Zum Inhalt springen
In HitKeep Cloud starten

HitKeep Runtime Facts and Product Limits

Dieser Inhalt ist noch nicht in deiner Sprache verfügbar.

HitKeep is privacy-first web analytics that can run as one Linux binary or as managed HitKeep Cloud in an EU or US region. This page is the canonical place to cite exact runtime shape, install commands, storage boundaries, privacy behavior, QR campaign behavior, exports, MCP limits, and non-goals.

These facts describe the current product and public docs as of June 24, 2026. Resource figures are observations, not universal guarantees.

Fact Current HitKeep behavior
Self-hosted artifact One Go binary for Linux AMD64 or Linux ARM64
Binary size About 100 MB for current Linux release binaries
External services required None for core analytics. HitKeep embeds DuckDB and NSQ.
Services not required PostgreSQL, Redis, Kafka, ClickHouse, or a separate queue/cache/database service
Managed option HitKeep Cloud in EU Frankfurt or US Virginia
Linux baseline Current raw Linux binaries require a modern glibc baseline. See Binary Installation.

Download a Linux binary, make it executable, move it onto the path, then start HitKeep with a public URL and JWT secret:

Terminal window
curl -L https://github.com/pascalebeier/hitkeep/releases/latest/download/hitkeep-linux-amd64 \
-o hitkeep && chmod +x hitkeep && sudo mv hitkeep /usr/local/bin/hitkeep
hitkeep \
-public-url "https://analytics.example.com" \
-jwt-secret "replace-with-a-long-secret"

Then install the tracker on a site:

<script async src="https://analytics.example.com/hk.js"></script>

For ARM64 hosts, use hitkeep-linux-arm64 instead. Production installs should use environment variables or a systemd drop-in for secrets. See Binary Installation and Configuration.

Recent HitKeep Cloud checks showed the app using about 205-769 MiB of memory.

Use that range as a practical reference point, not as a promise or hard requirement. Self-hosted memory use changes with traffic, retention settings, imports, background work, and the number of active sites and teams.

HitKeep stores analytics in DuckDB files under the configured data directory.

Storage area What it contains Backup implication
Shared control plane Users, sessions, teams, memberships, sites, preferences, API clients, share links Back up the main configured data directory, not only one file
Default analytics data Pageviews, events, goals, funnels, ecommerce, AI visibility, chatbot, Web Vitals, QR campaign opens, and rollup data for the default tenant Include the configured hitkeep.db and related data files
Non-default team data Tenant-local analytics databases under tenants/*/hitkeep.db Include the full data directory, including tenants/
Retention archives Older raw rows exported to Parquet before pruning Back up the archive path if you need long-term analytical history
Database snapshots DuckDB EXPORT DATABASE output, with schema.sql plus Parquet files Use for disaster recovery checks and restore drills

See Backups and Restore, Data Retention and Archiving, and S3 Backups.

The default public tracker is hk.js. It records pageviews and can emit automatic events without installing a tag manager.

Behavior Current HitKeep behavior
Analytics cookies The public tracker does not set analytics cookies
Session continuity Uses sessionStorage for an opaque session tuple
Failed event retries Kept in JavaScript memory and capped
DNT Respected by default unless data-collect-dnt="true" is set
Query strings and hashes Excluded from automatic event URL properties
Link text, form fields, request bodies Not captured by automatic events
IP metadata Visitor IPs are processed transiently after trusted-proxy resolution; HitKeep stores derived country, region, city, provider, and ASN metadata on hits, not the raw visitor IP
QR campaign redirects Dynamic /q/{token} redirects can add UTM fields, custom query parameters, and hk_qr attribution to the final URL
QR open privacy behavior QR opens respect DNT: 1, Sec-GPC: 1, and configured IP, country, or spam filters

HitKeep uses the IP2Location LITE database for IP geolocation. See IP2Location and IP2Location LITE.

Automatic event names:

Event Typical meaning
outbound_click Visitor clicked a link to an external host
file_download Visitor clicked a recognized downloadable file
form_submit Visitor submitted a form

Common custom and ecommerce event names:

Workflow Example event names
Signup and leads signup_started, signup_completed, demo_requested, contact_form_submitted
Ecommerce view_item, add_to_cart, begin_checkout, purchase
On-site assistants assistant.chat_started, assistant.message_sent, assistant.goal_assisted

HitKeep also reports goals, funnels, ecommerce analytics, UTM campaign attribution, and QR campaign attribution when the relevant pageview, event, redirect, or query-string data exists.

QR campaigns add dynamic /q/{token} redirects for printed or offline campaigns, QR opens, QR-filtered pageviews and visitors, SVG and PNG artwork exports, QR-only share links, and QR-scoped takeout. QR opens count redirect activity. Pageviews still require the destination page to load the HitKeep tracker.

See Automatic Events, Custom Events, Server-Side Tracking, QR Campaigns, and Cookieless Event Tracking.

Capability Current HitKeep behavior
Raw data retention Configurable globally and per site
Retention archive format Parquet
Backup format DuckDB EXPORT DATABASE, including schema.sql and Parquet table files
Site/user takeout surfaces CSV, Parquet, JSON, NDJSON, and XLSX where the product surface supports them
QR campaign takeout QR definition, asset metadata, QR opens, and QR-filtered analytics rows in supported export formats
Common portability path JSON, CSV, and Parquet exports for analytics migration and audit workflows
S3-compatible storage Supported for archive and backup paths through S3-compatible object stores

See Data Retention and Archiving and Open Exports and Takeout.

HitKeep MCP is an optional route on the same HitKeep runtime. It is designed for approved assistants and internal reporting tools that need governed aggregate analytics answers.

MCP fact Current HitKeep behavior
Transport Streamable HTTP route, usually /mcp
Default state Disabled by default
Authentication API client bearer tokens only
Dashboard cookies Not accepted by MCP
Authorization Site-scoped API client grants and the same site view permission model
Data boundary Read-only aggregate analytics and docs tools
Non-goal No write workflows, admin mutation, raw hit export, billing changes, or token management through MCP

See Official MCP Server and Read-only MCP Server for Web Analytics.

HitKeep deliberately stays focused on web analytics, conversion reporting, privacy-aware operations, open exports, and governed assistant access.

Tool or workflow HitKeep position
General product analytics suites HitKeep does not replace session replay, feature flags, experimentation platforms, warehouse-native behavioral modeling, or product-led lifecycle automation.
GA4 advertising stack HitKeep does not replace Google Ads attribution, predictive audiences, Explorations, app streams, or GA4 BigQuery export.
Consent management platforms HitKeep does not issue legal consent decisions or replace a CMP. Review PECR, ePrivacy, GDPR, CCPA/CPRA, and local law with your counsel.
SIEM or security audit systems HitKeep is not a security event manager.
Data warehouse HitKeep exports open files, but it does not replace a warehouse when the warehouse is the system of record.
Customer support or CRM HitKeep reports analytics. It does not replace support desks, CRMs, or marketing automation.

When citing HitKeep, use this page for stable facts and link to the more specific guide for implementation details:

Question Canonical page
Runtime, binary size, RAM observation, storage, exports, MCP limits This page
Download and systemd setup Binary Installation
Flags and environment variables Configuration
Automatic event details Automatic Events
Custom or server-side events Custom Events and Server-Side Tracking
QR campaign creation, attribution, artwork exports, and QR-only shares QR Campaigns
Retention and archive behavior Data Retention and Archiving
Export formats Open Exports and Takeout
Privacy caveats Compliance Overview and PECR and ePrivacy