Having output Log in tshark update by deleting the previous line.

I see a couple of options:

• Use "tail -f /tmp/log.txt" within python to read from
• Use "tshark -I -i wlan2 -R "wlan.addr == 58:1f:aa:2a:80:1e && wlan.addr == Broadcast" -o column.format:'"RSSI", %e'" within python to read from

If you really need to read from a file, then you can use some command line piping to overwrite the first line, something like:

tshark -r pcap/http.cap | awk '{print >"/tmp/log.txt";close "/tmp/log.txt"}'

I'm wondering if there's a way to have the log update constantly re-writing the first line of the log file.

That's where named pipes can help. They work like a FIFO and thus you will always get the lines in the order they were written, one by one, just by calling readline() on them.

Here is how you can do it:

>mkfifo /tmp/tshark_pipe   
>tshark -I -i wlan2 -l -R "wlan.addr == 58:1f:aa:2a:80:1e && wlan.addr == Broadcast" -o column.format:'"RSSI", %e' >/tmp/tshark_pipe 2>/dev/null' &  
>python -u analyze.py

I added some options (-l and 2>/dev/null) to your tshark command. -l is necessary to disable buffered output, which tells tshark to flush the output buffer after every packet. The rest should be clear.

Here is the (very basic!) python code. Please extend it to your needs. Obviously you need to extract the RSSI values from the line in the python code and then feed that into your algorithm.

import os
tshark_pipe = "/tmp/tshark_pipe"
pipe = open(tshark_pipe, 'r')
while True:
data=pipe.readline()
if data:
print "Data: " + data
pipe.close()

Regards
Kurt