Even if the database credentials were exposed, they would not be useful unless you had allowed a wildcard access host % against the same mysql user in your hosting control panel.
If it's happening frequently enough that it's effectively reproducible and if it's on a server with few/no other websites, you could consider enabling the general log in mariadb and logging every sql query for a period of time. This does have a performance impact and will obviously consume a lot of disk space.
https://mariadb.com/docs/server/server-management/server-monitoring-logs/general-query-log
I'd be surprised if the Apache error log were helpful but the logs are available in /var/local/enhance/webserver_logs/{websiteId}.log
where {website_id}
is the ID of the website. These generally last until the stats processor runs (roughly every 5 minutes). If you would like them for longer, start a screen session with:
tail --follow=name /var/local/enhance/webserver_logs/{websiteId}.log >> ~/my_website.log
This will pipe all logs into a file in your home dir for later analysis.