17/02/2013 20 Linux System Monitoring Tools Every SysAdmin Should Know www.cyberciti.biz/tips/top-linux-monitoring-tools.html 1/61 About Forum Howtos & FAQs Low graphics Shell Scripts RSS/Feed nixcraft - insight into linux admin work 20 Linux System Monitoring Tools Every SysAdmin Should Know by nixCraft on June 27, 2009 · 314 comments · Last updated November 6, 2012 Need to monitor Linux server performance? Try these built-in commands and a few add-on tools. Most Linux distributions are equipped with tons of monitoring. These tools provide metrics which can be used to get information about system activities. You can use these tools to find the possible causes of a performance problem. The commands discussed below are some of the most basic commands when it comes to system analysis and debugging server issues such as: 1. Finding out bottlenecks. 2. Disk (storage) bottlenecks. 3. CPU and memory bottlenecks. 4. Network bottlenecks. #1: top - Process Activity Command The top program provides a dynamic real-time view of a running system i.e. actual process activity. By default, it displays the most CPU-intensive tasks running on the server and updates the list every five seconds. Adidas Verve M White Running Shoes Show Now! Rs. 2499.00 Nike Air Profusion
61
Embed
20 Linux System Monitoring Tools Every SysAdmin Should Know
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
17/02/2013 20 Linux System Monitoring Tools Every SysAdmin Should Know
20 Linux System Monitoring Tools Every SysAdminShould Know
by nixCraft on June 27, 2009 · 314 comments· Last updated November 6, 2012
Need to monitor Linux server performance? Try these built-in commands and a few add-on tools.Most Linux distributions are equipped with tons of monitoring. These tools provide metrics whichcan be used to get information about system activities. You can use these tools to find the possiblecauses of a performance problem. The commands discussed below are some of the most basiccommands when it comes to system analysis and debugging server issues such as:
1. Finding out bottlenecks.2. Disk (storage) bottlenecks.3. CPU and memory bottlenecks.
4. Network bottlenecks.
#1: top - Process Activity Command
The top program provides a dynamic real-time view of a running system i.e. actual process activity. By default, itdisplays the most CPU-intensive tasks running on the server and updates the list every five seconds.
AdidasVerve M White Running ShoesShow Now!Rs. 2499.00 NikeAir Profusion
Black Running ShoesShow Now!Rs. 3295.00Neu PumaCabana Red Running ShoesShow
Get Information About Active / Inactive Memory Pages
# vmstat -a
=> Related: How do I find out Linux Resource utilization to detect system bottlenecks?
#3: w - Find Out Who Is Logged on And What They Are Doing
w command displays information about the users currently on the machine, and their processes.
# w username
# w vivek
Sample Outputs:
17:58:47 up 5 days, 20:28, 2 users, load average: 0.36, 0.26, 0.24USER TTY FROM LOGIN@ IDLE JCPU PCPU WHATroot pts/0 10.1.3.145 14:55 5.00s 0.04s 0.02s vim /etc/resolv.confroot pts/1 10.1.3.145 17:43 0.00s 0.03s 0.00s w
#4: uptime - Tell How Long The System Has Been Running
The uptime command can be used to see how long the server has been running. The current time, how long the systemhas been running, how many users are currently logged on, and the system load averages for the past 1, 5, and 15minutes.# uptime
1 can be considered as optimal load value. The load can change from system to system. For a single CPU system 1 - 3and SMP systems 6-10 load value might be acceptable.
#5: ps - Displays The Processes
ps command will report a snapshot of the current processes. To select all processes use the -A or -e option:# ps -A
The command free displays the total amount of free and used physical and swap memory in the system, as well as thebuffers used by the kernel.# free
Sample Output:
total used free shared buffers cachedMem: 12302896 9739664 2563232 0 523124 5154740-/+ buffers/cache: 4061800 8241096Swap: 1052248 0 1052248
=> Related: :
1. Linux Find Out Virtual Memory PAGESIZE2. Linux Limit CPU Usage Per Process3. How much RAM does my Ubuntu / Fedora Linux desktop PC have?
#7: iostat - Average CPU Load, Disk Activity
The command iostat report Central Processing Unit (CPU) statistics and input/output statistics for devices, partitionsand network filesystems (NFS).# iostat
The sar command is used to collect, report, and save system activity information. To see network counter, enter:# sar -n DEV | more
To display the network counters from the 24th:# sar -n DEV -f /var/log/sa/sa24 | more
You can also display real time usage using sar:# sar 4 5
Sample Outputs:
Linux 2.6.18-128.1.14.el5 (www03.nixcraft.in) 06/26/200906:45:12 PM CPU %user %nice %system %iowait %steal %idle06:45:16 PM all 2.00 0.00 0.22 0.00 0.00 97.7806:45:20 PM all 2.07 0.00 0.38 0.03 0.00 97.5206:45:24 PM all 0.94 0.00 0.28 0.00 0.00 98.7806:45:28 PM all 1.56 0.00 0.22 0.00 0.00 98.2206:45:32 PM all 3.53 0.00 0.25 0.03 0.00 96.19Average: all 2.02 0.00 0.27 0.01 0.00 97.70
=> Related: : How to collect Linux system utilization data into a file
#9: mpstat - Multiprocessor Usage
The mpstat command displays activities for each available processor, processor 0 being the first one. mpstat -P ALL todisplay average CPU utilization per processor:# mpstat -P ALL
mapped: 933712K total amount of memory mapped to fileswriteable/private: 4304K the amount of private address spaceshared: 768000K the amount of address space this process is sharing with others
=> Related: : Linux find the memory used by a program / process using pmap command
#11 and #12: netstat and ss - Network Statistics
The command netstat displays network connections, routing tables, interface statistics, masquerade connections, andmulticast memberships. ss command is used to dump socket statistics. It allows showing information similar to netstat.See the following resources about ss and netstat commands:
ss: Display Linux TCP / UDP Network and Socket InformationGet Detailed Information About Particular IP address Connections Using netstat Command
#13: iptraf - Real-time Network Statistics
The iptraf command is interactive colorful IP LAN monitor. It is an ncurses-based IP LAN monitor that generatesvarious network statistics including TCP info, UDP counts, ICMP and OSPF information, Ethernet load info, nodestats, IP checksum errors, and others. It can provide the following info in easy to read format:
Network traffic statistics by TCP connectionIP traffic statistics by network interfaceNetwork traffic statistics by protocolNetwork traffic statistics by TCP/UDP port and by packet sizeNetwork traffic statistics by Layer2 address
Fig.02: General interface statistics: IP traffic statistics by network interface
Fig.03 Network traffic statistics by TCP connection
#14: tcpdump - Detailed Network Traffic Analysis
The tcpdump is simple command that dump traffic on a network. However, you need good understanding of TCP/IPprotocol to utilize this tool. For.e.g to display traffic info about DNS, enter:# tcpdump -i eth1 'udp port 53'
To display all IPv4 HTTP packets to and from port 80, i.e. print only packets that contain data, not, for example, SYNand FIN packets and ACK-only packets, enter:# tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
# tcpdump -i eth1 'dst 202.54.1.5 and (port 21 or 20'
To display all HTTP session to 192.168.1.5:
# tcpdump -ni eth0 'dst 192.168.1.5 and tcp and port http'
Use wireshark to view detailed information about files, enter:
# tcpdump -n -i eth1 -s 0 -w output.txt src or dst port 80
#15: strace - System Calls
Trace system calls and signals. This is useful for debugging webserver and other server problems. See how to use totrace the process and see What it is doing.
