Skip to main content

Overview

TeamSpeak 6 Server provides comprehensive logging capabilities to help you monitor server activity, troubleshoot issues, and maintain security. This guide covers log configuration, management, and analysis.

Log Configuration

Log Path

Configure where log files are stored: 
./tsserver --log-path /var/log/teamspeak --accept-license
Default log path: logs/ (relative to the server binary)
For Docker installations, logs are written to /var/tsserver/logs/ inside the container. Ensure this path is included in your volume mount to persist logs.

Log Append Mode

Control how log files are created:
Creates a new log file each day:
tsserver.yaml
server:
  log-append: 0
Log file naming: ts6server_YYYY-MM-DD__HH_MM_SS.log
Using append mode without log rotation can result in very large log files. Implement external log rotation if using this mode.

Log Types and Locations

Server Logs

Main server logs contain general operation information: 
# View container logs (stdout/stderr)
docker logs teamspeak-server

# Follow logs in real-time
docker logs -f teamspeak-server

# View last 100 lines
docker logs --tail 100 teamspeak-server

# Show logs since specific time
docker logs --since 2024-01-01T10:00:00 teamspeak-server

# Access log files in mounted volume
docker exec teamspeak-server ls -lh /var/tsserver/logs/

Query Logs

Enable detailed ServerQuery command logging:
tsserver.yaml
server:
  query:
    log-commands: 1
    log-timing: 3600
Environment variables: 
export TSSERVER_QUERY_LOG_COMMANDS=1
export TSSERVER_QUERY_LOG_TIMING=3600
log-timing defines the interval (in seconds) for logging query statistics. Default is 3600 seconds (1 hour).

Database Query Logs

Enable SQL query logging for debugging:
tsserver.yaml
server:
  database:
    config:
      log-queries: 1
Or via command line: 
./tsserver --db-log-queries --accept-license
Database query logging generates significant log volume and may impact performance. Only enable for troubleshooting.

Crash Dumps

Configure crash dump location:
tsserver.yaml
server:
  crashdump-path: crashdumps

# Or via environment variable
export TSSERVER_CRASHDUMP_PATH=/var/crashes/teamspeak

Docker Logging

Docker Log Drivers

Configure Docker logging driver for advanced log management:
docker-compose.yaml
services:
  teamspeak:
    image: teamspeaksystems/teamspeak6-server:latest
    container_name: teamspeak-server
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"
    volumes:
      - teamspeak-data:/var/tsserver

Common Logging Drivers

logging:
  driver: "json-file"
  options:
    max-size: "10m"
    max-file: "5"
    compress: "true"
Logs stored in: /var/lib/docker/containers/<container-id>/<container-id>-json.log
Use volume mounts to persist file-based logs across container recreations:
volumes:
  - ./logs:/var/tsserver/logs

Log Rotation

Manual Rotation (Binary Installation)

For servers using --log-append, implement logrotate:
1

Create logrotate configuration

Create /etc/logrotate.d/teamspeak:
/etc/logrotate.d/teamspeak
/var/tsserver/logs/ts6server.log {
    daily
    rotate 14
    compress
    delaycompress
    notifempty
    missingok
    copytruncate
}
2

Test the configuration

# Dry run to test configuration
logrotate -d /etc/logrotate.d/teamspeak

# Force rotation to verify
logrotate -f /etc/logrotate.d/teamspeak
3

Verify automated rotation

Logrotate runs daily via cron. Verify with:
# Check logrotate status
cat /var/lib/logrotate/status | grep teamspeak

# View rotated logs
ls -lh /var/tsserver/logs/

Docker Log Rotation

Docker automatically rotates logs based on the logging driver configuration:
docker-compose.yaml
services:
  teamspeak:
    logging:
      driver: "json-file"
      options:
        max-size: "50m"      # Rotate when file reaches 50MB
        max-file: "7"        # Keep 7 rotated files
        compress: "true"     # Compress rotated files

Log Analysis

Common Log Patterns

Search logs for common events: 
# Client connections
grep "client connected" logs/ts6server_*.log

