Help & Documentation

Everything you need to know to get the most out of LogLens.

Introduction

LogLens is a real-time web analytics and security monitoring platform. Unlike traditional analytics tools that rely on JavaScript tracking, LogLens analyzes your server logs to provide accurate, privacy-friendly insights into your website traffic.

What makes LogLens different?

  • Server-side analytics — Captures all requests, including those from bots, scrapers, and users with ad blockers
  • Real-time monitoring — See traffic as it happens with sub-second latency
  • Bot detection — Automatically identifies and categorizes bots, crawlers, and scrapers
  • Privacy focused — No cookies, no personal data collection, GDPR compliant by design
  • CDN integration — Native support for AWS CloudFront and Cloudflare

Quick Start Guide

Get up and running with LogLens in just a few minutes.

Step 1: Create an Account

Sign up at app.loglens.ai using your email address. You'll automatically be set up with a personal organization.

Step 2: Add Your Website

From the dashboard, click on the website selector and choose "Add Website". Enter your domain name and a friendly name for your site.

Step 3: Connect Your Logs

You have several options to send logs to LogLens:

  • AWS CloudFront — Use real-time logs with Kinesis Firehose (recommended for AWS users)
  • Cloudflare — Use Cloudflare Workers to forward logs
  • Import — Upload historical log files directly

Step 4: View Your Analytics

Once logs start flowing, your dashboard will populate with real-time data. It typically takes 1-2 minutes for the first data to appear.

Enable "Live" mode in the top-right corner to see requests as they happen in real-time.

Key Concepts

Requests vs Visitors

LogLens tracks requests, not unique visitors. A single page load typically generates multiple requests (HTML, CSS, JS, images). This gives you a more complete picture of server load and resource usage.

Human vs Bot Traffic

LogLens automatically classifies traffic as either human or bot based on user agent analysis. Bot traffic is further categorized into:

  • Search engines — Google, Bing, etc.
  • Social media — Facebook, Twitter, LinkedIn crawlers
  • AI crawlers — GPTBot, ClaudeBot, etc.
  • Monitoring — Uptime monitors, health checks
  • SEO tools — Ahrefs, SEMrush, etc.
  • Scrapers — Generic or malicious bots

Time Periods

All analytics can be filtered by time period. Available options include:

  • Last hour, 6 hours, 24 hours
  • Last 7 days, 30 days, 90 days
  • Last year
  • Custom date range

Dashboard Overview

The main dashboard provides a high-level summary of your website traffic.

Key Metrics

Metric Description
Total Requests All HTTP requests received in the selected time period
Human Traffic Requests identified as coming from real users
Bot Traffic Requests identified as coming from automated bots
Unique IPs Number of distinct IP addresses that made requests

Dashboard Widgets

The dashboard includes several widgets:

  • Traffic over time — Bar chart showing requests per time interval
  • Top countries — Geographic distribution of traffic
  • Top bots — Most active bot user agents
  • Top paths — Most requested URLs
  • Live feed — Real-time stream of incoming requests

Time Filters

Use the time filter dropdown in the top-right corner to change the analysis period.

Preset Periods

Quick selection options include Last hour, 6 hours, 24 hours, 7 days, 30 days, 90 days, and 1 year.

Custom Date Range

Select "Custom" to specify exact start and end dates. This is useful for analyzing specific events or campaigns.

Shorter time periods provide more granular data (per-minute intervals), while longer periods show daily aggregates.

Country Filters

Filter your analytics by country to focus on specific geographic regions.

How to Use

  1. Click the "All Countries" dropdown in the header
  2. Select one or more countries from the list
  3. All analytics will update to show only traffic from selected countries

This is particularly useful for:

  • Analyzing traffic from your target markets
  • Identifying suspicious traffic from unexpected countries
  • Comparing behavior across different regions

Live Mode

Live mode shows requests as they happen in real-time.

Enabling Live Mode

Click the "Live" toggle in the top-right corner of the dashboard. When enabled, the dashboard will automatically refresh every 10 seconds and show a live feed of incoming requests.

Live Feed

The live feed shows the most recent requests with details including:

  • Timestamp
  • Request path
  • HTTP method and status code
  • Country of origin
  • Human/bot classification

Traffic Analysis

The Traffic page provides detailed analysis of your website requests.

Traffic Over Time

A stacked bar chart shows human traffic (cyan) and bot traffic (amber) over time. Hover over any bar to see exact counts for that time period.

Status Code Breakdown

See the distribution of HTTP response codes:

  • 2xx (Success) — Successful requests
  • 3xx (Redirect) — Redirects
  • 4xx (Client Error) — Not found, forbidden, etc.
  • 5xx (Server Error) — Server errors

A high percentage of 4xx errors may indicate broken links or attempted attacks. Check the Paths page for specific URLs.

Bot Detection

LogLens automatically identifies and categorizes bot traffic based on user agent strings and behavior patterns.

Bot Categories

Category Description Examples
Search Search engine crawlers Googlebot, Bingbot, YandexBot
Social Social media preview bots Facebook, Twitter, LinkedIn
AI AI training crawlers GPTBot, ClaudeBot, Anthropic
Monitoring Uptime and health checks UptimeRobot, Pingdom
SEO SEO analysis tools Ahrefs, SEMrush, Moz
Feed RSS/Atom feed readers Feedly, NewsBlur
Scraper Generic or malicious bots Various

Bot Detail View

Click on any bot to see detailed information including:

  • Total requests and percentage of traffic
  • Most requested paths
  • Activity over time
  • Response code distribution

If you see a bot you want to block, note its user agent string and add it to your server's robots.txt or firewall rules.

