#separator \x09
#set_separator	,
#empty_field	(empty)
#unset_field	-
#path	ssh
#fields	t	id.orig_h	id.orig_p	id.resp_h	id.resp_p	status	country
#types	time	addr	port	addr	port	string	string
1324314328.196443	1.2.3.4	1234	2.3.4.5	80	failure	US
1324314328.196443	1.2.3.4	1234	2.3.4.5	80	failure	UK
1324314328.196443	1.2.3.4	1234	2.3.4.5	80	failure	BR