[JoeD]

Quick comment on the file sizes, there's a chance the logs are compressed and uncompressed (zless) on the fly to read. It's common for a 1MB log to compress to 50-60KB gzip'd (30-40KB bzip'd although don't think zless supports those).

I've checked the apache log for my internal server, it's currently at 6MB (180KB when compressed) and the earliest entry is mid February. That's a low activity server that is accessible only via the LAN. I wouldn't be surprised that a public accessible apache would have much greater log sizes, even if it's used infrequently just with all the worms/automated exploit attempts that will appear in it.

In terms of web access, if you combine all the people who use our connection, we visit many more websites than I access the apache server. When you consider connecting to a single website and loading one page can result in tens of connections entering the log (image loading, ad access, pulling in scripts, css...) the logs generated for even a home user are going to be pushing routers that don't have dedicated space for logs. So, I would take an educated guess that if my router did log all access, the logs would be significantly > 6MB (per month).

If you've SSH to access the logs, that still implies you're running some sort of command on the router as most routers that allow telnet or ssh support multiple configuration commands once connected. What router model do you have and what is it you've executed to view such detailed logs?

The only way I can get long term logs out of my router is to configure it to log to an external server that supports syslog.

I'm sure there are routers available with plenty of space for logging even in high usages areas, however I doubt most consumer routers will come with more than a token amount of space.