#16: /Proc file system - Various Kernel Statistics
/proc file system provides detailed information about various hardware devices and other Linux kernel information. SeeLinux kernel /proc documentations for further details. Common /proc examples:# cat /proc/cpuinfo
# cat /proc/meminfo
# cat /proc/zoneinfo
# cat /proc/mounts
17#: Nagios - Server And Network Monitoring
Nagios is a popular open source computer system and network monitoring application software. You can easily monitorall your hosts, network equipment and services. It can send alert when things go wrong and again when they get better.FAN is "Fully Automated Nagios". FAN goals are to provide a Nagios installation including most tools provided by theNagios Community. FAN provides a CDRom image in the standard ISO format, making it easy to easilly install aNagios server. Added to this, a wide bunch of tools are including to the distribution, in order to improve the userexperience around Nagios.
18#: Cacti - Web-based Monitoring Tool
Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphingfunctionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and usermanagement features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense forLAN-sized installations up to complex networks with hundreds of devices. It can provide data about network, CPU,memory, logged in users, Apache, DNS servers and much more. See how to install and configure Cacti networkgraphing tool under CentOS / RHEL.
#19: KDE System Guard - Real-time Systems Reporting and Graphing
KSysguard is a network enabled task and system monitor application for KDE desktop. This tool can be run over sshsession. It provides lots of features such as a client/server architecture that enables monitoring of local and remote hosts.The graphical front end uses so-called sensors to retrieve the information it displays. A sensor can return simple valuesor more complex information like tables. For each type of information, one or more displays are provided. Displays areorganized in worksheets that can be saved and loaded independently from each other. So, KSysguard is not only asimple task manager but also a very powerful tool to control large server farms.
#20: Gnome System Monitor - Real-time Systems Reporting andGraphing
The System Monitor application enables you to display basic system information and monitor system processes, usageof system resources, and file systems. You can also use System Monitor to modify the behavior of your system.Although not as powerful as the KDE System Guard, it provides the basic information which may be useful for newusers:
Displays various basic information about the computer's hardware and software.Linux Kernel versionGNOME versionHardwareInstalled memoryProcessors and speedsSystem StatusCurrently available disk spaceProcessesMemory and swap spaceNetwork usageFile SystemsLists all mounted filesystems along with basic information about each.
lsof - list open files, network connections and much more.ntop web based tool - ntop is the best tool to see network usage in a way similar to what top command does for
processes i.e. it is network traffic monitoring software. You can see network status, protocol wise distribution oftraffic for UDP, TCP, DNS, HTTP and other protocols.
Conky - Another good monitoring tool for the X Window System. It is highly configurable and is able to monitormany system variables including the status of the CPU, memory, swap space, disk storage, temperatures,
processes, network interfaces, battery power, system messages, e-mail inboxes etc.GKrellM - It can be used to monitor the status of CPUs, main memory, hard disks, network interfaces, local and
remote mailboxes, and many other things.vnstat - vnStat is a console-based network traffic monitor. It keeps a log of hourly, daily and monthly network
traffic for the selected interface(s).htop - htop is an enhanced version of top, the interactive process viewer, which can display the list of processes
in a tree form.mtr - mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool.
Did I miss something? Please add your favorite system motoring tool in the comments.
For someone with the common knowledge, why would this be handy? I mean, if you already know/usethese, then why would you need a page detailing them?
Reply
4 Mike Williams August 15, 2011 at 10:35 pm
Because a lot of us have to live with faulty memory modules, Steve.
I do agree with you too.:This knowledge isn’t that common outside the comic book fraternity.
Reply
5 farseas January 8, 2013 at 5:29 pm
If you did a lot of sysadmin you would already know the answer to that question.
Reply
6 robb June 27, 2009 at 8:29 am
yeap most of them are must-have tools.good job of collecting them in a post.
Reply
7 Chris June 27, 2009 at 8:37 am
Nice list. For systems with just a few nodes I recommend Munin. It’s easy to install and configure. My favoritetool for monitoring a linux cluster is Ganglia.
P.S. I think you should change this “#2: vmstat – Network traffic statistics by TCP connection …”
Reply
8 ftaurino June 27, 2009 at 9:09 am
another useful tool is dstat , which combines vmstat, iostat, ifstat, netstat information and more. but this is a very
useful list with some interesting examples!
Reply
9 James June 27, 2009 at 9:23 am
pocess or process. haha, i love typos
Reply
10 Sohrab Khan March 15, 2011 at 9:09 am
Dear i am learning the Linux pl z help me, I you have any useful notes pl z sent it to my E-mail.
