#need to source this script so that $COLUMNS available
#Note -n10 is an implicit option, which one can override.

deny="`tput bold; tput setaf 1`" #bright red
high="`tput bold; tput setaf 3`" #bright yellow
norm="`tput sgr0`"

tail "$@" -s.1 -f access_log.pb |
grep -Ev --line-buffered -f agents_to_ignore -f files_to_ignore |
sed -u "s/\(.*\) - \[[^]]*\]\(.*\)/\1\2/" | #strip some fields
#make google searches easier to interpret
sed -u \
's#\(.*\) "http://www\.\(google\.[^/]*\).*[?&_]q=\([^&"]*\)[^"]*"#\1 "\2 (\3)" #' |
#strip common redundant info
sed -u 's/ HTTP\/1.[01]//;
        s/.NET CLR [0-9.]*//g;
        s/Gecko\/[0-9]*//;
        s/rv:[0-9.]*//;
        s/Mozilla\/[0-9.]* //' |
sed -u "s/^/        /; s/^ *\([ 0-9.]\{15,\}\) -/\1/" | #align IP addresses
sed -u "s/^ *\([0-9a-f:]*\) -/\1/" | #ipv6 is different
sed -u "s/\(.\{$COLUMNS\}\).*/\1/" | #keep to width of terminal
#highlight referrer column
sed -u "
s/\([^\"]*\"[^\"]*\" \)\(30[17]\)\( [0-9]* \"\)\([^\"]*\)\(\".*\)/\1$deny\2$norm\3\4\5/;t;
s/\([^\"]*\"[^\"]*\" 40[34] [0-9]* \"\)\([^\"]*\)\(\".*\)/\1$deny\2$norm\3/;t;
s/\([^\"]*\"[^\"]*\" [0-9 -]* \"\)\([^\"]*\)\(\".*\)/\1$high\2$norm\3/;t;
"