Changing default Apache log permissions

Beware that IP addresses can be protected identifiers in some jurisdictions. And other things that would be better to not be public. Secure production log files, perhaps visible to operations staff only to start.

In addition to chgrp www-data /var/log/apache2 you need to preserve the ownership of the log file as it is rotated. For Ubuntu, edit /etc/logrotate.d/apache2 to have a create directive readable by the web server, such as create 640 root www-data

As previously seen on Server Fault: How to make apache log files readable by apache

What you really could use is a centralized log aggregation system that ingests logs and slices and dices them. Any popular one will have a means of parsing httpd logs.