Hacker News new | past | comments | ask | show | jobs | submit login
Fathom – Simple, trustworthy website analytics (usefathom.com)
269 points by jhabdas on July 10, 2018 | hide | past | favorite | 120 comments

For people looking for similar options, there's also Matomo[1] (previously Piwik) that you can self-host for free.

[1] https://matomo.org/

I came to the comments to see how this compares with Piwik. Didn’t realize it was also renamed, so thanks!

Careful with the innocraft hosted options. I checked it out the other week (looking for a GA alternative) and they were sending out passwords in plain text.

Really looking forward to trying Fathom.

I wouldn't really call Matomo a 'similar option'. I think the reason Fathom is getting upvotes is because it is dead simple. You immediately understand what's going on when you log into the demo.

Matomo looks like a GA clone that'd take some getting acclimated to.

Another alternative is Countly [1], if you are looking at an open source product analytics platform

[1] https://github.com/countly/countly-server

Also my https://trackingco.de/, hosted for a very low price but also open-source.

Matomo is very complex. Trackingcode is simple, comparable to Fathom.

Google - google analytics vs piwik , hit the first result and you will realize matomo is nothing like analytics

unfortunately, matomo is harder than necessary to automatically deploy to containerized environments like heroku because they don't support the 12 factor principles [1]. a cynic might assume that this is because it would undermine their own hosted solution.

[1] https://github.com/matomo-org/matomo/issues/6223

(i would use matomo if they fixed this issue)

Or they just chose a very common pattern of keeping configs in files instead and haven't gotten around to support environment variables.

Probably not a conspiracy... given that you could fork it, implement this feature, and then PR it back to the main repo...

i looked into it about a year ago, and it would have required a rewrite of the (brittle) installer as well as supporting modules (that seemed to be dependencies of other parts of the system), not just extracting the configs into environment variables (which i did, but that didn't solve the problem). non-trivial, to say the least.

We use Matomo in containers, you can write configs with the incoming hostname and it works pretty well.

+1 for Matomo. I use it, it's great.

Matomo is really good. I use this.

I really like the idea of a non-intrusive analytics system that just shows you useful aggregate traffic data while maintaining the privacy of your site's visitors.

I experimented with using GoAccess (https://goaccess.io) on CloudFront logs instead of using Google Analytics. It gave me a lot of what I needed, without the overhead or intrusiveness of client-side code—and it provided a more complete view of my traffic because it isn't stymied by browser plugins that block tracking.

The downside was having to save the logs, periodically run it to generate reports, etc. It's not a lot of work, but it's more work than GA. I think CDN providers should just include managed analytics tools of this caliber as either part of the package or for a modest extra fee.

> web services do crappy things with that data. (Hey Zuck, how was Congress?)

Is this kind of snark really necessary in top marketing copy? I get what you are saying in terms of freemiums ins and outs, but I don't know if it should be my first impression to your company's message.

To each their own, just feels a bit cheap IMHO.

> (Hey Zuck, how was Congress?)

Well if you use the stock price of $FB as a proxy, Congress was no problem. In fact Facebook stock is at all time record highs. At the height of the media hysteria it traded down to $152, in the last 4 months it has rocketed up 33%.

This snark comes off amateur. Fathom is very very basic and minimal. No geo/location metrics. No browser metrics. No goals. No custom events.

author of that line here: i don't want to live in a world where companies can't have a little fun with some copy.

I suspected that most or all of HN basically agrees with your attitude vis-à-vis Facebook and data collection, including your critics here, but that's not the point. The point is that games have Rules, and when you break those Rules, it causes others to wonder where else you might be breaking them. This erodes trust very quickly.

Rules are made up by a consensus of the players. You've just been told by 3 people, 4 including me, that you broke the Rules. This means you broke them.

A landing page for a company is like a job interview. Certain things are expected. First impressions matter and you're on your best behaviour. Sure, you can wear bunny slippers to the interview and then complain that you don't want to work for that company anyway if you can't have some fun. But who's out of a job?

