When I started my first website, my internet provider also provided me with the corresponding log files.
There was also a statistics tool which generated summaries from the logfiles.
It was fascinating to see where my visitors came from. There were hits from all continents and the number of hits from one country seemed to reflect the economic situation of the country.
In the northern hemisphere you saw many bright spots and in the south almost everything was dark.
I was able to download the log files directly and view them with a text editor.
In addition to ip, date, time, origin, etc., I could even see what my visitors had entered as a search term for goggle. I never felt closer to my visitors.
But the text file was very confusing, so I quickly moved to storing the data in a database table to get a more structured view.
By filtering, sorting and so on, I just pointed out the basics and was able to see pretty well what happened when a visitor came to my website.
Although I did not understand everything 100 percent, but I learned a lot about what happened on my web pages.
My web pages were developed further and later I used analysis tools like google analytics, webmaster tools etc.
One day google told me in the webmaster tools that my web pages have a problem. Goggle threatened to throw me out of his index if I did not take special action immediately.
At first, I did not know what it was about, but when I looked at my log files, I quickly realized that my web pages were hacked and apparently there was a shop selling soccer jerseys.
This shop was realized with a single file (Ingenious, but why do not these guys use their power for something positive?).
Since I had always backed up my log files, I was able to understand exactly when the shop was called on the web page for the first time and how it worked. Finding the hacker was another story.
Some time later I realized that my website was mirrored.
And again, the log files provided me with valuable information about the causer. By analyzing the log files, I quickly understood how mirroring worked and took countermeasures.
Overall, exploring the log files always made me feel good that I'm not so helpless in an attack on my website.
Later, I started to develop a small program to help me analyze the log files.
It contains functions for importing (only the most important thing), filtering, sorting the data, etc.
These are not complicated functions, but by combining the various possibilities, it is a powerful tool to explore logfiles and to understand what is happening on your web server.