In addition, if there is a duplicate host, I'd also like to keep the fields of the latest. Here's an example:
Host Date Source Label
198.162.1.1 1:00:54 198.162.4.5 A
198.162.2.1 3:32:54 198.162.4.5 Q
198.162.1.5 7:33:22 198.162.4.5 B
198.162.2.1 5:50:49 198.162.4.5 R
The output would be
Host Date Source Label Count
198.162.1.1 1:00:54 198.162.4.5 A 1
198.162.2.1 5:50:49 198.162.4.5 R 2
198.162.1.5 7:33:22 198.162.4.5 B 1
Since there are two occurrences of the second host, we only want to keep the information of the latest instance.
↧