Managed Hosting for WordPress - Retrieving and analysing your logs

View as Markdown

Find out which logs your Managed Hosting for WordPress solution generates, how they are sent to Logs Data Platform, and how to query the available fields.

Objective

A log is an event recorded on a computer system (server, application, website, etc.). For a website, logs typically record each HTTP request received, the response returned, the client that issued the request, and how long the request took to serve.

Your Managed Hosting for WordPress solution generates logs for the websites it hosts and forwards them to Logs Data Platform, where you can store, visualise, and query them.

Unlike a raw log file, the logs sent to Logs Data Platform are split into individual fields (HTTP method, status code, client IP address, response time, etc.). This means you do not have to parse a single text line yourself: each piece of information is already available as a dedicated, searchable field.

Find out which logs are available for your Managed Hosting for WordPress solution and how to exploit them.

Requirements

Instructions

Warning

We provide this tutorial to help you with common tasks. However, we recommend contacting a specialist provider if you experience any difficulties. We will not be able to assist you with interpreting the logs generated by your Managed Hosting for WordPress solution. More information in the Go further section of this tutorial.

Available log kinds

Your Managed Hosting for WordPress solution forwards two distinct types of logs to Logs Data Platform:

Log kindContent
HTTP access logsOne entry per HTTP request received by your website (Apache access log). This is the main stream used to monitor traffic, errors, and response times.
PHP-FPM logsMessages emitted by the PHP-FPM engine that runs your WordPress code (PHP warnings, errors, slow scripts, etc.).

Each entry is enriched with information identifying the website it relates to, so you can filter the logs of a single site even when several sites share the same stream:

  • service_id: the identifier of your Managed Hosting for WordPress service.
  • website_id: the internal identifier of the website.
  • fqdn: the domain name (virtual host) targeted by the request.

Viewing and forwarding your logs

You can preview your most recent logs directly in the OVHcloud Control Panel and subscribe to Logs Data Platform to store, query, and visualise them. Click the tabs below to view each of the 2 steps.

Step 1
Step 2

Go to the page in your OVHcloud Control Panel, then click Manage under the resource concerned.

Managed Hosting for WordPress resource list with a Manage button on each resource card

HTTP access log fields

For each HTTP request, the following fields are available. The field names follow the Logs Data Platform naming conventions (EN): the suffix indicates how the value is typed and indexed (_ip is geolocated, _int is an integer, _num is a number, _date is a date).

FieldExampleDescription
time2026-06-04T10:04:53.000ZDate the entry was received by Logs Data Platform.
hostwp004.eu-west-001Hostname of the server that generated the log.
service_idwp-xxxxxxxxIdentifier of your Managed Hosting for WordPress service.
website_ida1b2c3d4e5Internal identifier of the website.
fqdnwww.example.comDomain name (virtual host) targeted by the request.
remote_host_ip203.0.113.42Client IP address. Because of the _ip suffix, it is automatically geolocated by Logs Data Platform (country, city, coordinates, etc.).
http_methodGETHTTP method of the request.
http_path/wp-login.phpPath requested by the client.
http_protocolHTTP/1.1Protocol and version used.
http_status_int200HTTP response status code, stored as an integer so you can run numeric comparisons.
bytes_sent1234Size of the response sent to the client, in bytes.
refererhttps://www.google.com/Value of the Referer header.
user_agentMozilla/5.0 (...)Value of the User-Agent header.
request_time04/Jun/2026:10:04:53 +0000Time the request was received, in a human-readable form.
request_time_date2026-06-04T10:04:53ZSame request time as an ISO 8601 (UTC) date, so it can be used in date-based queries and dashboards.
request_duration_num114Time taken to serve the request, in milliseconds. Use it to monitor your response times.
message203.0.113.42 - - [04/Jun/2026...]The complete raw access log line, kept for reference.

PHP-FPM log fields

The PHP-FPM kind is lighter and exposes the following fields:

FieldDescription
timeDate the entry was received by Logs Data Platform.
hostHostname of the server that generated the log.
service_idIdentifier of your Managed Hosting for WordPress service.
website_idInternal identifier of the website.
messageThe PHP-FPM message (warning, error, notice, etc.).

Querying and analysing your logs

Once your logs reach Logs Data Platform, you can explore them through the Graylog web interface included with your solution, build dashboards, and set up alerts. For the basics, refer to the Quick start with Logs Data Platform (EN) guide.

Because the access logs are split into typed fields, you can run targeted searches directly from the Graylog search bar. A few examples:

  • Display the requests of a single website:
website_id:a1b2c3d4e5
  • Find every server error (HTTP 5xx):
http_status_int:>=500
  • Identify slow requests that took more than one second to serve:
request_duration_num:>1000
  • Monitor brute-force attempts on the WordPress login page:
http_path:"/wp-login.php" AND http_method:POST
  • Filter traffic by the geolocated country of the client (provided by the _ip suffix):
remote_host_ip_country_code:FR
Info

The HTTP access logs are generated in UTC. Use the request_time_date field (an ISO 8601 date) or the time field for any date-based query, sorting, or histogram.

Go further

For specialised services (SEO, development, etc.), contact OVHcloud partners.

Join our community of users.

Was this page helpful?