Bug#1017804: ITP: pw -- interactively filtered pipe watcher
Package: wnpp
Severity: wishlist
Owner: Antoine Beaupre <anarcat@debian.org>
X-Debbugs-Cc: debian-devel@lists.debian.org
* Package name : pw
Version : 2
Upstream Author : Kaz Kylheku
* URL : https://www.kylheku.com/cgit/pw/
* License : BSD-2
Programming Lang: C
Description : interactively filtered pipe watcher
pw can monitor anything that produces textual output. tail -f
/var/logfile, tcpdump, strace, ...
pw does not show you everything. Of course, it reads all the data, but
it does that in the background. It continuously pumps lines of input
through a small FIFO buffer. This buffer is sampled, and the sample is
displayed. When that sampling occurs is controlled in various
interactive ways. What goes into the FIFO can be filtered and the
filters can be edited interactively.
With pw you can:
* Interactively apply and remove filters on-the-fly, without
interrupting the source.
* Make recurring patterns in the stream appear to "freeze" on the
screen, using triggers.
* Prevent the overwhelming amount of output from a program from
flooding the terminal, while consuming all of that output so that
the program isn't blocked. pw can pause its display updates
entirely.
* Juggle multiple shell background jobs that produce output, yet
execute indefinitely without blocking. When pw runs as part of a
shell background job, it continues to consume input, process
filters and take snapshots, without displaying anything. When put
into the foreground again, display resumes.
For instance the command "tcpdump -i <ethernet-device> -l | pw" turns
tcpdump into an interactive network monitoring tool in which you can
use the dynamic filtering in pw to select different kinds of packets,
and use the trigger feature to capture certain patterns of
interaction.
pw is like an oscilloscope for text streams. Digital oscilloscopes
sample the signal and pass it through a fifo, which is sampled to the
oscilloscope screen, and can trigger the sampling on certain
conditions in the signal to make waveforms appear to stand still. pw
does something like that for text streams.
----
I am rather intrigued by this program. It's the sort of "swiss army
knife" kind of tool that kind of makes no sense until you find a
purpose for it. I've been trying to figure out where this tool fits in
my toolbox and, just today, I was trying to find out what this silly
Purism Librem firmware upgrade tool was doing in the background, with
`ps axfu`. But I was having all this garbage out there, and it was
hard to filter things out properly. I might have been able to pull
something out with `watch`, but I think pw might have been better for
this particular case. I'm also quite interested in using it to analyse
logs or packet dumps during attacks or outages.
Another similarly named package, already in Debian (and maintained by
yours truly) is `pv`, the "pipe viewer". But it has a completely
different function; whereas pw shows you the content of the pipe in a
specific way, pv just counts lines or bytes going through it,
specifically without showing you its content.
There is another tool similar to "watch" that overlaps with this a
little bit:
https://github.com/sachaos/viddy
... it's basically the "watch" command with history. It supports
searching (which pw does, and probably better) and going back in
history (which pw does not). I had a hard time finding that package
name again, for what that's worth...
I suspect I could also forget the name `pw` quite quickly, but by
packaging it, I guess I'm more confident I will forget it less. :p
Probably the worst reason to package something ever, but there you go,
that's how I ended up maintaining pv in the first place, so probably
that means.. uh... something good something.
Reply to: