Log report filter

Domain: {{ report.domain }} {{ report.start }}{{ report.end }}

Choose a time range and provide the secret token. The backend auto-detects the domain from the host (unless you send it explicitly from n8n/Make).

The secret is generated on first API call and stored in log_secret.php. It protects the endpoint from public access.
Presets help avoid manual typing and match cache-friendly month ranges (previous/current month).
Start of the analyzed window (server time).
End of the analyzed window (server time).
Error: {{ error }}
Total requests: {{ report.access_summary.total_requests.toLocaleString('hr-HR') }} Error log entries: {{ report.error_summary.total_errors }} Tip: spikes in 5xx + matching error log entries often indicate downtime or resource limits.
  • Status codes: distribution of HTTP responses. Lots of 404 = broken links/bot scanning. Lots of 5xx = server/app errors.
  • HTTP groups (2xx/3xx/4xx/5xx): quick health view. Rising 5xx is a red flag.
  • Methods: normal sites are mostly GET/HEAD. Unexpected spikes in POST can indicate forms, bots, or attacks.
  • Top URLs: most-hit endpoints. Helps locate hot pages, loops, or heavy endpoints.
  • Top IPs / User agents: identifies bots/heavy crawlers. One IP dominating traffic can be a scraper or attack source.
  • Hourly traffic: shows spikes and potential downtime windows (drops to near-zero or bursts of 5xx).

Total requests

{{ report.access_summary.total_requests.toLocaleString('hr-HR') }}

{{ report.start }} – {{ report.end }}

HTTP groups

2xx: {{ groupStatus(200, 299) }}

3xx: {{ groupStatus(300, 399) }}

4xx: {{ groupStatus(400, 499) }}

5xx: {{ groupStatus(500, 599) }}

Methods

{{ method }}: {{ Number(count).toLocaleString('hr-HR') }}
Mostly GET/HEAD is normal. POST spikes can be forms, bots, or attacks.

Error log entries

{{ report.error_summary.total_errors }}

{{ errorCausesSummary }}

Use this to correlate 5xx spikes with PHP/app/server errors.

Status codes

Sorted by count
Shows response distribution; high 404 often means broken links or probing; high 5xx indicates downtime/app issues.
Code Count
{{ row.code }} {{ row.count.toLocaleString('hr-HR') }}

Top 10 URLs

Most-hit endpoints. Helps spot loops, hot pages, or expensive routes.
URL Hits
{{ item.value }} {{ Number(item.count).toLocaleString('hr-HR') }}

Full list is in JSON; this shows top 10 for a quick overview.

Top 10 IPs

Useful for identifying bots/heavy crawlers or a single source of spikes.
IP Hits
{{ item.value }} {{ Number(item.count).toLocaleString('hr-HR') }}

Top 10 referrers

Shows where traffic is coming from (internal links, search engines, campaigns, bots).
Referrer Hits
{{ item.value }} {{ Number(item.count).toLocaleString('hr-HR') }}

Top 10 user agents

Helps distinguish real browsers from bots (curl, python-requests, custom crawlers).
User agent Hits
{{ item.value }} {{ Number(item.count).toLocaleString('hr-HR') }}

Hourly traffic

Sorted by time
Use this to spot spikes (surges) and possible downtime windows (drops or 5xx bursts).
Hour Requests
{{ row.hour }} {{ row.count.toLocaleString('hr-HR') }}

Text summary (mail / AI)

Ready to copy/paste into an email or AI prompt.
{{ report.text_summary }}

Raw JSON

Full JSON returned by log_report.php. Useful for debugging, AI, or manual exports. 

{{ prettyJson }}

Export

Download locally for further analysis (Excel/BI/AI processing).

CSV export:

{{ exportError }}