My domain katzien.de is hosted by Ionos. They supply access logs in a subfolder of the account. To analyse them with goacces, the following log-format and date-time arguments are needed:
goaccess access.log.??.? -o access.html --log-format='%h %^[%x] "%r" %s %b %v "%R" "%u" "$^" ' --datetime-format='%d/%b/%Y:%H:%M:%S %z'
I use the following makefile snippet to download all logs to local and analyse them:
download-logs:
mkdir -p logs
rsync -rvz --partial --times katzien.de:logs/ ./logs/ --exclude .md5sums
analyse-logs:
cd logs && (zcat access.log.*.gz | goaccess access.log.??.? - -o access.html --log-format='%h %^[%x] "%r" %s %b %v "%R" "%u" "$^" ' --datetime-format='%d/%b/%Y:%H:%M:%S %z')
open logs/access.html
(rsync uses a host alias in ~/.ssh/config
with ssh key access…)
Of course, this made me realize that I have more malicious traffic than real read… Oh well…