Thanks
Reply
11 vasu March 21, 2011 at 5:43 am
In my system booting time it showing error fsck is fails. plz login as root…….– how to repair or
Most of the time that happens if the fsck operation requires human interaction, which the bootfsck doesn’t have. Just restart it, if you don’t normally get a grub delay the hold down the
shift key to get one, if you do then just select recovery mode, or single user mode, it dependson your distro. It’s the same thing in all, just tripping single user mode with a kernel arg, but it
will let you boot, and run fsck on unmounted partitions. If it is your root partition, you mayneed to boot from an external medium, unless you have a kick ass initrd, lol.
Reply
13 Artur June 27, 2009 at 9:40 am
What about Munin ? Lots easier and lighter than Cacti.
Reply
14 nig belamp December 7, 2010 at 4:21 pm
How can you even compare munin to cacti…stfu your a tool.
Reply
15 PC4N6 April 20, 2011 at 7:53 pm
Uhm, geez, this isn’t blogspot. Head over there if you have an uncontrollable need to flame peopleabove your level of understanding…
Reply
16 RB-211 May 13, 2011 at 12:57 pm
Wow, that was a bit harsh.
Reply
17 grammer nazi July 24, 2011 at 1:54 pm
it is you’re – you are a tool. Please when randomly slamming someones post to feel better about
yourself, at least you proper grammer. Then at least you sound like an intelligent a55h0le. :P
Reply
18 Jeff August 9, 2011 at 6:07 pm
Sarcastic pro’s, N00bs, flaming, harsh language, grammar nazis. All we need now is a Hitler
comparison and we have the full set. Who’s up for a ban?
Also: before stuff can become common knowledge you’ll first have to encounter it at least
once. Like here in this nice list. Thanks for sharing!
That’s “grammar”, unless you’re talking about the actor who plays Frasier on Cheers. :P
Reply
21 Fireman October 17, 2011 at 11:39 pm
Let me go ahead and re-write your comment, grammer nazi. It seems you have quite a fewerrors.
“It is ‘you’re–you are’ a tool. Please, when randomly slamming someone’s post to feel betterabout yourself, at least use proper grammar. Then, at least, you sound like an intelligent
a55h0le.”
In the future, I would recommend proof-reading your own posts before you arrogantly
correct others. I counted at least six mistakes in your “correction.” Have a nice day! :)
Reply
22 flame on! December 4, 2011 at 8:05 pm
Vivek does a great job, as usual. But, thanks for the laughs, guys!
Reply
23 Raj June 27, 2009 at 10:13 am
Nice list, worth bookmarking!
Reply
24 kaosmonk June 27, 2009 at 10:53 am
Once again, great article!!
Reply
25 Amr El-Sharnoby June 27, 2009 at 11:07 am
I can see that the best tool to monitor processes , CPU, memeory and disk bottleneck at once is atop …
But the tool itself can cause a lot of trouble in heavily loaded servers and it enables process accounting and has a
service running all the time …
To use it efficiently on RHEL , CentOS;
1- install rpmforge repo2- # yum install atop
3- # killalll atop4- # chkconfig atop off
5- # rm -rf /tmp/atop.d/ /var/log/atop/6- then don’t directly run “atop” command , but instead run it as follows;
This tool has saved me hundreds of hours really! and helped me to diagnose bottlenecks and solve them thatcouldn’t otherwise be easily detected and would need many different tools
Reply
26 Vivek Gite June 27, 2009 at 1:01 pm
@Chris / James
Thanks for the heads-up!
Reply
27 Solaris June 27, 2009 at 1:26 pm
Great post, also great reference.
Reply
28 quba June 27, 2009 at 1:46 pm
Hi,
We have just added your latest post “20 Linux System Monitoring Tools
Every SysAdmin Should Know” to our Directory of Technology . You
can check the inclusion of the post here . We are delighted
to invite you to submit all your future posts to the directory and get a huge base of
visitors to your website.
Warm Regards
Techtrove.info Team
http://www.techtrove.info
Reply
29 Cristiano June 27, 2009 at 1:57 pm
You probably wanna add IFTOP tool, its really simple and light, very useful when u need to have a last moment
remote access to a server to see hows the trific going.
Reply
30 Peko June 27, 2009 at 3:40 pm
Yeah, well why a so good admin (I dig(g) your site) won’t you use spelling checkers?
and still, this is advanced user knowledge, at most. I would not trust a sysadmin that knows so few. And..
Reply
32 harrywwc June 27, 2009 at 10:56 pm
Hi guys,
good list – and some great submitted pointers to other useful tools.
to those carp-ing on about typo’s – give us all a break. you’ve never made a typo? ever?
Idea: How ’bout those who have never *ever* made an error in typing text be the first one(s) to give people griefabout making a typo?
I _used_ to be a real PITA about this; then I grew up.
The purpose of this blog, and other forms of communication, is to *communicate* concepts and ideas. *If* you
have received those clearly – in spite of the typos – then the purpose has been fulfilled.
/me gets down off his soapbox
.h
Reply
33 StygianAgenda February 28, 2011 at 8:49 pm
I totally second that!
WTF is up with people making such a big deal about spelling? I could understand if the complaints were inregards to a misspelling of a code-example, but if the language is coherent enough to get the idea across,
then that’s all that really matters.
Reply
34 Lolcatz April 7, 2011 at 10:54 pm
Typos*
Reply
35 roflcopter June 24, 2011 at 1:57 pm
Typographical error*
Reply
36 Pádraig Brady June 27, 2009 at 11:37 pm
A script I use often to show the real memory usage of programs on linux, is ps_mem.py
I also summarised a few linux monitoring tools here
Excellent list. Like Amr El-Sharnoby above, I also find atop indispensable and think it must be installed on everysystem.
In addition I would like to add iotop to monitor disk usage per process and jnettop to very easily monitorbandwidth allocation between connections on a Linux system.