Path Analysis

Understand which pages and resources are most requested on your website.

Top Paths Table

Shows the most requested URLs with:

  • Request count and percentage
  • Average response time
  • Human vs bot split
  • Error rate

Path Detail View

Click any path to see detailed analytics including traffic over time, geographic distribution, and which bots are accessing it.

Filtering Paths

Use the search box to filter paths. This is useful for finding:

  • Specific pages (e.g., /blog/)
  • API endpoints (e.g., /api/)
  • Static assets (e.g., .js, .css)

Referrers

See where your traffic is coming from.

Referrer Types

  • Direct — No referrer (typed URL, bookmarks)
  • Search — Google, Bing, DuckDuckGo, etc.
  • Social — Facebook, Twitter, Reddit, etc.
  • Other websites — Links from other sites

Referrer Detail View

Click any referrer to see which pages they're sending traffic to and how that traffic performs (bounce rate approximation based on single-request sessions).

Geography

Visualize where your visitors are located around the world.

World Map

The interactive map shows traffic density by country. Darker colors indicate more traffic. Hover over any country to see exact request counts.

Country Table

A sortable table shows all countries with traffic, including:

  • Request count and percentage
  • Human vs bot ratio
  • Top paths from that country

Unexpected traffic from certain countries might indicate bot activity or attacks. Use country filters to investigate further.

Devices

Understand what devices and browsers your visitors use.

Device Types

  • Desktop — Windows, macOS, Linux
  • Mobile — iOS, Android phones
  • Tablet — iPads, Android tablets
  • Bot — Automated crawlers

Browsers

See the distribution of browsers including Chrome, Safari, Firefox, Edge, and others.

Operating Systems

View traffic breakdown by OS: Windows, macOS, iOS, Android, Linux, etc.

Status Codes

Monitor HTTP response codes to identify errors and issues.

Status Code Categories

Category Meaning Common Codes
2xx Success 200 OK, 201 Created, 204 No Content
3xx Redirect 301 Permanent, 302 Temporary, 304 Not Modified
4xx Client Error 400 Bad Request, 403 Forbidden, 404 Not Found
5xx Server Error 500 Internal Error, 502 Bad Gateway, 503 Unavailable

Error Investigation

Click on any status code category to see which paths are returning those codes. This helps identify:

  • Broken links (404s)
  • Permission issues (403s)
  • Server problems (5xxs)

AWS CloudFront Integration

Send real-time logs from CloudFront to LogLens using Kinesis Data Firehose.

Setup Overview

  1. Create a Kinesis Data Stream
  2. Create a Kinesis Firehose delivery stream pointing to LogLens
  3. Create a CloudFront real-time log configuration
  4. Attach the log configuration to your distribution

Required IAM Permissions

You'll need IAM roles with permissions for:

  • CloudFront to write to Kinesis
  • Firehose to read from Kinesis and deliver to HTTP endpoint

Firehose Configuration

Configure your Firehose delivery stream with:

  • Destination: HTTP endpoint
  • URL: Your LogLens ingest endpoint
  • API Key: Add as a common attribute header

Contact support for detailed setup instructions specific to your AWS account configuration.

Cloudflare Integration

Forward logs from Cloudflare using Workers.

Cloudflare Worker Setup

Create a Cloudflare Worker that:

  1. Intercepts requests to your site
  2. Extracts log data (path, method, status, etc.)
  3. Forwards to the LogLens API

Sample Worker Code

addEventListener('fetch', event => {
  event.respondWith(handleRequest(event.request))
})

async function handleRequest(request) {
  const response = await fetch(request)
  
  // Send log to LogLens (non-blocking)
  event.waitUntil(sendToLogLens(request, response))
  
  return response
}

Use event.waitUntil() to send logs asynchronously without slowing down the response.

Import Logs

Upload historical log files to backfill your analytics.

Supported Formats

  • CloudFront — Standard CloudFront log format (.gz)
  • Apache/Nginx — Common Log Format (CLF)
  • JSON — Line-delimited JSON

How to Import

  1. Go to Import Logs in the sidebar
  2. Drag and drop your log files or click to browse
  3. Select the log format
  4. Click Import to start processing

Import Status

Track the status of your imports:

  • Pending — Queued for processing
  • Processing — Currently being analyzed
  • Completed — Successfully imported
  • Failed — Error during import

Large log files may take several minutes to process. You can navigate away and check back later.

Website Settings

Configure settings for each website in your account.

General Settings

  • Website Name — Friendly name shown in the UI
  • Domain — Primary domain for this website

API Keys

Manage API keys for log ingestion:

  • View existing API keys
  • Generate new API keys
  • Revoke compromised keys

Keep your API keys secret. If a key is compromised, revoke it immediately and generate a new one.

Organization Settings

Manage your organization and billing.

Organization Details

  • Organization Name — Your company or team name
  • Plan — Current subscription tier
  • Usage — Requests used this billing period

Billing

View and manage your subscription, update payment methods, and download invoices.

Team Management

Invite team members and manage permissions.

Roles

Role Permissions
Owner Full access, billing, can delete organization
Admin Manage websites, team members, settings
Member View analytics, manage assigned websites
Viewer View-only access to analytics

Inviting Team Members

  1. Go to Organization Settings
  2. Click "Invite Member"
  3. Enter their email address
  4. Select a role
  5. They'll receive an email invitation to join