# Client disconnections
grep "client disconnected" logs/ts6server_*.log

# Errors
grep -i "error" logs/ts6server_*.log

# Warnings
grep -i "warning" logs/ts6server_*.log

# ServerQuery activity
grep "query" logs/ts6server_*.log

# Failed login attempts
grep "authentication failed" logs/ts6server_*.log

Log Monitoring Tools

Use standard Linux tools for log analysis: 
# Monitor logs in real-time with highlighting
tail -f logs/ts6server_*.log | grep --color -E "error|warning|$"

# Count occurrences of specific events
grep -c "client connected" logs/ts6server_*.log

# Extract and sort unique IP addresses
grep "client connected" logs/ts6server_*.log | \
  awk '{print $6}' | sort -u

# Find logs from specific date range
find logs/ -name "ts6server_2024-01-*" -type f

Centralized Logging

For production environments, use centralized logging:
Send logs to Elasticsearch, Logstash, and Kibana:
docker-compose.yaml
services:
  teamspeak:
    logging:
      driver: "syslog"
      options:
        syslog-address: "tcp://logstash:5000"
        tag: "teamspeak"

Log Security

Sensitive Information

TeamSpeak logs may contain:
  • Client IP addresses
  • ServerQuery commands
  • Connection metadata
Logs do not contain passwords or encryption keys, but treat them as sensitive data. Implement appropriate access controls.

Access Control

Restrict log file access: 
# Set appropriate permissions (Linux)
chmod 640 /var/tsserver/logs/*.log
chown tsserver:tsserver /var/tsserver/logs/*.log

# For Docker, set volume permissions
docker run -v teamspeak-logs:/var/tsserver/logs \
  --user 1000:1000 \
  teamspeaksystems/teamspeak6-server:latest

Troubleshooting with Logs

Startup Issues

# Check for configuration errors
grep -A 5 "failed to start" logs/ts6server_*.log

# Verify license acceptance
grep "license" logs/ts6server_*.log

# Check database connection
grep -i "database" logs/ts6server_*.log

Connection Problems

# Check for port binding issues
grep "failed to bind" logs/ts6server_*.log

# View connection errors
grep "connection.*failed" logs/ts6server_*.log

# Check firewall or network issues
grep -i "timeout" logs/ts6server_*.log

Performance Issues

# Look for resource warnings
grep -i "memory\|cpu\|thread" logs/ts6server_*.log

# Check for database slow queries
grep "slow query" logs/ts6server_*.log

# Find connection spikes
grep "client connected" logs/ts6server_*.log | \
  awk '{print $1, $2}' | uniq -c

Log Retention

Best Practices

1

Define retention policy

Determine how long to keep logs based on:
  • Compliance requirements
  • Available storage
  • Troubleshooting needs
Recommended: 30-90 days for active logs
2

Archive old logs

# Compress logs older than 30 days
find /var/tsserver/logs -name "*.log" -mtime +30 -exec gzip {} \;

# Move to archive location
find /var/tsserver/logs -name "*.log.gz" -mtime +7 \
  -exec mv {} /archive/teamspeak/ \;
3

Automated cleanup

Create a cron job for automated cleanup:
# Edit crontab
crontab -e

# Add daily cleanup at 2 AM
0 2 * * * find /var/tsserver/logs -name "*.log" -mtime +90 -delete
Consider backing up logs before deletion. See Backup & Restore for details.

Log Export

Export to File

# Export Docker logs
docker logs teamspeak-server > teamspeak-$(date +%Y%m%d).log 2>&1

# Export with timestamps
docker logs --timestamps teamspeak-server > teamspeak-$(date +%Y%m%d).log 2>&1

# Export specific date range
docker logs --since "2024-01-01T00:00:00" \
  --until "2024-01-31T23:59:59" \
  teamspeak-server > teamspeak-january-2024.log 2>&1

Export for Support

When requesting support, provide relevant logs: 
# Create support bundle
tar -czf teamspeak-logs-$(date +%Y%m%d).tar.gz \
  logs/*.log \
  tsserver.yaml

# For Docker installations
docker logs teamspeak-server > server.log 2>&1
tar -czf teamspeak-support-$(date +%Y%m%d).tar.gz \
  server.log \
  docker-compose.yaml
Remove or redact sensitive information (IP addresses, custom configurations) before sharing logs publicly.

Build docs developers (and LLMs) love

Get started for freeTalk to us