#GDPR question (maybe for @aeris?):

I'm renting some web hosting (the German Netcup), and it turns out that nginx/apache logs include the IPs of the incoming accesses.
As is, it is really wrong, but would it be right if I have a very periodic cron job that strips the last segment of the IP address?

I would see the forest, but not the trees, which would help quite a bit for monitoring potential attacks, or general service usage.