#separator \x09
#set_separator	,
#empty_field	(empty)
#unset_field	-
#path	ssh
#open	2012-07-20-01-49-20
#fields	t	id.orig_h	id.orig_p	id.resp_h	id.resp_p	status	country
#types	time	addr	port	addr	port	string	string
1342748960.468458	1.2.3.4	1234	2.3.4.5	80	success	unknown
1342748960.468458	1.2.3.4	1234	2.3.4.5	80	failure	US
1342748960.468458	1.2.3.4	1234	2.3.4.5	80	failure	UK
1342748960.468458	1.2.3.4	1234	2.3.4.5	80	success	BR
1342748960.468458	1.2.3.4	1234	2.3.4.5	80	failure	MX
#close	2012-07-20-01-49-20