For system and network administrators, it is a heavy task to monitor and debug the performance of Linux systems on a daily basis. After 5 years working as an administrator in the IT field as a Linux system, I gradually realized how difficult it was to monitor and keep the system up and running. For this reason, we have written a list of the 18 most commonly used command-line tools that will help each Linux/unix system administrator work. These command-line tools can be used under a variety of Linux systems and can be used to monitor and find the cause of performance problems. This list of command-line tools provides enough tools to pick and choose the tools for your monitoring scenario.
1.top-linux Process Monitoring
The top command under Linux is a performance Monitor that many system administrators often use to monitor Linux performance, and this command is available in many Linux or Unix-like operating systems. The top command is used to display all live processes that are running and active in a certain order, and the display results are updated periodically. This command shows CPU usage, memory usage, swap memory usage size, cache usage size, buffer usage size, process PID, commands used, and more. It can also show the memory and CPU usage of the running process. For system administrators, the top command is a very useful one that can be used to monitor the system and take the correct processing action when needed. Let's take a look at the top command in action.
# top
Top command example
For more examples of Top command, please read: 12 examples of using Top command under Linux.
2. VmStat-virtual memory statistics
The VmStat command for Linux is used to display statistics for virtual memory, kernel threads, disks, system processes, I / O blocks, interrupts, CPU activity, and more. By default, the vmstat command is not available on Linux systems. You need to install a sysstat package that contains the vmstat program. Common uses of the command format are:
# vmstat
procs ----------- memory ---------- --- swap-- ----- io ---- --system-- ----- cpu -----
r b swpd free inact active si so bi bo in cs us sy id wa st
1 0 0 810420 97380 70628 0 0 115 4 89 79 1 6 90 3 0
For more vmstat examples, please read: 6 Examples of Vmstat Commands in Linux
3.Lsof- list open files
The lsof command is available on many Linux or Unix-like systems. It is often used to display all open files and processes in a list. Open files include disk files, network sockets, pipes, devices, and processes. One of the main situations when using this command is when the disk cannot be mounted and an error message is displayed that a file is in use or opened. With this command, you can easily see which file is being used. The most commonly used format for this command is as follows:
# lsof
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
init 1 root cwd DIR 104,2 4096 2 /
init 1 root rtd DIR 104,2 4096 2 /
init 1 root txt REG 104,2 38652 17710339 / sbin / init
init 1 root mem REG 104,2 129900 196453 /lib/ld-2.5.so
init 1 root mem REG 104,2 1693812 196454 /lib/libc-2.5.so
init 1 root mem REG 104,2 20668 196479 /lib/libdl-2.5.so
init 1 root mem REG 104,2 245376 196419 /lib/libsepol.so.1
init 1 root mem REG 104,2 93508 196431 /lib/libselinux.so.1
init 1 root 10u FIFO 0,17 953 / dev / initctl
For more information on the usage and examples of lsof command, please refer to: 10 examples of using lsof command under Linux.
4.Tcpdump-Network Packet Analyzer
Tcpdump is one of the most widely used network packet analyzers or packet monitoring programs. It is used to capture or filter TCP / IP packets received or transmitted on specified interfaces on the network. It also has an option to save the captured package to a file for later analysis. Tcpdump is available in almost all major Linux distributions.
# tcpdump -i eth0tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
22: 08: 59.617628 IP tecmint.com.ssh> 115.113.134.3.static-mumbai.vsnl.net.in.28472: P 2532133365: 2532133481 (116) ack 3561562349 win 9648
22: 09: 07.653466 IP tecmint.com.ssh> 115.113.134.3.static-mumbai.vsnl.net.in.28472: P 116: 232 (116) ack 1 win 9648
22: 08: 59.617916 IP 115.113.134.3.static-mumbai.vsnl.net.in.28472> tecmint.com.ssh:. Ack 116 win 64347
For more information on tcpdump usage, see: 12 Examples of Using Tcpdump Commands on Linux.
5.Netstat- network status statistics
Netstat is a command-line tool for monitoring incoming and outgoing network packets and network interface statistics. It is a very useful tool that system administrators can use to monitor network performance, locate and resolve network related issues.
# netstat -a | moreActive Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *: mysql *: * LISTEN
tcp 0 0 *: sunrpc *: * LISTEN
tcp 0 0 *: realm-rusd *: * LISTEN
tcp 0 0 *: ftp *: * LISTEN
tcp 0 0 localhost.localdomain: ipp *: * LISTEN
tcp 0 0 localhost.localdomain: smtp *: * LISTEN
tcp 0 0 localhost.localdomain: smtp localhost.localdomain: 42709 TIME_WAIT
tcp 0 0 localhost.localdomain: smtp localhost.localdomain: 42710 TIME_WAIT
tcp 0 0 *: http *: * LISTEN
tcp 0 0 *: ssh *: * LISTEN
tcp 0 0 *: https *: * LISTEN
For more examples of Netstat, see: 20 Examples of Using Netstat Commands on Linux.
6. Htop-Linux Process Monitoring
Htop is a very advanced interactive real-time linux process monitoring tool. It is very similar to the top command, but it has richer features, such as user-friendly management of processes, shortcut keys, vertical and horizontal display of processes, and so on. Htop is a third-party tool. It is not included in the Linux system. You need to use the YUM package management tool to install it. For more information on installation, read below.
# htop
Htop command example
For Htop installation, read: Installing Htop on Linux (Linux Process Monitoring)
7.Iotop- Monitor Linux Disk I / O
The Iotop command is also very similar to the top command and Htop program, but it has the statistics function of monitoring and displaying real-time disk I / O and processes. This tool is very useful when looking for specific processes and making heavy use of disk read and write processes.