Reply
47 Knightsream June 28, 2009 at 8:53 am
Well, the one i use right now is Pandora FMS 3.0 and its making my work easy.
Reply
48 praveen k June 28, 2009 at 12:56 pm
I would like to add
whoami ,who am i, finger, pinky , id commands
Reply
49 create own website June 28, 2009 at 3:32 pm
i always love linux, great article
Reply
50 Mathieu Desnoyers June 28, 2009 at 9:14 pm
One tool which seems to be missing from this list is LTTng. It is a system-wide tracing tool which helps
The project is available at http://www.lttng.org. Recent SuSE distributions, WindRiver, Monta Vista and STLinuxoffer the tracer as distribution packages. The standard way to use it is to install a patched kernel though. It comes
with a trace analyzer, LTTV, which provides nice view of the overall system behavior.
If your “system” is large and/or distributed, and the performance issues you’re tackling are complex, you may
wish to explore Performance Co-Pilot (PCP). It unifies all of the performance data from the tools you’vementioned (and more), can be extended to include new applications and service layers, works across the
network and for clusters and provides both real-time and retrospective analysis.
See http://www.oss.sgi.com/projects/pcp
PCP is included in the Debian-based and SUSE distributions and is likely to appear in the RH distributions in thefuture.
As a bonus, PCP also works for monitoring non-Linux platforms (Windows and some of the Unix derivatives).
Reply
62 Lance June 30, 2009 at 2:37 am
I love your collection.
I use about 25% of those regularly, and another 25% semi-regularly. I’ll have to add another 25% of those to mylist of regulars.
Thanks for compiling this list.
Reply
63 bogo June 30, 2009 at 6:01 am
Very nice collection of linux applications. I work with linux but I can’t say that i know them all.
Reply
64 MEHTA GHANSHYAM June 30, 2009 at 9:28 am
REALLY ITS VERY GOOD N USEFULL FOR ALL ADMIN.THANKS ONCE AGAIN
feilong, I agree. I use nmon on my linux boxes from years. It’s worth a look.
Reply
69 komradebob July 1, 2009 at 10:36 pm
Great article, many great suggestions.
Was surprised not to see these among the suggestions:
bmon – graphs/tracks network activity/bandwidth real time.
etherape – great visual indicator of what traffic is going where on the networkwireshark – tcpdump on steroids.
multitail – tail multiple files in a single terminal window
swatch – track your log files and fire off alerts
Reply
70 pradeep July 2, 2009 at 11:14 am
how the hell i missed this site this many days… :P thank god i found it… :) i love it…
Reply
71 Jay July 4, 2009 at 5:23 pm
O personally much prefer htop to top. Displays everything very nicely.
phpsysinfo is another nice light web-based monitoring tool. Very easy to setup and use.
Reply
72 Manuel Fraga July 5, 2009 at 4:55 pm
Osmius: The Open Source Monitoring Tool is C++ and Java. Monitor “everything” connected to a network withincredible performance. Create and integrate Business Services, SLAs and ITIL processes such as availability
When I wrote collectl my goal was to replace as many utilities as possible for several reasons including:- not all write to log files
- different output formats make correlation VERY difficult
- sar is close but still too many things it doesn’t collect
- I wanted option to generate data that can be easily plotted or loaded into spreadsheet- I wanted sub-second monitoring
- I want an API and I want to be able to send data over sockets to other tools
- and a whole lot more
I think I succeeded on many fronts, in particular not having to worry if the right data is being collected. Just installrpm and type “/etc/init.d/collectl start” and you’re collecting everything such as slabs and processes every 60
seconds and everything else every 10 seconds AND using <0.1% of the CPU to do so. I personally believe if
you're collecting performance counters at a minute or coarser you're not really seeing what your system is doing.
As for the API, I worked with some folks at PNNL to monitor their 2300 node cluster, pass the data to gangliaand from there they pass it to their own real-time plotting tool that can display counters for the entire cluster in
3D. They also collectl counters from individual CPUs and pass that data to collectl as well.
I put together a very simple mapping of 'standard' utilities like sar to the equivilent collectl commands just to get a
feel for how they compare. But also keep in mind there are a lot of things collectl does for which there is noequivalent system command, such as Infiniband or Lustre monitoring. How about buddyinfo? And more…
http://collectl.sourceforge.net/Matrix.html
-mark
Reply
90 PeteG September 29, 2009 at 5:33 am
Darn,
I’ve been using Linux since Windows 98 was the current MicroSnot FOPA.
I know all this stuff. I do not make typoous.Why do you post this stuff?
We all know it.
Sure we do!
But do we remember it? I just read through it and found stuff that I used long ago and it was like I just learned it.I found stuff I didn’t know either.
Hummmm…… Imagine that!
Thanks, particularly for the PDF.
Saved me making one.Hey, where’s the HTML to PDF howto?
Thanks again.
Reply
91 Denilson October 26, 2009 at 11:55 pm
Use:free -m
To show memory usage in megabytes, which is much more useful.
Thanks for sharing all your knowledge about Linux.. i really thankful for your share linux tips..!!
thanks and continue this jurny…as well
thank you..
Reply
112 Ganesan AS January 10, 2010 at 1:53 pm
Good info. Thanks for sharing.
May GOD bless you to do more.
Reply
113 Mark Seger January 10, 2010 at 2:38 pm
This is indeed an impressive collection of tools but I still have to ask if people are really happy with having to
know so many names, so many switches and so many formats. If you run one command and see something weird
doesn’t it bother you if you have to run a different tool but the anomaly already passed and you can no longer seeit with a different tool? For example if you see a drop in network performance and wonder if there was a memory
or cpu problem, it’s too late to go back and see what else was going on. I know it bothers me. Again, by running
collectl I never have to worry about that because it collects everything (when run as a deamon) or you can just
tell it to report lots of things when running interactively and by default is shows cpu, disk and network. If youwant to add memory, you can always include it but you will need a wider screen to see the output.
