How best to monitor server for simple security awareness purposes?

I’d like to monitor the basic access activity of my nextcloud server. I have a very low number of users (like 2 with accounts) with low traffic and I just want to keep an basic eye on what hooligans on the internet are doing to my server. Ideally, I’d like to see the information presented in a visual way, either through another web page (I’m open to setting up another server) or through console graphics, but I’m open to anything.

For example, here is a wish list of what I’d like to see:

  1. What IP addresses accessed any page, including the login page. Maybe in a histogram or something.
  2. Failed password attempts and their associated IP’s
  3. Traffic or hits
  4. Any other kind of basic monitoring

I’m using apache2. I’m sure there’s a million log monitoring tools out there. But I’m looking for something I don’t have to study for years to use and I’m not sure where to start or what tools have become the de-facto ones in this space.

Some questions I have:

  1. What would be better for my purposes, monitoring the apache logs or the nextcloud logs?
  2. What tools are popular?
  3. If I wanted to collect this kind of simple logging from all my various self-hosted servers, are there any simple tools for collecting all the monitoring data in one place?
  4. Are the available monitoring tools pretty much all custom-regex-based? Is there a way to avoid this or is there another way to monitor?

Any help would be much appreciated.

Piwik is a popular traffic stats tool for webpages, might be a bit overkill for your purposes.

I use logcheck which monitors the logfiles directly. You can set up regular expressions about messages to be ignored (there are already pre-defined rules). You can easily monitor failed login attempts or other stuff.