1. What questions are you trying to answer?
2. What options have you looked at?
3. What do your logs look like?
My experience with log analysis is that everyone wants something different. Some want basic metrics and dashboarding, others are looking for security and information disclosures, and others are doing... well, everyone wants something different.
My personal experience is that metrics give 90%+ of what I generally want: Call Rates, Latencies, Faults, Errors, Throttling and Tarpitting, etc. The only time I find the need to dive into logs is to pull error traces from machines.
Cheers,
Chris