As a curiosity for those who run sar – I never do – what do you use for a monitoring interval? The default is to
take 10 minute samples which I find quite worthless – remember sar has been around forever dating back to
when cpus were much slower and monitoring much more expensive. I’d recommend to run sar with a 10 secondsampling level like collectl and you’ll get far more out of it. The number of situations which this would be too
much of a load on your system would be extremely rare. Anyone care to comment?
absolutely agreed with you mate! if you are the sysadmin something – you will do it for yourself and do it right!
These tools like ps,top and other is commonly used by users who administrated a non-productive or desktopsystems or for some users who’s temporary came to the system and who needed to get a little bit of information
about the box – and its pretty good enough for them. )
Reply
116 met00 January 12, 2010 at 6:15 pm
If you are running a web server and you have multiple clients writing code, you will one day see CPU slow to a
crawl. “Why?”, you will ask. ps -ef and top will show that mysql is eating up resources…
HMM?
If only there was a tool which showed me what command was being issued against the database…
mytop
Once you find the select statement that has mysql running at 99% of the CPU, you can kill the query and then go
chase down the client and kill them too (or in my case bill them at $250/hr for fixing their code).
Reply
117 Mark Seger January 12, 2010 at 6:36 pm
re mysql – it’s not necessarily that straight forward. I was working with someone who had a system with mysql
that was crawling. it was taking multiple seconds for vi to echo a single character! we ran collectl on it and could
see low cpu, low network and low disk i/o. Lots of available memory, so what gives? A close look showed methat even those the I/O rates were low, the average request sizes were also real low – probably do so small db
requests.
digging even deeper with collectl I saw the i/o request service times were multiple seconds! in other words when
you requested an I/O operation not matter how fast the disk is, it took over 2 second to complete and that’s whyvi was so slow, it was trying to write to it’s backing store.
bottom line – running a single tool and only looking at one thing does not tell the whole story. you need to see
I have a postfix mail server, recently through tcpdump I see alot of traffic to dc.mx.aol.com, fedExservices.com,wi.rr.com, mx1.dixie-net.com. I believe my mail server is spamming. How do I find out it is spamming? and how
do I stop it. Please help.
Reply
119 Vivek Gite January 19, 2010 at 3:01 pm
Only allow authenticated email users to send an email. There are other things too such as anti-spam, ssl
keys, domain keys and much more.
Reply
120 kirankumarl February 3, 2010 at 9:26 am
Dear sir pls send me some linex pdf file by wich i can learn how to install & maintanes
Reply
121 Visigoth February 21, 2010 at 3:11 pm
I like the saidar tool, and iptstate. Check them out.
Reply
122 JK February 23, 2010 at 12:43 pm
Hiii vivek,
Do you know any application to shut down a ubuntu 9.1 machine when one of its network interface is down..I
need it for clustering..
Reply
123 AD February 25, 2010 at 6:23 am
Thank you very much,,,….
This information is very useful for me to monitoring my server…
Reply
124 Tarek February 26, 2010 at 7:18 pm
Actually where I work we have and isa server acting as a proxy/firewall, which prevent me from monitoring
internet traffic consumption. so i installed debian as a network bridge between the isa server and the lan, andequipped it with various monitoring tools (bandwidthd, ntop, vnstat, iftop, iptraf, darkstat).
See also the “Linux Process Explorer” (in development) meant to be an equivalent the windows process explorer
of Mark Russinovich.
See http://sourceforge.net/projects/procexp
Reply
140 ohwell May 2, 2010 at 6:33 pm
if an “admin” doesnt know 90% of those tools, he isn’t a real admin. you will find most of these tools explained in
any basic linux howto…
Reply
141 Anonymous May 7, 2010 at 7:17 pm
but how to kill process ID in my server..
Reply
142 FHJ May 11, 2010 at 2:32 pm
I assume you can find the process ID – for example if your process is called foo.bar, you could do
ps -ef | grep foo.bar
this will give the PID (process ID) as well as other information.Then do
kill -9 PID (where PID is the number your found in the above).
If you are working on a Mac you have to do ‘sudo kill -9 PID’ since the kill command is an “admin”
action that it wants you to be sure about.
Or if you use top, and you can see the process you want to kill in your list, you can just type k and you willbe prompted for the PID (the screen will freeze so it’s easy to read). You type the number and “enter”,
will have to confirm (y), and the process is killed with -15. Which is less “severe” than a “kill -9″ which
really kills just about any process (without allowing it a graceful exit of any kind).
Use with care!
Reply
143 someone May 10, 2010 at 5:59 pm
Gnome system monitor is a pretty useless utility if you ask me.
its neat to have it as an applet, but thats it.
Reply
144 kalyan de May 14, 2010 at 2:18 am
Thanks,
I think it will be very helpfull for me as i am practicng oracle in redhat linux4. Today i will try to check it. I want 1more help. I am not clear about crontab. saupposed i want to start a crontab in my system with any script which i
have kept in /home/oracle and want to execute in every 1 hour. Can u send me how i can do with details.
hey, thanks, just installed htop and iptraf, very nice tools!!
Reply
148 zim June 2, 2010 at 1:12 pm
atop
man atop shows
“The program atop is an interactive monitor to view the load on a Linux system. It shows the occupation of themost critical hardware resources (from a performance point of view) on system level, i.e. cpu, memory, disk and
network.It also shows which processes are responsible for the indicated load with respect to cpu- and memory
load on process level; disk- and network load is only shown per process if a kernel patch has been installed.”
Reply
149 Boggles September 21, 2011 at 1:52 am
Have to agree with zim. Atop is a great tool along with it’s report generating sister application atopsar.
155 Rafael Quirino de Castro June 7, 2010 at 5:08 pm
I´m lookuing for apache parameter on the web and found here.
So, my contribute is: try to use iftop, iptraf, ifstat, jnettop and ethstatus for network graphical and CLI monitoring.
Use tcmpdump and ngrep for packet sniffing
HTB is very good for QoS in the network, especially if you need to reduce slower VPN network
Reply
156 georges June 9, 2010 at 3:39 pm
fuser command is missing from this list. it tells you which command is using a file at the moment. Since in Linuxeverything is a file, it is very useful to know!
