Analysis updated 2026-05-18
Monitor web server traffic in real-time from the command line without external tools or dashboards.
Detect brute-force attacks, bot activity, and suspicious traffic patterns directly from access logs.
Generate shareable HTML reports of traffic statistics and performance metrics for stakeholders.
Analyze large log files incrementally and persist results on disk for historical trend analysis.
| allinurl/goaccess | qmk/qmk_firmware | jart/cosmopolitan | |
|---|---|---|---|
| Stars | 20,514 | 20,364 | 20,798 |
| Language | C | C | C |
| Setup difficulty | moderate | hard | hard |
| Complexity | 2/5 | 3/5 | 4/5 |
| Audience | ops devops | general | developer |
Figures from each repo's GitHub metadata at analysis time.
Requires ncurses library and C compiler, log file path configuration needed to point to actual server logs.
GoAccess is a tool that reads the access logs your web server writes and turns them into live, easy-to-read statistics. You can view the report inside a terminal window over SSH, or open a self-contained HTML dashboard in a browser, and the numbers update in real time as new requests come in. The point is to answer common questions about a site without having to ship logs off to a separate analytics service. You can see how many visitors and hits you are getting, how much bandwidth is being used, which pages are slowest to respond, which virtual host on a multi-site server is taking the most load, and where traffic is coming from. There is also an Autonomous System Number lookup that helps spot suspicious sources, brute-force attempts, scanners, bots, and other anomalies straight from the logs, so it doubles as a lightweight security monitoring aid. It handles nearly any log format through a custom format string and ships with presets for common ones, including Apache, Nginx, Amazon S3, Amazon CloudFront, AWS Elastic Load Balancing, Squid, the W3C IIS format, Caddy's JSON structured format, and Traefik. Reports can be exported as HTML, JSON, or CSV. It can also process logs incrementally and persist data to disk so history is not lost between runs. GoAccess is written in C and depends only on the ncurses library, which keeps installs small. Packages are available for most Linux distributions, the BSDs, macOS via Homebrew, and Windows through Cygwin or WSL.
Real-time web log analyzer that reads Apache, Nginx, and other server logs and displays traffic stats and security insights in a terminal dashboard or HTML report.
Mainly C. The stack also includes C, ncurses, WebSocket.
Use freely for any purpose including commercial, as long as you keep the copyright notice.
Setup difficulty is rated moderate, with roughly 30min to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
Verify against the repo before relying on details.