Daily monitoring and debugging of Linux system performance is a heavy task for the system and network administrators. Five years after working as a Linux system administrator in the IT field, I gradually realized how difficult IT is to monitor and keep the system up and running. For this reason, we have compiled the list of 18 most commonly used command line tools that will help every Linux/Unix system administrator. These command line tools can be used in various Linux systems to monitor and find the causes of performance problems. This command line tool list provides enough tools for you to select a tool suitable for your monitoring scenario.
1. Top-Linux Process Monitoring
The Top command in Linux is a performance monitoring program. Many System Administrators often use it to monitor Linux performance. This command is available in many Linux or Unix-like operating systems. The Top command is used to display all running and Active Real-Time Processes in a certain order, and regularly update the display results. This command displays the CPU usage, memory usage, swap memory usage, Cache Usage, buffer usage, process PID, commands used, and others. It can also display the memory and CPU usage of running processes. For the system administrator, the top command is very useful. It can be used to monitor the system and take correct actions when necessary. Let's take a look at the top command in practice.
Top Command example
For more examples of Top commands, see the following 12 examples of using Top commands in Linux.
2. VmStat-Virtual Memory statistics
The VmStat command in Linux is used to display statistics of virtual memory, kernel threads, disks, system processes, I/O blocks, interruptions, and CPU activity. By default, the vmstat command is unavailable in Linux. You need to install a sysstat package containing the vmstat program. Common usage of command format is:
# vmstatprocs -----------memory---------- ---swap-- -----io---- --system-- -----cpu----- r b swpd free inact active si so bi bo in cs us sy id wa st 1 0 0 810420 97380 70628 0 0 115 4 89 79 1 6 90 3 0
For more examples of vmstat, see Vmstat command instances in Linux 6.
3. Lsof-list opened files
In many Linux or Unix-like systems, lsof commands are commonly used to display all open files and processes in a list. Open files include disk files, network sockets, pipelines, devices, and processes. One of the main cases of using this command is when the disk cannot be mounted and an error message is displayed that is in use or a file is opened. Using this command, you can easily see which file is being used. The most common format of this command is as follows:
# lsofCOMMAND PID USER FD TYPE DEVICE SIZE NODE NAMEinit 1 root cwd DIR 104,2 4096 2 /init 1 root rtd DIR 104,2 4096 2 /init 1 root txt REG 104,2 38652 17710339 /sbin/initinit 1 root mem REG 104,2 129900 196453 /lib/ld-2.5.soinit 1 root mem REG 104,2 1693812 196454 /lib/libc-2.5.soinit 1 root mem REG 104,2 20668 196479 /lib/libdl-2.5.soinit 1 root mem REG 104,2 245376 196419 /lib/libsepol.so.1init 1 root mem REG 104,2 93508 196431 /lib/libselinux.so.1init 1 root 10u FIFO 0,17 953 /dev/initctl
For more information about the usage and examples of lsof commands, see 10 examples of lsof commands in Linux.
4. Tcpdump-network package analyzer
Tcpdump is one of the most widely used network packet analyzer or package monitoring programs. It is used to capture or filter TCP/IP packets received or transmitted on a specified interface on the network. It also has an option to save the captured package to the file for later analysis. Tcpdump can be used in almost all major Linux releases.
# tcpdump -i eth0tcpdump: verbose output suppressed, use -v or -vv for full protocol decodelistening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes22:08:59.617628 IP tecmint.com.ssh > 22.214.171.124.static-mumbai.vsnl.net.in.28472: P 2532133365:2532133481(116) ack 3561562349 win 964822:09:07.653466 IP tecmint.com.ssh > 126.96.36.199.static-mumbai.vsnl.net.in.28472: P 116:232(116) ack 1 win 964822:08:59.617916 IP 188.8.131.52.static-mumbai.vsnl.net.in.28472 > tecmint.com.ssh: . ack 116 win 64347
For more information about tcpdump usage, see 12 examples of using Tcpdump commands in Linux.
5. Netstat-network status statistics
Netstat is a command line tool used to monitor inbound and outbound packets and network interface statistics. It is a very useful tool that the system administrator can use to monitor network performance, locate and solve network problems.
# netstat -a | moreActive Internet connections (servers and established)Proto Recv-Q Send-Q Local Address Foreign Address Statetcp 0 0 *:mysql *:* LISTENtcp 0 0 *:sunrpc *:* LISTENtcp 0 0 *:realm-rusd *:* LISTENtcp 0 0 *:ftp *:* LISTENtcp 0 0 localhost.localdomain:ipp *:* LISTENtcp 0 0 localhost.localdomain:smtp *:* LISTENtcp 0 0 localhost.localdomain:smtp localhost.localdomain:42709 TIME_WAITtcp 0 0 localhost.localdomain:smtp localhost.localdomain:42710 TIME_WAITtcp 0 0 *:http *:* LISTENtcp 0 0 *:ssh *:* LISTENtcp 0 0 *:https *:* LISTEN
For more examples of Netstat, see 20 examples of using the Netstat command in Linux.
6. Htop-Linux Process Monitoring
Htop is a very advanced interactive real-time linux Process Monitoring Tool. It is very similar to the top command, but it has more features, such as user-friendly management of processes, shortcut keys, vertical and horizontal display processes and so on. Htop is a third-party tool that is not included in the linux system. You need to install it using the YUM package management tool. For more information about installation, see the following.
Htop command example
For Htop installation, read: Install Htop in Linux (Linux Process Monitoring)
7. Iotop-Linux disk monitoring I/O
The Iotop command is also very similar to the top command and Htop program, but it has the function of monitoring and displaying real-time disk I/O and process statistics. This tool is useful when searching for specific processes and using a large number of disk read/write processes.