Use it this way:
# to know which process listens on tcp port 80:
fuser 80/tcp
# to know which process uses the /dev/sdb1 filesystem:
fuser -vm /dev/sdb1
etc …
Reply
157 Naga June 13, 2010 at 7:19 am
Is there any good tools for analyzing Apache/Tomcat instances.
Reply
158 Jan 'luckyduck' Brinkmann June 15, 2010 at 11:02 am
‘ethtool’ can also be very useful, depending on the situation:
Hi ite really very very nice which is helful to fresher.
Thanks a lot…………………..
Regards
Amuri Chandra
Reply
169 George August 30, 2010 at 3:53 pm
Great resource…Really helpful for a novice as well for an expert…
Reply
170 SHREESAI LUG September 4, 2010 at 5:36 am
hiiiiiiiiiiiiiwe r SHREESAI LINUX USER GROUP FRM MUMBAI
THIS COMMANDS R REALLY NICE
THANKS
VIVEK SIRPLZ REPLY US ON MAIL
Reply
171 Tunitorios September 12, 2010 at 2:31 am
Thanks for this great tips.My question is how to show the username(s) wich are connected to the server and they are using ftp protocole ?
Reply
172 Marcelo Cosentino April 7, 2011 at 12:38 pm
Try ftptop . I think you can find it in centos , red hat , slack, debian etc…Ftptop works with a lot of ftp servers daemons.
Reply
173 mark seger September 12, 2010 at 11:48 am
I don’t believe that ftp usage by user is recorded anywhere, so you’d have to get inventive. The way I would doit is use collectl to show both processes sorted by I/O and ftp stats. Then is simply becomes a matter of see
which processes are contributing to the I/O and who their owners are.
180 Jalal Hajigholamali September 20, 2010 at 11:54 am
Hi,
use “rsync” command..
Reply
181 leebert September 28, 2010 at 8:58 pm
Don’t forget systemtap (stap) which provides the equivalent of Solaris’ invaluable “dtrace” scripting utility.
There’s a “dtrace” for Linux project but I haven’t been able to get it to compile on my OpenSuSE 11.x.
On SuSE Linux is “getdelays” , enabled via the grub kernel command line “delayacct” switch (starting with SuSE
10 Enterprise…). It’ll reveal the amount of wait a given process spends waiting for CPU, disk (I/O) or memory
(swap), great for isolating lag in the system.
There are many many other monitoring tools (don’t know if these were mentioned before) atopsar (atop-related),the sysstat/sar-related sa* series (sadc, sadf, sa1), isag, saidar, blktrace (blktrace-blkiomon / blktrace-blkparse),
And a good Sysadmin always can count with you prefered script language.
I using perl for monitoring a lot of basic infra structure services, like DHCP, DNS, Ldap, and Zabbix for generate
alarms and very nice graphs.
Reply
197 Sarath Babu M December 11, 2010 at 9:07 am
Hi,
One of My Professor is introduce about the Ubantu This os is I like very much this flyover. Before I am UsingXP but now I download all app. and I all applications. i always love linux, great article.
sarath
Reply
198 Laxman December 23, 2010 at 9:37 am
Very interesting I will try
I hope it’ll help for me
Reply
199 sah December 23, 2010 at 10:19 pm
thanks alot … its a great help~!
Reply
200 KK December 25, 2010 at 4:19 am
Sumo is the best, the best that ever was and the best that ever will be.
How would I get a list of slow running websites on my server via ssh?
Reply
203 nigratruo January 13, 2011 at 6:41 pm
Great list, but why is TOP still used?
It is a highly limited utility. HTOP can do all top can, plus a ton of stuff more:1. use colors for better readabilty. In the 21st century, all computers have a super hightech thing on their monitor
called COLORS (sarcasm off)
2. allow process termination and sending of signals (even multi select several processes)
3. show cpu / ram usage with visual bars instead of numbers4. show ALL processes: top cannot do that, it just shows what is on the screen. It is the main limiting factor that
made me chuck it to the curb.
5. Use your cursor keys to explore what cannot be shown on the screen, for example full CLI parameters from
commands.6. Active development. There are new features. Top is dead and there does not seem to have been any active
development for 10 years (and that is how the tool looks)
Reply
204 coldslushy February 7, 2011 at 12:55 pm
Colors? Too resource intensive…
Reply
205 josh July 19, 2011 at 3:38 pm
Colors do not always contrast well with the background.
Reply
206 abdul hameed February 2, 2011 at 6:52 am
Dear All,
My Oracle Enterprice Linux getting very slow, when my local R12.1 start.
by using “top” command i found lot of Database users are running.
normally in other R12 instance only few Database users are available. can any one tell me what might be the
problem,, is it OS level issue or my Application Issue.. where i have to start the tuning .
“My Oracle Enterprice Linux getting very slow, when my local R12.1 start.”
Arghh! Linux is turning into Windows!
These are super machines, people! Remember when 4.2BSD came out, and people were saying “Unix isbecoming VMS”? With 4.1 BSD, we had been flying on one MIP machines (think of a one Mhz clock rate –
three orders of magnitude slower than today’s machines, not Ghz… Mhz!). So much was added so quickly into4.2 (kernels were no longer a few hundred kilobytes at most) that performance took a nose dive. But then 4.3
BSD fixed things for a while (with lots of optimizations such as unrolling the the instructions in a bcopy loop tillthey just just filled an instruction cache line). It didn’t hurt either that memory was getting cheaper, and we couldafford to upgrade our 30 user timesharing systems from four Megabytes to eight Megabytes, or even more! It
takes an awful amount of software bloat (and blind ignorance of the principles we all learned in our“combinatorial algorithms” classes) to be able to make machines that are over a thousand times faster than theVaxen we cut our teeth on be “slow”.
