Chkservd, each service has its own file. You need to create the file for the newly added service also. The contents in the file will be in the below format.

#SERVICE = PORT, SEND, RESPONSE, RE­START COMMAND

cPanel will check the services with Chkservd in two various methods. They are given below.

1) Connection­-based monitoring

2) Process-­based monitoring

 

Connection-­based monitoring

This is the default method. In this method, the cPanel will try to establish a connection to the service’s specified port, then it will issue a command. If it gets the response, it will consider the service as online. Otherwise, it will be taken as offline.

 

Process-­based monitoring

In this type of monitoring, cPanel will check for a specific process to determine if it is online or offline.

 

Eximstats

The eximstats is used to extract statistical information from the log files. It’s just a Perl script. The output of the eximstats can be either in plain text or in HTML. As the eximstats script has been hacked about quiet over time, the latest version is provided after extensive revision. Usually, the arguments to the scripts are a list of files followed by any option.

example: eximstats -nr /var/spool/exim/log/mainlog.01

The eximstats outputs a grand total summary which will consists of the volume and number of messages received and the deliveries made and the number of hosts involved in each case. It also outputs the number of messages which were delayed.

These are the daemons that were doing the functions of tailwatchd in older cPanel versions. Once the tailwatchd is active, all these will be stopped.

 

How to upgrade to TailWatchd

You can easily upgrade to a cPanel version which uses tailwatchd. When the tailwatchd is started, older processes will be stopped. The scripts used for older daemons will be modified, so that it will not function further. If one more upgrade happens, then these scripts will be removed automatically. This is how you can upgrade to the tailwatchd.

 

If you need any further assistance please contact our support department.

 

 

5.00 avg. rating (89% score) - 1 vote

You can skip to the end and leave a response. Pinging is currently not allowed.

One Response to “What is TailWatchd? Details and Working”

  1. antony_sebastian says:

    very usefull…..thx 🙂

Leave a Reply