For information about how to install and use Iotop, see install iotop in Linux.
8. Iostat-input/output statistics
Iostat is a simple tool for collecting and displaying input and output status statistics of system storage devices. This tool is often used to track the performance of storage devices, including devices, local disks, and remote disks such as NFS.
# iostatLinux 2.6.18-238.9.1.el5 (tecmint.com) 09/13/2012avg-cpu: %user %nice %system %iowait %steal %idle 2.60 3.65 1.04 4.29 0.00 88.42Device: tps Blk_read/s Blk_wrtn/s Blk_read Blk_wrtncciss/c0d0 17.79 545.80 256.52 855159769 401914750cciss/c0d0p1 0.00 0.00 0.00 5459 3518cciss/c0d0p2 16.45 533.97 245.18 836631746 384153384cciss/c0d0p3 0.63 5.58 3.97 8737650 6215544cciss/c0d0p4 0.00 0.00 0.00 8 0cciss/c0d0p5 0.63 3.79 5.03 5936778 7882528cciss/c0d0p6 0.08 2.46 2.34 3847771 3659776
For more information about iostat usage and examples, see six examples of using the iostat command in Linux.
9. IPTraf-real-time lan ip monitoring
IPTraf is an open-source real-time network lan monitoring application running on the Linux console. It collects a large amount of information, such as network IP traffic monitoring, including TCP tag, ICMP details, TCP/UDP traffic separation, TCP connection packets, and number of nodes. It also collects common information and details about the interface status: TCP, UDP, IP, ICMP, non-IP, IP checksum and error, and interface activity.
IP traffic monitoring
For more information about IPTraf usage, see IPTraf network monitoring tool.
10. psacct or acct-monitor user activity
The psacct or acct tool is used to monitor the activity status of each user in the system. These two service processes run in the background, which closely monitors all activities of each user running on the system, and also monitors the resources used by these activities.
The system administrator can use these two tools to track the activities of each user, such as what the user is doing, what commands they have submitted, and how many resources they have used, how long have they been on the system.
For installation and usage examples of these commands, see the article: Use psacct or acct to monitor user activities.
11. Monit-Linux Process and service monitoring tools
Monit is a free open-source software and a network-based process monitoring tool. It automatically monitors and manages system processes, programs, files, folders, permissions, sum verification codes, and file systems.
This software monitors services such as Apache, MySQL, Mail, FTP, ProFTP, Nginx, and SSH. You can view the system status through the command line or the network excuse provided by the software.
Monit Linux System Monitoring
For more information, see monitor Linux processes with Monit.
12. NetHogs-monitor the network bandwidth used by each process
NetHogs is a very small program with open source code similar to the top command in Linux), which closely monitors the network activity of each process on the system. It also tracks the real-time network bandwidth used by each program or application.
NetHogs: Linux bandwidth monitoring
For more information, see use NetHogs to monitor Linux network bandwidth usage.
13. iftop-monitoring network bandwidth
Iftop is another open-source system monitoring application running on the console. It displays the list of application network bandwidth on the system using the source host or target host through network interfaces. This list is updated on a regular basis. Iftop is used to monitor network usage, while top is used to monitor CPU usage. Iftop is a member of the 'top' tool series. It is used to monitor the selected interface and display the current network bandwidth usage between two hosts.
Iftop-monitoring network bandwidth
For more information, see iftop-monitoring network bandwidth usage.
14 Monitorix-system and network monitoring
Monitorix is a free lightweight application tool designed to run and monitor Linux/Unix server systems and resources. It has an HTTP network server which regularly collects system and network information and displays it in a graphical form. It monitors the average load and usage of the system, memory allocation, disk health status, system services, network ports, mail statistics Sendmail, Postfix, Dovecot, etc.), MySQL statistics, and so on. It is used to monitor the overall performance of the system and help identify errors, bottlenecks, and abnormal activities.
15. Arpwatch-Ethernet activity monitor
Arpwatch is designed to monitor ethernet address resolution on Linux (changes in MAC and IP addresses ). He continuously monitors Ethernet activity for a period of time and outputs logs of paired changes of IP and MAC addresses. It can also send email notifications to the Administrator to warn about the addition and modification of address pairs. This is useful for detecting ARP attacks on the network.
For more information, see Arpwatch to Monitor Ethernet Activity.
16. Suricata-Network Security Monitoring
Suricata is an open-source high-performance network security, intrusion detection, and anti-monitoring tool that runs on Linux, FreeBSD, and Windows. The non-profit organization OISF (Open Information Security Foundation) is developed and copyrighted.
For more information, see Suricata-A Network Intrusion Detection and Prevention System.
17. VnStat PHP-network traffic monitoring
VnStat PHP is a web-based front-end rendering of the popular network tool "vnstat. VnStat PHP displays network usage in a beautiful graphic interface. It displays the upload and download traffic by hour, day, and month, and outputs the summary report.
For more information, see VnStat PHP-Monitoring Network Bandwidth.
18. Nagios-Network/Server monitoring
Nagios is a leading and powerful open-source monitoring system that allows network/system administrators to discover and solve problems before they affect normal services. With Nagios, administrators can remotely detect Linux, Windows, switches, routers, and printers in a Single Window. It can warn and identify system/Server exceptions, which indirectly helps you to take rescue measures before the problem occurs.
For more information, see Install Nagios Monitoring System to Monitor Remote Linux/Windows Hosts
We want to know: what monitoring program are you using to monitor the performance of Linux servers? If we miss the tool you think is important, please let us know in the comments and don't forget to share it!
18 Command Line Tools to Monitor Linux Performance