Linux host network traffic monitoring ifstat

Linux host network traffic monitoring ifstat
Ifstat is used in this monitoring program. Installation Method reference:
Http://man.linuxde.net/ifstat
1. Download
Http://gael.roualland.free.fr/ifstat/ (Official Website) wget http://gael.roualland.free.fr/ifstat/ifstat-1.1.tar.gz
From: http://man.linuxde.net/ifstat
You can also download the file in a browser and use secureCRT to upload the file;
2. Installation
Tar -xzv1_stat-1.1.tar.gz, configure, make, and make install
3. write scripts

1. [Root @ localhost tools] # cat nic. sh
   
2. #! /Bin/bash
   
3. Start (){
   
4. /Opt/tools/ifstat_install/bin/ifstat-I eth1-t>/opt/tools/nic. log &
   
5. While [1-eq 1]
   
6. Do
   
7. Date + % F \ % T>/opt/tools/nic. log
   
8. Sleep 86400
   
9. Done
   
10. }
    
11. 
    
12. Stop (){
    
13. # If stay here, kill ifstat, sleep not execute.
    
14. # Echo 'Kill nic. sh :'
    
15. # Ps-ef | grep nic | grep-v grep | awk '{print $2}' | while read pid1
    
16. # Do
    
17. # Kill-9 $ pid1
    
18. # Echo $ pid1
    
19. # Done
    
20. 
    
21. Echo 'Kill ifstat :'
    
22. Ps-ef | grep ifstat | grep-v grep | awk '{print $2}' | while read pid2
    
23. Do
    
24. Kill-9 $ pid2
    
25. Echo $ pid2
    
26. Done
    
27. 
    
28. Echo 'Kill sleep :'
    
29. Ps-ef | grep sleep | grep-v grep | awk '{print $2}' | while read pid3
    
30. Do
    
31. Kill-9 $ pid3
    
32. Echo $ pid3
    
33. Done
    
34. 
    
35. 
    
36. Echo 'Kill nic. sh :'
    
37. Ps-ef | grep nic | grep-v grep | awk '{print $2}' | while read pid1
    
38. Do
    
39. Kill-9 $ pid1
    
40. Echo $ pid1
    
41. Done
    
42. }
    
43. Case $1 in
    
44. Start)
    
45. Start
    
46. ;;
    
47. Stop)
    
48. Stop
    
49. ;;
    
50. *)
    
51. Printf 'Please input start | stop! \ N'
    
52. Exit 1
    
53. ;;
    
54. Esac
    
55. 
    
56. # Select process:
    
57. # Ps-ef | awk '/nic/|/ifstat/|/sleep/{print }'
    
58. [Root @ localhost tools] #./nic. sh start &

Run the following three times to view the process:

1. [Mcbadm @ loophole-scan ~] $ Ps-ef | awk '/nic/|/ifstat/|/sleep/{print }'
   
2. Mcbadm 13472 12803 0 00:00:00 pts/1/bin/bash./nic. sh start
   
3. Mcbadm 13473 13472 0 00:00:00 pts/1/opt/proxy_security/ifstat_install/bin/ifstat-I eth0-t
   
4. Mcbadm 13475 13472 0 00:00:00 pts/1 sleep 8640
   
5. Mcbadm 13476 12803 0 00:00:00 pts/1/bin/bash./nic. sh start
   
6. Mcbadm 13477 13476 0 00:00:00 pts/1/opt/proxy_security/ifstat_install/bin/ifstat-I eth0-t
   
7. Mcbadm 13479 13476 0 00:00:00 pts/1 sleep 8640
   
8. Mcbadm 13480 12803 0 00:00:00 pts/1/bin/bash./nic. sh start
   
9. Mcbadm 13481 13480 0 00:00:00 pts/1/opt/proxy_security/ifstat_install/bin/ifstat-I eth0-t
   
10. Mcbadm 13483 13480 0 00:00:00 pts/1 sleep 8640
    
11. Mcbadm 13485 12803 0 00:00:00 pts/1 awk/nic/|/ifstat/|/sleep/{print}
    
12. [Mcbadm @ loophole-scan ~] $

I don't know why. I need to execute two stop operations to shut down all processes. Otherwise, there will be several sleep processes. The parent process IDs of these sleep processes are the same as those of ifstat.

# One day is 86400 seconds, because the default ifstat-t can only display the hour, minute, and second, but cannot display the date, because I want to see the specific time, so that's the case.
Then, you can regularly analyze the nic. log File to view the traffic of the nic.
You can also write while for kill: # ps-ef | grep nic | grep-v grep | awk '{print $2}' | xargs-I kill-9 {}
There is a strange phenomenon: When I write the kill nic statement in front, the stop statement can only execute the kill nic statement block, and the next two kill ifstat and kill sleep cannot be executed, if the kill nic is deleted, the last two can be normally executed. After the pid is printed, it is found that if the kill nic is put in front, two invalid PIDs are output, finally, you can put the kill nic behind kill ifstat and kill sleep.