Really I have the nginx logs going to the disk so that I can have prometheus-nginx scrape them for referer patterns (it getting above a certain threshold for a given referer is how I know when my article got posted somewhere), status code rates and overall to make sure that the core functions of the site (such as the RSS feed) are working like I expect. I could probably change it to write the logs to a unix fifo instead of a unix file, but I actually do end up going back to look at the logs for things like people attempting to exploit my code so I can harden my site appropriately.
I just checked the logs and did some reverse IP lookups at random and it turns out nearly all the IP addresses I have are cloudflare IPs. So I don't even have IP addresses logged the way I thought I did! Yay me!