A little bit quirky might be OK - snarky is definitely not. I recommend changing your copy immediately, and reflecting on how better to gracefully accept constructive criticism from what should be your ideal target market in future.

fair enough, i'll update the copy now.

Potential customer looking for your exact service here, and that line comes across as distasteful and childish, no matter how much I agree with your intentions. Talk that way to friends over a pint, not on your corporate website. Or don’t, but I’m looking elsewhere.

I for one enjoyed the cheekiness and believe the copy sells the vision of the software quite well. Bravo.

As someone who agreed with both viewpoints, I think I can elucidate. The problem isn't that you're having fun with the copy, it's that it's just bad copy. It's a very cheap shot and feels petty.

I'm not a copywriter, but I think something like "We’ve become complacent in trading information for free access to web services, and then complain when they robotically testify before congress." would be an improvement.

Hey, author here (one of 2).

Whoa, I did not expect to see Fathom show up on Hacker News. It's very early but our plan is indeed to go down a similar road as Matomo, albeit more opinionated. Hopefully resulting in a simpler product in the long run.

I feel it's important to point out out that with Fathom, no personal information is tracked (or stored), at all. Only daily and hourly aggregates are stored on the server.

And yes, the demo should not require you to enter credentials. The simple reason is that I haven't gotten to polishing that experience just yet. Sorry.

> And yes, the demo should not require you to enter credentials. The simple reason is that I haven't gotten to polishing that experience just yet.

So long as credentials are required, it may be wise to change demo@demo.com to demo@example.com:



I love where you are going with this, I think this would be useful for a lot of people in marketing where Google Analytics is too much.

But are you concerned that GA will come out with an "overview panel" for dummies, that cuts into your appeal? Or do you have a plan to stay ahead if GA comes out with a view like this?

Thanks! We're not too concerned about that too be honest, we'll still be open-source with the ability to self-host after all. Something that Google Analytics will never offer.

Given the current state of Google Analytics, staying ahead in terms of simplicity shouldn't be an issue for a long, long time.

Or use the original self-hosted-at-scale open source solution, Snowplow (https://snowplowanalytics.com/). These guys have been solving self-hosted digital analytics for years now, and have consistently proven to be one of the best options for real-time digital data tracking, triggering, and analytics. Their qa/schema focus is especially nice in teams where multiple people are contributing data but you want to make sure that minimum data quality requirements are conformed to.

The only install instructions i could find, where to run a vagrant VM.

Would like to know how to deploy for production.

Reminds me of Guag.es https://get.gaug.es/ or https://haveamint.com/ if you want to dig into the crates a bit.

I was actually just looking into gauges and Fathom yesterday and tried to set it up. Fathom seemed a bit too early stage to run it myself so I'm going to wait a bit.

I was pleasantly surprised that when I looked into gauges that the interface looks modern (unlike the screenshots on the start page) so it seems that it changed hands and is actively being developed again. I used it a while ago when it was bought up by Github.

i miss haveamint! that's one of the reasons we're making fathom, there were decent + simple options before, so we wanted to take a stab at making one too.

Ok, I did my shameless self-promotion on the other thread, but I'll do it again here: https://trackingco.de/ is my take on doing something better than Gauges for a smaller price.

Out of curiosity, and as someone who has never used website analytics: why do we need a third party for this? Couldn't a bit of client side code + server side code do all the work these days?

You can self-host Fathom, I do.

It's very basic compared to Piwik, but it runs on PostgreSQL, my DB of choice, and it's written in Go, not PHP, which means it has higher performance and is more secure.

Hey, good to see you already running Fathom!

Just wanted to add that you can also use Fathom with MySQL or SQLite if that's more your cup of tea. It supports those 3 database engines right now.

Does it work with CockroachDB? It aims for compatibility with Postgres but there are some differences so some projects aren't compatible.

Go is not inherently more secure than PHP.

There's nothing stopping you deliberately writing unsecure Go code but it's harder to make errors that open up security holes in Go. For example, Go's shell exec is better than PHPs equivalent by default. https://golang.org/pkg/os/exec/

I'd actually have to do some searching to find out how to write unsecure Go code.

To save time, like most other SaaS.

