I made my own personal server, now its time to learn how to monitor it.

I use proftpd for ftp
I use apache2 for http

If I have a file at www.xyz.com/file.ext and someone downloads it, where would the IP of the downloader be logged to?

What about if they access it via proftpd?

TIA
-SS

There are many log files, most reside in /var/log. Different server applications, e.g. vsftp and apache, can be configured to send their log output to custom locations, but generally everything goes to /var/log. Apache for example, has a directory under /var/log called httpd which is where all of its log output goes.

Check your application config files to see where each package is logging to - e.g. /etc/httpd/conf/httpd.conf tells you that it logs to /etc/httpd/logs, but a quick investigation will show that this is a symbolic link to /var/log/httpd. My point is, your system will tell you where you log files are.

You should look into logwatch. On my Fedora and RHEL systems this is executed daily via /etc/cron.daily, where an entry can be found for logwatch (probably a link to the real script). Logwatch sends an email (typically to root) each day, extracting useful info from your log files. You can customise the activities of logwatch by editting the config file at /etc/logwatch/conf/logwatch.conf. Use "man logwatch" for more info.

You didn't tell us which distro you're using, so I hope this is applicable to your system.