One, W command
The most commonly used command for Linux administrators is this w, which shows a pretty rich message. The first line starts from the left to show the following information: time, System uptime, number of logged on users, average load .
The second line starts with all of the following lines, telling us what users are currently logged on to, and where they are logged in, and so on. In fact, what we should be most concerned about in this information is the three values behind the ' Load average: ' In the first line.
The first value represents the average load value of the system within 1 minutes;
The second value represents the average load value of the system within 5 minutes;
The third value represents the average load value for a 15-minute system.
The meaning of these values is the number of CPU active processes per unit time period. Of course, the larger the value, the greater the pressure on your server. In general, this value as long as the number of servers does not have a relationship, if the number of servers CPU is 8, then this value if less than 8, the current server is no pressure, otherwise it will pay attention to.
So how do we look at the number of CPU cores ?
# cat /proc/cpuinfo
The processor count here starts at 0, which means that a display is 0 and two shows 1.
To see how many CPUs the current system has, we can use this command:
grep -c ‘processor‘ /proc/cpuinfo
Second, Vmstat command: Monitor the status of the system
The meaning of the Vmstat command is to display the virtual memory status ("Viryual memor Statics"), but it can report on the overall operational state of the system, such as process, memory, I/O, etc.
Command options:
-A: Displays the active inside page;
-F: Shows the total number of processes created after startup;
-M: Display slab information;
-N: Header information is displayed only once;
-S: Displays event counters and memory status in tabular format;
-D: report disk status;
-P: Displays the specified hard disk partition status;
-S: The unit of output information.
Specific usage:
# vmstat //显示当前系统状态# vmstat 2 //每隔2秒输出一次运行状态,可以是其他任意数值,ctrl+c终止# vmstat 2 5 //每隔2秒输出一次运行状态,输出5次后终止
The results of the Vmstat command print are divided into 6 parts: procs, memory, swap, IO, system, CPU. Please focus on the columns R, B, Si, so, bi, Bo, WA.
Procs displays information about the process:
R (Run): Indicates the number of processes running or waiting for CPU time slices. Description: Do not mistakenly think that waiting for the CPU time slice means that the process is not going, in fact, a CPU can only have one process at a time, the other processes can only queue waiting, at this time, these waiting for CPU resources of the process is still running state. If the value is longer than the number of server CPUs, the CPU resources are insufficient.
B (Block): Represents the number of processes waiting for a resource, which refers to I/O, memory, and so on. For example: when the disk reads and writes very frequently, writes the data to be very slow, at this time the CPU computation very quickly completes, but the process needs to write the result of the computation to the disk, so the process task is completed, then this process only then slowly waits, so this process is this B state. If the value is greater than 1 for a long time, you need to look at it.
Memory displays information about the RAM:
SWPD: Represents the amount of memory that is switched to the swap partition, in kilobytes.
Free: Indicates the amount of memory currently idle in kilobytes.
Buff: Represents the buffer size (to be written to disk) in kilobytes.
Cache: Represents the buffer size (read from disk) in kilobytes.
Swap shows the swap of memory:
Si: Represents the amount of data written to memory by the swap, in kilobytes.
So: Represents the amount of data written to the swap area by memory, in kilobytes.
IO Displays the usage of the disk:
BI: Represents the amount of data read from a block device (read disk) in kilobytes.
Bo: Represents the amount of data written from a block device (write disk), in kilobytes.
The system displays the number of interrupts that occurred during the acquisition interval:
In: Indicates the number of interrupts per second that were observed at a certain time interval.
CS: Indicates the number of context switches produced per second.
CPU Displays CPU usage status:
US: Displays the percentage of time that the user spends on the CPU.
Sy: Displays the percentage of time the system spends on the CPU.
ID: Indicates the percentage of time that the CPU is idle.
WA: Represents the percentage of time that I/O waits for the CPU consumed.
ST: Represents the percentage of stolen CPUs (typically 0, no concern)
Each of the parameters described above often focuses on the R column, column B, and WA columns, and the meaning of the three columns represented above is clearly stated above. The IO part of BI and Bo is also an object to refer to frequently. If the disk IO pressure is large, the values of these two columns will be higher. In addition, when the values of the SI, so two columns are high and changing, the memory is not enough and the data in memory is exchanged frequently to the swap partition, which often has a great impact on the system performance.
Top command: Displays the system resources that the process occupies
This command is used to dynamically monitor the system resources that the process takes, changing every 3 seconds. This command is characterized by putting the highest processes that occupy system resources (CPU, memory, disk IO, and so on) to the front. The top command prints a lot of information, including system load (Loadaverage), Number of processes (Tasks), CPU usage, memory usage, and swap partition usage. Specific each field meaning reference: http://man.linuxde.net/top
In these state messages, the value that needs attention is the load Average,tasks,%cpu,%mem,command.
Res represents the amount of memory that the process consumes.
The shift+m represents the sort by memory usage.
The shift+p represents the sort by CPU usage.
By the number 1, you can list the consumption per CPU.
The TOP-C displays detailed process information.
TOP-BN1 displays all processes statically.
Q Exit.
Kill+pid Kill the process.
Iv. SAR command: Monitor system Status
The SAR command is powerful and can monitor all of the system's resource states, such as the average load, network card traffic, disk status, memory usage, and so on. It differs from other system status monitoring tools in that it can print historical information that can display the system status information from 0 o'clock to the current time of the day. If your system does not have this command installed, please use the yum install-y sysstat command. The initial use of the SAR command will be an error, because the SAR tool has not generated the corresponding database files (monitoring will not be at all, because not to query the library file). Its database file is stored in the "/var/log/sa/" directory and is saved for one months by default. SAR commands are complex, here are two simple aspects, the use of SAR commands can sar-h get help, or refer to: Http://man.linuxde.net/sar
1) View network card traffic
# sar -n DEV
IFACE: Indicates the device name.
RXPCK/S: Indicates the number of packets per second entered into the collection.
TXPCK/S: Indicates the number of packets per second that are sent to Izumo.
RXKB/S: Represents the amount of data collected per second in kilobytes (KB).
TXKB/S: Indicates the amount of data sent per second.
The rest of the columns do not need to be followed. If one day you manage the server drops is very serious, then you should look at this network card traffic is abnormal, if rxpck/s that column value is greater than 4000, or rxbyt/s that column greater than 5,000,000 is likely to be attacked, The normal server NIC traffic will not be higher than this, unless you are copying the data yourself.
2) Real-time view of network card traffic
# sar -n DEV 2 5 //每隔2秒输出一次网卡流量状态,5次后终止
3) Use the-F option to view the network card traffic history for a given day, followed by the file name. (in Red Hat or CentOS release, the SAR library file must be in the/var/log/sa/directory of the Saxx directory, XX represents the date )
4) View historical load
V. nload command: View network card traffic
Although the SAR can see the network card traffic, but not intuitive, there is a better tool, that is nload.
Install Nload:
#yum install -y epel-release //先安装扩展源#yum install -y nload //因为nload依赖于epel-release。
Input nload:
The incoming is the traffic that enters the NIC.
Outgoing the traffic that goes out for the NIC.
The main concern of Curr that row of data, its units can also be dynamically adjusted automatically.
Press Q to exit the interface.
Linux daily management Tips (1): W,top,vmstat,sar command