Many questions can be answered by looking at the change in the output of a single program.
- Did that puppet run change the firewall correctly?
iptables -L -n - What files in /var/log were written to as a result of my ssh connection?
ls -al /var/log - Did something change in this tree of files?
tree -as
Sometimes looking for the differences is easy, but it can be difficult if there are many lines or the differences are in multiple places. outputdiff helps out with the problem by capturing the output and storing it in a git repo for later comparison. When new output is given, a diff is shown if there were changes.
For a puppet run that adds a firewall rule allowing access to port 8080:
$ sudo iptables -L -n | outputdiff --new
INFO: Initialized new capture.
$ sudo puppet agent --test
... snip ...
$ sudo iptables -L -n | outputdiff --compare
diff --git a/output b/output
index 77caab4..c2b4cf4 100644
--- a/output
+++ b/output
@@ -3,6 +3,7 @@ target prot opt source destination
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 /* 000 accept all icmp */
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 /* 001 accept all to lo interface */
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 /* 002 accept related established rules */ state RELATED,ESTABLISHED
+ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 8080 /* 200 INPUT allow all to high http ports */
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80 /* 200 INPUT allow all to http ports */
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22 /* 200 INPUT allow all to ssh ports */
DROP all -- 0.0.0.0/0 0.0.0.0/0 /* 999 drop all */
$ outputdiff --help
Usage:
$ command --with --output | outputdiff [options]
Options:
-n --new <name> Create the initial version that future output will
be compared against. The name is optional, if none
is specified, an autogenerated name will be used.
-m --message <message> (optional) Specify a message describing the current
output.
-c --compare <name> Compare new output against the previous output.
-l --last <name> Show most recent diff again.
--log <name> Show log of captured output.
--clean <name> Remove a comparison. If no comparison specified, remove all.
--undo <name> Undo comparison. Use --skip to undo more than the
default (1).
--list List all comparisons.
--output Show the last output. Specify previous output with --skip.
--vimdiff Use vimdiff to show differences. Only works with
--last, not --compare.
--no-diff Don't show a diff. Used with --compare to suppress output.
--skip <count> Skip a number of commits other than the default.
Applies to --output and --undo.
Documentation options:
-v --verbose Print more details about what the script is doing.
-t --test Don't actually do anything. Useful when combined
with --verbose.
-h --help -? brief help message
--man full documentation