Same here. Nginx log + GoAccess. I actually login to the server and generate GoAccess html to check the traffic occasionally. I also anonymize ip on Nginx - that way I don't have to deal with GDPR. No cookies, js or third-party images, etc. Really see no need for anything else for a purely content based website. Then again the website is purely non-commercial for now.