* varnish log (very small buffer, not permanent)

* varnishkafka

* kafka (small buffer, I think 7 days)

* camus

* refine process (we use IPs at this point to geolocate)

* webrequest table on hdfs (this is the first time they're stored on permanent media, for 60 days)

* other datasets like hourly pageviews aggregates, (IPs are not passed on to these)

So if we wanted to not store them in kafka buffers even, we'd have to give up geolocating.  I think a lot of people find this very useful (fundraising, research, ops, reading), so it's unlikely to be removed.

I don't have as clear a reason for why we store the plain IP in webrequest.  I think we could count uniques and all that other stuff with the IP hash.  It's a good question, tentative +1 unless I'm forgetting something.  But even so, it's not so bad, it's only stored for 60 days and we have no other plain IPs anywhere else (like we removed them from Event Logging for example).