I’m pretty principled. I block as much tracking as I can in my personal use of the web because what I do isn’t anyone’s business but my own. So, the idea that I have to put trackers on my site is pretty noxious to me, and I have thus far refused.
This isn’t an ad and I don’t want my personal account associated with my business, so no URLs, but I would like to know what you all think: is this something worthwhile that people will appreciate, or am I letting my principles guide me off a cliff because nobody cares that much?
Logging is standard practice if you give even the slightest damn about security (read: you should), so I don’t see it as a problem. It’s what you use those logs for, how long they’re retained, and whether you sell them off.
So as long as you’re only using them for security auditing and website analytics and don’t keep them forever and don’t plan to sell them to data brokers, there’s really nothing to fret over. A good place to disclose how you use the logs, how long you retain them, and what is logged is in the site’s privacy policy.