My domain katzien.de is hosted by Ionos. They supply access logs in a subfolder of the account. To analyse them with goacces, the following log-format and date-time arguments are needed:

goaccess access.log.??.? -o access.html --log-format='%h %^[%x] "%r" %s %b %v "%R" "%u" "$^" ' --datetime-format='%d/%b/%Y:%H:%M:%S %z'

I use the following makefile snippet to download all logs to local and analyse them:

download-logs:
	mkdir -p logs
	rsync -rvz --partial --times  katzien.de:logs/ ./logs/ --exclude .md5sums

analyse-logs:
	cd logs && (zcat access.log.*.gz | goaccess access.log.??.? - -o access.html --log-format='%h %^[%x] "%r" %s %b %v "%R" "%u" "$^" ' --datetime-format='%d/%b/%Y:%H:%M:%S %z')
	open logs/access.html

(rsync uses a host alias in ~/.ssh/config with ssh key access…)

Of course, this made me realize that I have more malicious traffic than real read… Oh well…