I operate a service that measures this (see another comment on this discussion), and all I'll say is you'll be very surprised how many bots actually execute JS, especially stealth bots. You have to be careful either way.
I don't have access to the raw log files from the customers, so can't give you a percentage. All I'll say confidently is that my service processes a lot of bot traffic that needs to be filtered out before reporting.
BTW, are you the same Peter Hartree on this Segment thread? https://community.segment.com/t/1889n1/how-common-is-client-... It would appear we've crossed paths before on this topic. Please do email me if you want to talk properly. That Segment thread has my email.
There is an --ignore-crawlers option that works well for me. Next thing I'll try to get working is to have the --ignore-referer=<referer> option parse Piwik's referer spam blacklist https://github.com/piwik/referrer-spam-blacklist
Yes but remember that bot traffic may be more of an issue when analysing server side logs (a lot of bots still don't execute JavaScript).
It's hard to know how effective the bot filtering features in GoAccess are compared with those of Google Analytics.