You don't need it. Most SaaS applications are like 90% of the B2C market: It's for convenience.

Please check out https://matomo.org (former name Piwik) for open-source self-hosted website analytics (with server logs support)

Do you want a customer or a slave?

If you sell software, you have a customer that can do whatever they like.

If you provide SAAS you can tie in the user more and more.

that depends on if you offer data extraction to your users. If you intentionally make it impossible to users to take away their data when they leave, that's a shady move.

To save time. Same reason you use Sendgrid or any other SaaS

Not all websites are served from the same places.

This doesn't come even close to the type of data you can get from Google Analytics. It's nice as a free/open source service, but the power just isn't there. Even piwik/matomo is vastly inferior to what kind of data you can track and visualize in Google Analytics.

You're right - but that is also kind of the point. Personally I run an online business and I don't even come close to needing (or using) all the data that Google Analytics provides.

I think that for your average "offline" business, just throwing Google Analytics at it is major overkill. It may even cause the website owner to simply not look at their stats just because they don't know what to look for exactly.

This is the issue I've found with every open source product. I'm perfectly happy to pay for an analytics product, so the best I've been able to find is adobe Omniture. Unfortunately that's a 30 - 100k price tag. There is definitely a market for a powerful analytics platform at a reasonable price.

Since it sounds like you've tried a good number of options, what do you think about Mixpanel? We used it at the startup I used to work at and I mostly enjoyed it although we didn't go to deep.

mixpanel is neat but gets very expensive very quickly.

You should look at Snowplow (https://snowplowanalytics.com/) which offers a good amount of power and can be self hosted or run at AWS, and is fully open source. That being said, Adobe's product has truly "enterprise" scale, governance, and industry integration across many regions, and if you have that need, few products can really get you there.

Have you looked at Countly [1]?

[1] https://count.ly

What did you find that Adobe Omniture could do that that GA couldn't?

Can you expand on how much Matomo is missing compared to GA?

> "[Google Analytics is] assembling data profiles on your website visitors, which they can then use for better targeting of advertisements across their network."

I'm pretty sure this is misleading/false. I don't think Google uses Analytics data from your site to target AdWords on other sites.

Maybe it's true in a general sense that GA gives them lots of aggregate data which they can use to make smarter business decisions about other products including ads. But it is a myth that Google Analytics data feeds directly into any Google ad-targeting platform.

I think the main thing Google gets out of free-tier Analytics is it encourages small webmasters to pay attention to their traffic and makes it easy to demonstrate the value of buying ads from Google.

This may have been true at one point, but I don't think it's true anymore.




Interesting aside: Google Analytics customers are required to prominently state that their site uses Google Analytics. I suspect many, if not most, customers don't do this.

It's admittedly confusing, but I think I'm still right and that you may be conflating policies about other google services. From your second link, which is specific to Analytics, it says:

> What is the data used for?

> Google uses Google Analytics data to provide the Google Analytics measurement service to customers. Identifiers such as cookies and app instance IDs are used to measure user interactions with a customer’s sites and/or apps, while IP addresses are used to provide and protect the security of the service, and to give the customer a sense of where in the world their users come from.

I'm pretty sure GA data doesn't intermingle with AdWords targeting profiles in a default configuration.

I'm pretty sure GA data doesn't intermingle with AdWords targeting profiles in a default configuration.

If that was true, then Google wouldn't consider it a violation of its ToS for HIPAA-covered entities to use its analytics product.

"If you are (or become) a Covered Entity or Business Associate under HIPAA, you may not use Google Analytics for any purpose or in any manner involving Protected Health Information unless you have received prior written consent to such use from Google."

Source: https://support.google.com/analytics/answer/6366371?hl=en

I don't see how one thing follows from the other. GA is obviously not intended for storing Protected Health Information.

GA has per site unique cookies. It cannot very well build profiles that the conspiracy theories accuse it of.

As for the quotes terms, the same are there for any personal information (in my EU-based account at least) and you grossly misread it: it says you cannot send Google protected classes of information, not that you cannot use GA at all.

The reason is obvious: Google does not want to have any legal obligations from running GA. Same with forbidding storage of personal information.

