I'm trying to obtain debug output of
- what "find" does
- compared to what happens on the network (tshark)
Therefore I want to run these commands in parallel and have output meticulously sorted by time.
I do this:
{
stdbuf -oL tshark -tad -l -n -s 9999 host x | ts '[TSRK %Y-%m-%d %H:%M:%.S]' &
sleep 5
stdbuf -oL find . -type d 2>&1 | ts '[FIND %Y-%m-%d %H:%M:%.S]' &
} >/root/out
Major problem: Tshark output is lagging
# stdbuf -oL tshark -tad -l -n | ts '[TSRK %Y-%m-%d %H:%M:%.S]'
[TSRK 2021-08-18 17:40:56.206744] 2 2021-08-18 17:40:55.477802058 00:04:96:xx:xx:xx → ff:ff:ff:ff:ff:ff ARP 64 Who has 172.31.x.x? Tell 172.31.x.x
Compare the timestamp of ts ([TSRK 2021-08-18 17:40:56.206744]) to the one of tshark (2021-08-18 17:40:55.477802058)
Output is lagging behind.
The combined log outputs the result of find before showing the output of tshark.
While - clearly - network activity must precede the result of find.
I've also tried parallel
parallel --line-buffer ::: \
'stdbuf -oL tshark -tad -l -n -s 9999 host x | ts "[TSRK %Y-%m-%d %H:%M:%.S]" ' \
'stdbuf -oL find . -type d | ts "[FIND %Y-%m-%d %H:%M:%.S]" ' \
>/root/outpar
but the outer tool doesn't seem to fix what's obviously wrong with the inner tool... The result is the same.
How do I do this correctly?