Today’s Linux systems hardly feel much faster on multicore x86 machines than they did on personal MicroVaxes
or the somewhat faster Motorola 68020 based workstations (except for compilations, which now really screamby – compiling a quarter meg kernel used to take hours, whereas now it feels like barely seconds pass whencompiling kernels that, even compressed, are many times larger. But then, compiler writers for the most part (25
years ago, Green Hills employees seemed a glaring exception and I don’t know about Microsoft) have to provethey have learned good programming practices before their skills are considered acceptable). Other software,
like the X server, still feels about the same as it did in the eighties, despite today’s machines being so much faster.And forget about Windows!
Reply
209 benjamin ngobi February 15, 2011 at 3:44 pm
wow these are great tools one should know.thank you so much coz it just makes me better every day
Reply
210 Mousin February 16, 2011 at 9:52 am
Awesome Thanks a ton worth a bookmark..
Reply
211 krishna February 23, 2011 at 9:17 am
Friends I have typed the corrected question here below. Please let me know if you can help:
Part1 : Find out the system resources — CPU Usage, Memory Usage, & How many process are runningcurrently in “exact numbers”?, what are the process?Part2: Assume a process CACHE is running on the same system — How many files are opened by CACHE out
of the total numbers found above?? what are the files used by CACHE? Whats the virtual memory used by theprocess. What is the current run level of the process.
Part3: How many users or terminals are accessing the process CACHE?Part4: The script should run every 15secs with the time of execution & date of script and the output should begiven to a file “richprocess” in the same order as that of the question.
Note: NO EXTERNAL TOOLS are allowed to be used with linux. Only shell script should be written for thesame!
Nice graphical system statistics RRDTool frontend which produces hourly, daily, weekly, monthly … graphs ofvarious system data. At the moment it provides graphs for memory usage, cpu info, cpu frequency, disk iostat,number of users, number of processes, number of open files, number of tcp connections, system load, network
traffic, protocl statistic, harddisk/partition usage and temperatures, privoxy proxy statistic, ntpdrift, fan status andsystem temperatures.It is simple and it doesn’t require snmp. It consists only of some shell and perl scripts.
Reply
235 Aviv.A July 14, 2011 at 10:30 pm
You forgot the command “htop” :D
Reply
236 Laurens July 15, 2011 at 10:16 pm
An other interesting program wich hasn’t been mentioned yet is Midnight Commander (mc). At least it’s myfavourite file manager in a console environment.
Thanks all for your contributions. There are a lot of interesting programs wich I already use, or certainly will beusing in the future.
Reply
237 Sravi Raj July 19, 2011 at 5:03 am
Nice List
Reply
238 andy July 21, 2011 at 8:48 am
NO PRINT FUNKTION ? BIG FAIL IN YOUR FACE…damn why is every hole blogging but a printfunktionis missing ? i dont need the scrappie comments in my prints…..
Reply
239 Tommie September 11, 2011 at 8:27 am
Nice Roundup. However, I love you not having a print function. I am able to print what I need without it…;)
To see a print version just append /print to the end of the url.
Reply
241 GEORGE FAREED July 25, 2011 at 8:43 pm
thaaaaaaaaaaaanks alot :)
its useful informations :)
Reply
242 apparao August 3, 2011 at 11:36 am
Thanks
Reply
243 kiran.somidi August 3, 2011 at 12:47 pm
traceroute
Reply
244 kiran.somidi August 3, 2011 at 12:49 pm
tarceroute coomand is not their
Reply
245 Lalit Sharma August 7, 2011 at 2:13 pm
how can i copy all this?
Reply
246 amit lamba August 29, 2011 at 8:16 am
m using ubuntu 9.10 on system but problem is regarding internet …. unable to connect with internet…waiting for useful reply
Reply
247 Daniel Brasil August 30, 2011 at 10:03 pm
Very good post. I’ve some problems trying to figure out historical data about disk usage. I still dont know a goodtool for that. sar is wonderful but it’s unable to record disk usage per process. You know any tool for that?
Reply
248 greg January 6, 2012 at 6:30 pm
most monitoring tools like nagios, cacti, and zabbix give you the ability to trend your disk usage, and evenalert at certain capacity points.
Its great, but i’m having a little inconvenient, i want to look the detail for a process, exactly from apache, but theresult is always the seem, any one have a trick for see them? explaining better, i have a process from apache but
not die, it keep for a long time using the resource and overloading the machine, when i see with a “ps auxf” theresult isapache 32327 85.7 0.5 261164 39036 ? R 22:49 0:49 \_ /usr/sbin/httpd
I want see wath is doing this process “32327″ exactly, any idea?
Reply
250 greg January 6, 2012 at 7:13 pm
you can try strace as mentioned in the tools and you can also look at the files in /proc/PID/ (so/proc/32327 for you)
Reply
251 eeb2 September 7, 2011 at 9:25 pm
Thanks for posting this list. Keep up the good posts!
Reply
252 khupcom September 12, 2011 at 8:30 am
I’m using monitorix and vnstat to monitor my servers
Reply
253 Gaurav kuamr jha October 2, 2011 at 7:42 am
Great it was bagger description for me.
This is article has solved my lot of problemsthanks for thisgkjha009
I have just recently released my first open source project the Remote Linux Monitor, which you can find at here .I modeled it on Gnome’s System Monitor and I would love get your feedback on it. Thanks.
Reply
258 Ferenc Varga November 4, 2011 at 10:06 pm
for http traffic, i suggest to use justniffer.
Reply
259 bishow November 8, 2011 at 2:22 pm
yeah really nice post !!!
It’s really help me but how about the centos linux command can anyone tell me about that, all the linux commandwill be same for the all versions of linux (Is it wright guys) .
orplease email me if you know some code of contos linux cause i using this lunux.
regards,
Reply
260 Unni November 11, 2011 at 1:39 am
Well written , keep up the good work ..
….Thanks,
Unni
Reply
261 Gmaster December 2, 2011 at 12:30 pm
Great job in compiling all the utils in one nice post. Thank you very much!