I think it does, because I recall years ago their privacy policy explicitly saying that they don't use GA data for any other purposes. I don't have a source to back that up, but I've noticed that their privacy policy has grown to be somewhat labyrinthine since then, and I couldn't find that explicit statement anymore.

If you and I had a legal document that stated I owed you a box of cookies every week, and one day you noticed that clause was gone from our revised agreement, what do you suppose your odds are of getting any cookies from me next year?

I think I tried this a month or so ago. It looked great, except for the one fatal flaw that stopped me from actually deploying it: It doesn't support multiple sites per installation, and I don't want to have to deploy one server per site.

https://oribi.io does that and more.

Disclaimer - it's neither self hosted nor free (nor very expensive), and I was previously a part of the team that built it. I can honestly say no data is being sold to 3rd parties, as should be expected from a paid service.

We hear you. This is pretty much top on the list of things to add in the (very) near future!

If this works as advertised I just found my new favorite piece of software. Matomo is nice but way too complicated for my needs, and, as someone mentioned, adding a log analyzer can be a bit troublesome. This looks perfect!

No complaints about the little I can see of the service here, and the point of protecting the privacy of our users is well-taken.

But at the same time, stats packages have been available for year simply by parsing your server logs (awstats, etc). Old solutions still work, even if the problem space is evolving in new directions.

Haven't touched awstats for the best part of a decade. What is the new shiny on these server log tools?

Why is it that not one SEO organisation/company/snake-oil salesperson ever thinks to look at the server logs? One problem that Progressive Web App/server worker solves is catching those messages that don't get sent to Google Analytics and making sure they are sent. You would think that server stats offer a level of truthiness that SEO types would be interested in.

In theory you could do backend tracking, e.g. default server logs and not run cookies on the frontend until the site visitor does something requiring state, e.g. adding to cart. Then you could throw up the 'cookie notice' and aggregate their previous page visits to get the data needed to see where the sales funnel is working, even de-anonymising it so you know more about a given customer and their browsing habits.

> Why is it that not one SEO organisation/company/snake-oil salesperson ever thinks to look at the server logs?

When you're hosted on S3, etc, you don't get access to the logs.

For larger sites which are hosted across a number of webservers, behind a load-balancer, getting a unified access-log is also a little fiddly.

But I guess the honest answer is that it's not trendy enough these days. With Javascript submission of "stuff" you get much more data about your visitors than you can glean from the server-side logs.

> Want to see a demo of Fathom? View our live stats here (user: demo@demo.com, password: demo)

This is UX feedback from a lazy user. Why make me type in a login and password? Especially one that I have to remember from the previous screen?

It's trivial effort to just setup an auto login based on some query string parameter right? As in, url?demo=true results in either populating the login/password fields so all I have to do is hit the button, but then it's also trivial effort to just add in some JS that triggers the button for me, thus auto login.

I always struggle with this type of response on UX issues. They always seem to think the 'how' is important, and that the length of time that takes is also important.

It's not.

You don't need to explain how to do it, you don't need to make an argument on time to implement - unless the time to implement is insanely high.

Use the language of business: You are losing prospects by creating work for them. Resolving this will help your sales funnel. Over time this could be worth substantial revenue, and contribute to the ultimate survival of your product. That is worth a lot more than how long it takes to implement or how to do it.

I've found in most (all?) aspects of my life, trying to tell other people how to deliver feedback is usually the wrong approach. The better thing is to take the feedback regardless of how it's delivered and learn to interpret. Things are implied. Feedback on A, may actually be point at a problem with Z. Sometimes the correct way to interpret is to discard. The source of feedback is not going to connect those dots for you.

That said, I see your point but I will try to defend mine. Your language of business sentence is basically implied by the pure existence of my complaint right? Should I have to type every implication out in order to provide any feedback? And this being a tech place for tech people I wanted to emphasize how simple it would be to correct (I don't really even know if the creator/app owner is reading, so it's more of a general feedback for other people who build products.) Highly subjective either way. Hell, the app owner could argue they don't care about people that don't manually type in the info because they're not really potential customers. I don't know if I'd fully agree, but it could be a form of lead qualification in which your business language feedback would not hold weight. It's at least somewhat true, because I was just curiously kicking the tires. I have no use for this product.

