Personally, I mostly use tf on apache https access_log files and have used the default space-separation. This mostly works, but sometimes not, see the two following lines:
In the first one, the target URL is (space-separated) field number 7. In the second one, which I believe represents someone connecting to the server and not doing anything till it times out, there is no HTTP verb and field 7 is the HTTP status signaling timeout.
If topfew could recognize quoted fields, then field 6 in the first example would be GET /ongoing/ongoing.atom and in the second would be -, which would be more correct from the point of topfew processing. So I think there needs to be a -q option, or some such, to ask topfew to process quote-delimited space-separated fields properly.
timbray
commented
6 months ago
Personally, I mostly use tf on apache https access_log files and have used the default space-separation. This mostly works, but sometimes not, see the two following lines:
In the first one, the target URL is (space-separated) field number 7. In the second one, which I believe represents someone connecting to the server and not doing anything till it times out, there is no HTTP verb and field 7 is the HTTP status signaling timeout.
If topfew could recognize quoted fields, then field 6 in the first example would be
GET /ongoing/ongoing.atomand in the second would be-, which would be more correct from the point of topfew processing. So I think there needs to be a-qoption, or some such, to ask topfew to process quote-delimited space-separated fields properly.