Reply
262 Denis December 9, 2011 at 10:30 pm
Great stuff, nice to have it all in one place. :-)
Reply
263 manna December 12, 2011 at 5:09 am
Am working in small company having around 45 employees,we r using linux server in our office, i need tocheckout or monitor the user’s website, which they are accessing in office hours,Please any one suggest me withcorrect command. Thanks
Reply
264 Sibbala Govardhan Raju December 13, 2011 at 10:08 am
My Name is Govardhan Raju from TIRUPATI, ANDHRA PRADESH. working as a linux (RHEL4) operator. Iwant to take data backup daily. Is there any posibility to take todays date files only ? Please suggest me the
commands which are useful to take backup daily with syntax.
Thanking U Sir,
S Govardhan Raju
Reply
265 Kash January 15, 2012 at 2:41 pm
This is monitoring article not backup article??? Search your question somewhere else.
Reply
266 bhaskar February 6, 2012 at 7:57 pm
Hi, I’m using windows 7 version. how to access the UNIX commands in windows plat form without installing anyset up file or UNIX Operating System.
Could you please suggest any to me.
Thanks,
Reply
267 Steve February 13, 2012 at 4:11 pm
I feel an important one is psacct.. Should have at least made the list. Very useful to track what commands/usersare eating cpu time.
Reply
268 AL February 24, 2012 at 12:55 pm
There is another tool we use for system monitoring, it’s from IBM called NMON – pretty good tool, Irecommend it.
AL
Reply
269 sudhir menon March 21, 2012 at 7:10 am
nfsiostat is a great small command on linux
Reply
270 nishhhh March 22, 2012 at 2:15 pm
nice collection..referencing related articles are like ‘feathers in the cap’ !!appreciate it..thanks!
I have deployed some 40 routers in the cafes,60 more in have to deploy in diff region/areas.I want to monitor theWifi routers sitting in one place.
I have connected Debian installed thin client to each router to provide internet to the customers @ cafe,free
browsing for 30 mins.
Can some one suggest me a tool for monitoring the Routers & my debian machine performance.
Regards
Naveen C
Reply
272 naveen March 23, 2012 at 8:58 am
The router model is DAP-1155 Wireless N 150 i have purchased some 100 and i am planning to buy 300
more.
pls do help me
Thanks in advance
Naveen C
Reply
273 LTJX August 2, 2012 at 3:08 pm
Such routers often include a management/monitoring package, which may be more immediately useful thanusing Debian-based commands, and the router software may allow for viewing the multiple routers you
describe from a single screen. I know that the latest NETGEAR wireless routers include a softwarepackage like this.
But, why just 30 minutes per customer? Isn’t that the wrong message to give the cafe customers?: Like,hurry up and drink your coffee/tea, and then get out!!
Maybe you could try a one hour limit and see what happens. Linux is much more efficient than manypeople realize, even under heavy usage.
I think that Starbucks and similar shops in North America tend to offer unlimited Internet access with anypurchase – and most don’t really seem to enforce the purchase requirement, unless a “freeloader” is
annoying or being offensive to other customers, etc.
Reply
274 Stan August 6, 2012 at 6:25 am
Have you tried MRTG to monitor your routers. More for just network
http://oss.oetiker.ch/mrtg/
Reply
275 Eric April 6, 2012 at 1:18 pm
Great post! Some of these I never thought to use that way. When using free I will often use the -m option to
My new favourite tool is “systemd.analyze”. It is great for pin-pointing bottle-necks in startup. It can produce a
very nice plot of every process, allowing you instantly see what’s holding things up.
Reply
299 Girijesh October 16, 2012 at 3:54 am
very informative…!!!
Thanks a ton.. :)
Reply
300 Shekhar October 22, 2012 at 9:30 am
What is tool to get All activity info. Like any user create/delete/move file or directory information???
Reply
301 Rahul November 8, 2012 at 9:26 am
+100
Reply
302 Hannes Dorn November 8, 2012 at 10:46 pm
Instead of Cacti I prefer munin. Installation and configuration is easy and on monitored systems, only a small
client is needed.
Reply
303 xuedi November 11, 2012 at 5:50 pm
I would replace top with htop, it extents top with a much nicer ncurses and lots of functions …
Reply
304 Bill November 14, 2012 at 3:02 pm
Great list, Shekhar For File Activity etc, I use vigil and vlog client to create the logs
Reply
305 Vishal November 15, 2012 at 6:26 am
try one for tool to report network interfaces bandwith just like vmstat/iostat
# ifstat
Reply
306 Vishnuprasad November 25, 2012 at 3:41 pm
And I am using “watch” utility. This is basically not a system monitoring tool. But in some case we need to watchthe out put of a command continuously. That time this is not easy to enter the same command all the time and
watch the output. In that case you can use this utility. You can set the interval of each refresh.
Eg: watch -n 10 df -Th (this is just an example)This command will give you the output of df -Th in each 10 seconds. Then you can easily measure the hard diskusage.
Cheers…!
Reply
307 Vishnuprasad November 25, 2012 at 3:43 pm
A better Server Management Software…
http://www.webmin.com/
Cheers…!
Reply
308 Konstantin November 28, 2012 at 3:02 am
I’d also add ‘monit’ utility, to monitor assorted services and perform actions 9such as restarting the stopped
service).
Reply
309 jlarchev December 15, 2012 at 7:21 am
Hi all,
A nice monitoring tool we’re using for years :http://sysusage.darold.net
Reply
310 Uday Vallamsetty December 31, 2012 at 6:03 pm
All of these are must have tools for doing any analysis/monitoring of activity on Linux boxes. Thanks for collectingeverything into a concise space.
Reply
311 peter January 11, 2013 at 5:04 am
very useful article..im a reader of both nixcraft and cyberciti.. well done
i would know about your opinion…i must do the project about monitoring devices availability…what the software in linux about this and i must editing the coding software.
Reply
Leave a Comment
Name *
E-mail *
Website
You can use these HTML tags and attributes for your code and commands: <strong> <em> <ol> <li> <u> <ul>