Linux Transport Koriyuki Analysis system load and operation status

1. Delete a 0-byte file

0 -exec rm-rf {} \;

2. View the process

#按内存从大到小排列-E   "%c   :%p:%z:%a"|sort-k5-nr

3. By CPU utilization from large to small arrangement

Ps-e   "%c   :%p:%z:%a"|sort   -nr

4. Print out the URL in the cache

Grep-r-a   jpg/data/cache/*  | strings | grep "http:" | Awk-f ' http: ' {print ' http: ' $ ';} '

5. View the number of concurrent requests for HTTP and their TCP connection status:

' /^tcp/{++s[$NF]} END {for (a in S) print A, S[a]} '

6. Disable Root Login

' /root/s/no/yes/ ' /etc/ssh/sshd_config   #sed在这个文里Root的一行, match the root line and replace no with Yes.

7. Kill the MySQL process

PS aux |grep mysql |grep-v grep  '{print $}' |xargs Kill-9-- 9 ' cat/usr/local/apache2/logs/httpd.pid '   #查杀进程PID  Note: kill-9 big trick, use with caution, Will cause MySQL to fail to boot and other conditions

8. Display services that run level 3 open

-

9. Write the shell to enter multiple messages, using EOF

Cat <<  ############################## #EOF

10. Size of memory

" Mem " ' {print $} '

11. View the number of connections according to the port

" : " ' {printf "%s%s\n", $5,$6} ' | Sort

12. View the number of concurrent requests for Apache and its TCP connection status

' /^tcp/{++s[$NF]} END {for (a in S) print A, S[a]} '

13. Count the size of all JPG files under the server

' {print $} ' ' {A+=$1}end{print A} '

14, the number of CPUs

Cat/proc/cpuinfo |grep-c Processor

15, System log, hardware and Network Load view

 #cpu负载cat/proc/loadavg #检查前三个输出值是否超过了系统逻辑CPU的4倍. Mpstat1 1              #检查%idle is too low (for example, less than 5% )#内存空间 (free)cat/proc/meminfo #检查free值是否过低 #swap空间vmstat1 5 #检查swap If the used value is too high, if the swap used value is too high, further check if the swap action is frequent, and see if the SI and so values are large #磁盘空间DF-H#检查是否有分区使用率 (use%) is too high (for example, more than 90% ); #如发现某个分区空间接近用尽, you can go to the mount point of the partition and use the following command to find the file or directory that occupies the most space:du-cks * | Sort-rn | Head-nTen#磁盘I/ o load iostat-X1 2    #检查I/O Utilization (%util) is more than 100% #网络负载SAR-N DEV#检查网络流量 (rxbyt/s, txbyt/ s) is too high #网络错误netstat-I.#检查是否有网络错误 (drop FIFO colls carrier), or you can use the command: cat/proc/net/ Dev#网络连接数目netstat-an | Grep-e "^ (TCP)" | Cut-c the- | Sort | uniq-c | Sort-n#进程总数PS aux| WC-l #检查进程个数是否正常 #可运行进程数目vmwtat1 5 #列给出的是可运行进程的数目, check whether it exceeds the system logical CPU by 4 times times #进程Top-id1 #观察是否有异常进程出现 #系统日志cat/var/log/rflogview/*Errors  Check if there is an exception error record can also search for some exception keywords, for example:grep-i error/var/log/messagesgrep-i fail/var/log/messages# Core log dmesg #检查是否有异常错误记录 #打开文件数目lsof | Wc-l #检查打开文件总数是否过多 #日志报告logwatch–print #配置/etc/log.d/logwatch.conf, set the Mailto to their E Mail address, start the mail service (sendmail or postfix) so that you can receive log reports every day. The default Logwatch only reports yesterday's log, and you can use # Logwatch–print–range all to get all the log analysis results. You can use # Logwatch–print–detail high to get more specific log analysis results (not just error logs). 

16. Kill 80 Port related processes

Lsof-i: 80|grep-v "PID" |awk ' {print ' kill-9 ', $ $} ' |sh

17. Clear Zombie Process
Ps-eal | awk ' {if ($ = = "Z") {print $4}} ' | Kill-9

18, Tcpdump grab packet, used to prevent the 80 port can be analyzed when the data is attacked.

Tcpdump-c 10000-i eth0-n DST port >/root/pkts

19. Then check the number of repetitions of IP and from small to large note that the middle of "-t\ +0" is two spaces

Less Pkts | awk {' printf $ ' \ n '} | Cut-d.-F 1-4 | Sort | uniq-c | awk {' printf $ ' "" $ "\ n"} | Sort-n-t\ +0

20. See how many php-cgi processes are active

NETSTAT-ANP | grep php-cgi | grep ^tcp | Wc-l
Chkconfig--list | awk ' {if ($5== "3:on") print '} '

21. Kudzu View NIC Model

Kudzu--probe--class=network

Note: On-line regular expressions

Http://tool.oschina.net/regex

Http://tools.jb51.net/regex/create_reg

Linux Transport Koriyuki Analysis system load and operation status