That is the exact thing that needs to be avoided. By using such a service, you are allowing that service to aggregate browsing logs.
It doesn't matter if any particular site logs it's OWN requests; it is expected that if I ask you for a page, you (as the 2nd party) may choose to remember that transaction. Without aggregation, any service only knows about the people that choose to interact with that service. This mirrors fairly closely traditional expectations where e.g. a shopkeeper knows that you walked into their shop, but most people would find it more than a little creepy if that same shopkeeper allowed a 3rd party to kept detailed notes about their customers.
The problems start when you decide to let other people eavesdrop on what should be a two-party transaction, especially when they have access to a lot of these interactions. By aggregating logs, the knowledge about someone changes from known that they used a particular service, to knowing their pattern-of-life[1] (and more).
> what should a site administrator use
I'm truly sorry that there are not a lot of options (that I know of) for better server-log analysis. This area has suffered a lot of damage from the Service As A Software Substitute[2] monopolies.
I suggest pressuring vendors for better analytics software. There may be a market for better local-only, no-services-involved server-log analysis tools. Until such tools exist (or are found), you're in a hard place, because lack of tools is not justification for betraying the activities of your users to a snooping 3rd party.
> third party hosted
That is the exact thing that needs to be avoided. By using such a service, you are allowing that service to aggregate browsing logs.
It doesn't matter if any particular site logs it's OWN requests; it is expected that if I ask you for a page, you (as the 2nd party) may choose to remember that transaction. Without aggregation, any service only knows about the people that choose to interact with that service. This mirrors fairly closely traditional expectations where e.g. a shopkeeper knows that you walked into their shop, but most people would find it more than a little creepy if that same shopkeeper allowed a 3rd party to kept detailed notes about their customers.
The problems start when you decide to let other people eavesdrop on what should be a two-party transaction, especially when they have access to a lot of these interactions. By aggregating logs, the knowledge about someone changes from known that they used a particular service, to knowing their pattern-of-life[1] (and more).
> what should a site administrator use
I'm truly sorry that there are not a lot of options (that I know of) for better server-log analysis. This area has suffered a lot of damage from the Service As A Software Substitute[2] monopolies.
I suggest pressuring vendors for better analytics software. There may be a market for better local-only, no-services-involved server-log analysis tools. Until such tools exist (or are found), you're in a hard place, because lack of tools is not justification for betraying the activities of your users to a snooping 3rd party.
[1] https://en.wikipedia.org/wiki/Pattern-of-life_analysis
[2] http://www.gnu.org/philosophy/who-does-that-server-really-se...