Apologies it was directed, I did mean it more as a generalization and it didn't come across that way sorry. Off for the morning coffee now :)

No worries, feedback is such a highly subjective topic

Sorry, just have to do this..

--- I always struggle with this type of response on feedback. They seem to think that how feedback is given is important, and that the phrasing also is important.

They don't need to explain the business impact, you don't need to use the perfect words, unless it's insanely subtle.

Use the language that takes the least amount of time and effort. We don't want you to forego on giving feedback, since that may push you to not give feedback at all, resolving in substantial lost in quality, and contribute to the ultimate destruction of your product. The fact that you share insightful feedback is a lot more important than the exact words.

-- It's the job of the business people to listen and analyze the business impact of things.

As a counterpoint, having to log in makes it feel more like a real live demo, and not some mockup from the marketing department.

I think auto-fill would strike a good balance here.

After all, I want login screens to look nice and come up fast, too.

while i 100% agree with you that our demo (hi! i'm author 2/2 of this software) should just log you in without asking for credentials... we're 100% focused on the product right now, and being near the top of HN was a huge surprise to us as well.

we are working on ironing out the UX of our site (it's a single column of text, that we whipped together in an hour, so we could focus on building the software). so it's completely a work in progress at this particular moment.

I clicked through the linked page, and it's not clear to me how to actually add analytics to my site? The instructions in the repo direct me to launch a golang daemon for what appears to be the dashboard.

It would be awesome to have a more cohesive example. Is this reading log files? Or using client-side JS? If the latter, do I have to have the Fathom server internet-facing so that the JS can report in?

My own Redistats [0] is not open source but a good alternative and has a good privacy policy [1]. It is the only stat tracker I use for my sites.

[0] https://redistats.com/ [1] https://redistats.com/privacy-policy

So freepdfs.org is 404 at the moment.

Thanks, explains the dip in traffic of the home page.

#Bug report Data doesn't include selected end date.

[STRs] In top right, select 7/8 as start date and 7/10 as end date.

[Expected] Displays data for 7/8, 7/9, and 7/10.

[Actual] Displays data for 7/8 and 7/9 only.

Just a wild guess, but it's probably filtering from 2018-07-08T00:00:00 to 2018-07-10T00:00:00 (instead of ending at 2018-07-10T23:59:59).

I'm guessing the same, but it's still not expected behavior.

Confirmed. Thanks for reporting!

Happy to help :-)

In a future release, I highly recommend keeping the simplicity by allowing people to browse the basic stats page without requiring JavaScript. Other than that, it is a great project.


Can you elaborate a little bit on the use-cases where this would apply? I can get into the idea that tracking would ideally not rely on JavaScript, but the dashboard? Surely the administrator can enable JavaScript for their Fathom dashboard, right?

For security reasons, we keep JavaScript disabled even when browsing our own websites (which are ran on remote servers). If it was locally developed, it wouldn't be a problem to have JavaScript enabled.

Also, as a side effect, it's considerably faster browsing the internet without JavaScript enabled.

This gives me an appreciation for the "lurkers" on HN. This post has 109 points and 53 comments, right now, and on their stats demo it shows 2,770 unique views from hacker news.

Fair or not I kinda want to blame the lurkers every time I see a post skyrocket quickly that has a flashy title but the content is bad and all the comments point out how bad it is....

Yay lurkers!

Boo lurkers!

Also, note that HN links appear in a lot more places than the HN homepage. For example, there are countless Twitter accounts that automatically tweet HN links above some number of upvotes.

Nice to see another system available for this. The only other I knew of was Piwik (which now I see is Matomo).

Why not use GoAccess and a cron job? That works for me even when the client has ad/script blockers.

I second that. It works for me as well even when the client has ad/script blockers.

Well my first thought was, wait, what if this is a trojan horse? Like, what if a big evil tech giant was behind this and this started all 100% ok but it was/is a trap? And even if it’s not a current evil tech giant behind this, what if fathom becomes google over time?

