Analytics that respect
user privacy.
Prabisha Analytics is a privacy-first analytics service. A lightweight browser SDK, a secure ingest API, and a powerful dashboard that shows you exactly what your users are doing, with no third-party data sharing.
SDK
Install once.
Track everything.
Drop the SDK into any JavaScript or TypeScript project. Pageviews are captured automatically on load and on every SPA navigation. Custom events take one line. The queue flushes in the background — your app is never blocked.
Auto pageviews — Fires on window load, pushState, replaceState, and popstate
Deduplicated — Tracks pathname + search. Hash changes are ignored.
Safe by default — SDK never throws. All storage access is try/catch wrapped.
Retry on failure — Single retry on 5xx or network errors. 4xx are dropped silently.
// 1. Add to your HTML <head> <script src="https://api.prabisha.com/sdk/browser.js" data-api-key="your_project_api_key" data-enabled="true"></script> // 2. Track custom events anywhere window.vyzora.track('upgrade_clicked', { plan: 'pro'});
What you get
Built for production. Designed for clarity.
No feature flags behind paywalls. No data sold to advertisers. Just a clean analytics stack that does exactly what it says.
Zero-config instrumentation
Install vyzora-sdk, pass your API key, set enabled: true. The SDK auto-collects pageviews, wraps SPA navigation, and batches events client-side — no additional setup required.
- Auto pageviews on load & SPA nav
- 10s flush interval by default
- sendBeacon + fetch fallback
Project-scoped API keys
Each project is issued a 64-character cryptographic key. Every ingest request is validated against your database. Missing or revoked keys are rejected with 401 before any write occurs.
- crypto.randomBytes(32) key generation
- Revoke anytime from dashboard
- Project cascade-deletes events
Visitor & session model
Visitor IDs (vyzora_vid) persist in localStorage and never rotate. Session IDs (vyzora_sid) expire after 30 minutes of inactivity. Both are UUID v4 — stable, anonymous, and under your control.
- localStorage with silent fallback
- 30-min inactivity rotation
- identify() for known users
Aggregated metrics API
Query pageviews, unique sessions, top pages, event counts, and daily trends via a single REST endpoint. Supports 1d, 7d, 30d, 90d ranges. All queries validate ownership before returning data.
- GET /api/projects/:id/metrics
- 4 time-range options
- Indexed on (projectId, createdAt)
How it works
SDK → API → Database → Dashboard
Every layer is built for privacy and performance. You get real-world insights without ever compromising your users' data or project security. Nothing is sampled. Nothing is sent to a third party.
Instrument
vyzora-sdk (Runtime SDK)
The SDK collects events, manages visitor and session IDs in localStorage, and buffers them in an in-memory queue. It flushes on a 10-second interval, on batch-size overflow (20 events), on tab hide, and on page unload — using sendBeacon when available.
Ingest
Express + Prisma + PostgreSQL
The backend receives batched event payloads at POST /api/ingest. It validates the API key against the project table, runs Zod schema validation on each event, and bulk-inserts into PostgreSQL. Invalid keys are dropped at the controller level — they never touch the ORM.
Analyse
Next.js Dashboard
After GitHub OAuth login, you see aggregated metrics for each project: total pageviews, unique sessions, top pages, top events, and a daily trend chart — all queried from PostgreSQL in real time. Each metric query validates project ownership before returning data.
Tech stack
Boring stack. Predictable behavior.
No custom runtimes or novel abstractions. Every component is a standard tool you already know how to operate.
Runtime SDK
TypeScript · ESM/CJS · sendBeacon + fetch transport
Backend
Express · TypeScript · Prisma ORM · Zod validation
Database
PostgreSQL · indexed on (projectId, createdAt)
Dashboard
Next.js App Router · GitHub OAuth · JWT (HttpOnly cookie)
Rate Limiting
express-rate-limit · per-route policies
Auth
API key (ingest) · JWT + cookie (dashboard)
Get started
Your data. Your server.
Log in with GitHub, create a project, and initialize the SDK. Events start landing in your dashboard in under five minutes.
No credit card. No data sharing. Enterprise-grade uptime and security.