# iotop
Iotop Command Examples For information on how to install and use iotop, read: Installing Iotop on Linux.
8.Iostat-input / output statistics
Iostat is a simple tool for collecting statistics on the input and output status of storage devices in a system. This tool is often used to track performance issues with storage devices, including devices, local disks, and remote disks such as those using NFS.
# iostat
Linux 2.6.18-238.9.1.el5 (tecmint.com) 09/13/2012
avg-cpu:% user% nice% system% iowait% steal% idle
2.60 3.65 1.04 4.29 0.00 88.42
Device: tps Blk_read / s Blk_wrtn / s Blk_read Blk_wrtn
cciss / c0d0 17.79 545.80 256.52 855159769 401914750
cciss / c0d0p1 0.00 0.00 0.00 5459 3518
cciss / c0d0p2 16.45 533.97 245.18 836631746 384153384
cciss / c0d0p3 0.63 5.58 3.97 8737650 6215544
cciss / c0d0p4 0.00 0.00 0.00 8 0
cciss / c0d0p5 0.63 3.79 5.03 5936778 7882528
cciss / c0d0p6 0.08 2.46 2.34 3847771 3659776
For more information about iostat usage and examples, please visit: 6 examples of using iostat command under Linux.
9.IPTraf-Real-time LAN IP Monitoring
IPTraf is an open source real-time network (LAN) monitoring application running on a Linux console. It collects a lot of information, such as IP traffic monitoring through the network, including TCP flags, ICMP details, TCP / UDP traffic separation, TCP connection packets, and number of bytes. It also collects common information and detailed information about the interface status: TCP, UDP, IP, ICMP, non-IP, IP checksum error
Errors, interface activity, etc.
IP traffic monitoring
For IPTraf tool usage and more, please visit: IPTraf Network Monitoring Tool.
10.psacct or acct-monitor user activity
The psacct or acct tool is used to monitor the activity of each user in the system. These two service processes run in the background. They closely monitor all the activities of each user running on the system, and also monitor the resources used by these activities.
System administrators can use these two tools to track the activities of each user, such as what the user is doing, what commands they have submitted, how much resources they have used, how long they have been on the system, and so on.
For examples of the installation and usage of these commands, see the article: Using psacct or acct to monitor user activity.
11.Monit-Linux process and service monitoring tool
Monit is a free open source software and a web-based process monitoring tool. It can automatically monitor and manage system processes, programs, files, folders, permissions, sum codes and file systems.
This software can monitor services like Apache, MySQL, Mail, FTP, ProFTP, Nginx, SSH. You can check the system status through the command line or the network excuse provided by this software.
Monit Linux system monitoring
Read more: Monitoring Linux Processes with Monit
12.NetHogs- monitor the network bandwidth used by each process
NetHogs is a small open source program (similar to the top command under Linux) that closely monitors the network activity of each process on the system. It also tracks the real-time network bandwidth used by each program or application.
NetHogs: Bandwidth Monitoring under Linux
For more information, see: Using NetHogs to Monitor Linux Network Bandwidth Usage.
13.iftop- monitor network bandwidth
iftop is another open source system monitoring application running on the console. It displays a list of application network bandwidth usage (source host or destination host) on the system through the network interface. This list is updated regularly. iftop is used to monitor network usage, and 'top' is used to monitor CPU usage. iftop is a member of the 'top' tool series, which monitors the selected interface and displays the current network bandwidth usage between the two hosts.
iftop- monitor network bandwidth
For more information see: iftop-monitoring network bandwidth usage.
14 Monitorix-System and Network Monitoring
Monitorix is a free lightweight application tool designed to run and monitor Linux / Unix server systems and resources. It has an HTTP web server, which regularly collects system and network information and displays it in a graphical form. It monitors the average load and usage of the system, memory allocation, disk health, system services, network ports, mail statistics (Sendmail, Postfix, Dovecot, etc.), MySQL statistics, and more. It is used to monitor the overall performance of the system, helping to identify errors, bottlenecks and abnormal activity.
15. Arpwatch-Ethernet Activity Monitor
Arpwatch is designed to monitor Ethernet address resolution (changes in MAC and IP addresses) on Linux. He continuously monitors Ethernet activity for a period of time and outputs a log of IP and MAC address pairing changes. It can also send email notifications to administrators to warn about changes to address matching. This is useful for detecting ARP attacks on the network.
For more information see: Arpwatch to Monitor Ethernet Activity
16. Suricata-Network Security Monitoring
Suricata is an open source, high-performance network security, intrusion detection and anti-monitoring tool that runs on Linux, FreeBSD, and Windows. OISF (Open Information Security Foundation) is a non-profit organization that develops and owns copyright.
For more information see: Suricata – A Network Intrusion Detection and Prevention System
17. VnStat PHP-network traffic monitoring
VnStat PHP is a web-based front-end rendering of the popular web tool "vnstat". VnStat PHP presents network usage in a beautiful graphical interface. He can display upload and download traffic in hours, days and months and output summary reports.
For more information see: VnStat PHP – Monitoring Network Bandwidth
18. Nagios-Network / Server Monitoring
Nagios is a leading and powerful open source monitoring system that allows network / system administrators to discover and resolve issues before they impact normal business. With Nagios, administrators can remotely detect Linux, Windows, switches, routers, and printers in a single window. It can warn of danger and indicate if there is something abnormal on the system / server, which can indirectly help you take rescue measures before the problem occurs.
For more information see: Install Nagios Monitoring System to Monitor Remote Linux / Windows Hosts
We want to know: What monitoring program are you using to monitor the performance of your Linux server? If we missed a tool you thought was important above, let us know in the comments and don't forget to share it!
18 command-line tools to monitor Linux performance