It's open source. You can review the code.

Looks interesting, will try it out.

Is there a roadmap or planned features page for fathom?

Hey, not yet but we're planning on setting up a public roadmap on Trello, like how JSFiddle does it.

[1] https://trello.com/b/LakLkQBW/jsfiddle-roadmap

Shocker how may of you don't have DNT enabled. >:]

Hah, I thought of that too when I saw the stats. Surely HN readers all have DNT enabled?!

That said, I am now wondering what the numbers would have been like if we did not honor DNT...

Does it even make a difference anymore?

I suppose that depends on us.

is this trustworthy ? how it is free and does not collect user information. so what it gets for providing us this service for free ?

It is self hosted

how is it able to handle cost of self-hostin cost ?

It means that you can install it in your own server, be it physical, colocated, rented or anything else. So you're the one paying for the infrastructure but you're also in control of your data.

No mention here about snow plow?

> The problem is this: if we aren’t paying for the product, we are the product.

This quote keeps living on endlessly. It's based on a naive and terribly over-simplified view of the internet, 'free' products, and capitalism in general. TLDR: Consumers aren't the product if the product would not exist without customers, and customers wouldn't be on the product unless it provides them value.

Not to mention publisher web analytics, such as this, are rarely being used to target ads. That is a completely different .js file (still) being embedded alongside the analytics.

I'm all for privacy but it's important to be accurate about this stuff. No major newspaper or free site is going to stop 'making their visitors the product' by switching to a privacy-first web analytics product. FB has accomplished equally as much as Google Analytics without providing any analytics service.

I don't think it's naive or oversimplified. If you don't pay for the product, then someone is paying for the product - either it's taking a loss (venture capital burn, self hosting), another person is paying for it (donations, freemiums) or your data is being used for profit.

If your data is used for profit, you and your data is what the company sells to other people. By definition you are the product.

Whether that's a bad thing depends on your view, but to me it means the product I use is skewed towards the needs of the people who pay, which often have demands that aren' in my best interest.

>If your data is used for profit, you and your data is what the company sells to other people. By definition you are the product.

The reason this is naive and oversimplified is that, say, Google, does not sell your data. Your data is their competitive advantage and they have every reason to not sell it. There is no service Google provides where someone can go in and request your data or access it.

Advertisers are generally not buying you, or your data, they are buying access to your attention based on the data a third party has about you, but not the data itself.

Selling your information is a different business model (think insurance, credit reports, LexisNexis and so on) and is usually not what's under discussion when this thought-terminating cliché gets used.

does not sell your data

Depends on how you define sell.

Advertisers pay to use the Google's collected data about people in order to better target their ads. This happens through Google's advertising channels (Doubleclick, AdWords, etc...)

Money changes hands. Personal data is involved. Sounds like selling to me.

Perhaps you should say "Google does not directly sell copies of your data," instead. But there is indeed a transaction involving personal data.

It's still a dishonest and reductive thought-terminating cliche, because it intentionally misrepresents the nature of the transaction.

Your data never leaves Google, nor can third parties acces it. Google is not selling your data. QED.

If my attention is the product, let's just simplify that to "I am the product".

If I use an adblock on desktop platforms, have YouTube premium to block ads, do I really have attention being focused on ads more than a passing glance as I scroll through the internet on my phone?

I just repeated the parent comment's premise. If that premise doesn't hold, congratulations. You are paying for YT premium: that makes you the customer.

I agree that it's simplistic, but it captures the fact that organizations need money to survive. Yes, companies offering "free" products have to serve two masters: the ones who use the product, and the ones who pay the bills. For many, the temptation will be strong to maximize profits as far as possible without completely losing the users. Facebook has been in the news a lot because of this very thing.

I think the core of this statement really is that if the users and funders of a product are the same, their interests are much better aligned.

jarod lanier and ezra klein talk about this in a recent episode of klein's show: companies can become more durable and much more aligned with the needs of their customers if they get paid directly by those customers (instead of selling those customers and making money off a third party, like advertisers).

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact