How to Spy on Your SQLite Database Without Touching a Single Line of Code

You’ve been debugging SQLite queries the hard way. Adding logging statements. Wading through ORM abstractions. Profiling tools that only show you what they want you to see. But what if I told you there’s a way to watch every single query your application sends to SQLite — including the ones your ORM hides — without modifying a single line of code? That’s exactly what a new open-source tool called sqlitefeed does. And it changes everything.

I’ve spent years building embedded systems and edge devices. Every time I hit a performance bug, I’d add debug logs, spin up a profiler, or manually instrument the code. It was slow, painful, and often missed the real culprit. Then I found sqlitefeed. It uses Linux kernel uprobes to intercept SQLite3 queries at the system call level. The kernel doesn’t lie. It sees everything. No application changes. No recompilation. Just run the TUI and watch queries stream in real-time.

You might think you know what your app is doing. But you don’t. ORMs lie. Frameworks obfuscate. Even your own logging might miss queries that happen inside third-party libraries. Most developers think they know what queries their app is running. They’re wrong. I’ve seen teams spend weeks chasing a slow query that turned out to be hidden in a library they didn’t even know they were using. That’s the power of sqlitefeed: it reveals the invisible.

Let me tell you how it works. Sqlitefeed attaches to a running process and hooks into the SQLite3 library’s internal functions using uprobes — kernel-level probes that fire every time a function is called. This means it sees every query, including those triggered by ORMs like Room or ActiveRecord, or even from embedded SQLite inside an application. This is the closest thing to a backdoor into your database — and it’s completely undetectable from the application’s perspective. The tool presents the queries in a clean TUI, showing the SQL string, the thread ID, and timestamps. You can filter, search, and watch the database breathe.

I’ve been using this on a Raspberry Pi running a home automation system. The database was mysteriously slow. I ran sqlitefeed and within seconds saw a runaway query that was being called thousands of times per second — a query I had no idea existed because it was buried in a third-party library. I saw this firsthand, and it felt like finding a leak in the hull of a submarine. The fix took five minutes. The debugging would have taken days.

Here’s the twist: you don’t need to be a kernel expert to use this. It’s as simple as running a command. This is brilliant. It’s the kind of tool that makes you wonder why nobody built it before. It’s open source, it works on any Linux system, and it respects the principle of least surprise: you don’t need to instrument your app, you just watch.

If you work with SQLite on Linux — in embedded systems, edge devices, or even traditional server applications — stop what you’re doing and try this. Your future self will thank you. Most developers are debugging blind. This tool gives you X-ray vision. Go get it.

FAQ

Q: Does sqlitefeed require me to recompile my application?

A: No. It uses kernel uprobes to dynamically attach to a running process. No code changes, recompilation, or even restart of your application is needed.

Q: Can I use this on a production server?

A: Yes, but be cautious. Uprobes have minimal overhead, but attaching to a production process can introduce a small latency. It's generally safe for short-term debugging, but test on a staging environment first.

Q: Does this work with ORMs like Room or ActiveRecord?

A: Yes, because it intercepts the actual SQLite library calls, it sees every query regardless of how it was generated. ORMs, custom wrappers, or embedded SQLite are all transparent to the tool.

📎 Source: View Source