Several Linux system monitoring tools required by the administrator

Need to monitor Linux server system performance? Try these tools built in or attached to the system below. Most Linux distributions are equipped with a large number of monitoring tools. These tools provide metrics that can be used to obtain relevant information and system activities. You can use these tools to discover possible causes of performance problems. The tools discussed here are just some of the most basic tools for analyzing and debugging the server under the problem. 1. Identify bottlenecks 2. Hard disk (storage) bottleneck 3.CPU and Memory bottlenecks 4. Network bottlenecks #1: top-process activity Top provides a real-time, dynamic view of the current running system, which is the running process. By default, displays the task with the highest CPU utilization in the system and refreshes every 5 seconds. Figure 01. Linux Top Command Common hotkeys Hotkey Use T Displays the summary information switch. M Displays the memory information switch. A Classification shows the large use of different resources of the system. Helps to quickly identify tasks that are resource-intensive in your system. F Add deletes the fields you want to display. O Adjusts the order in which you want to display the fields. R Adjusts the nice value of a running process. K Ends a running process. Z Color/black and white display switch #2: Vmstat-system activity, hardware and system Information Use the Vmstat command to get information about processes, memory, memory paging, blocking IO, traps, and CPU activity. # Vmstat 3 Sample output: procs-----------memory-------------Swap-------io------System-------CPU------ R b swpd free buff cache si so bi bo in CS us sy ID WA St 0 0 0 2540988 522188 5130400 0 0 2 32 4 2 4 1 96 0 0 1 0 0 2540988 522188 5130400 0 0 0 720 1199 665 1 0 99 0 0 0 0 0 2540956 522188 5130400 0 0 0 0 1151 1569 4 1 95 0 0 0 0 0 2540956 522188 5130500 0 0 0 6 1117 439 1 0 99 0 0 0 0 0 2540940 522188 5130512 0 0 0 536 1189 932 1 0 98 0 0 0 0 0 2538444 522188 5130588 0 0 0 0 1187 1417 4 1 96 0 0 0 0 0 2490060 522188 5130640 0 0 0 18 1253 1123 5 1 94 0 0 Show memory usage Details # vmstat-m Show memory Active/Inactive information # vmstat-a #3: W-show who is logged in, what are they doing? The W command displays information about the current user of the system and its running process. # W Username # w Vivek Output Example: 17:58:47 up 5 days, 20:28, 2 users, load average:0.36, 0.26, 0.24 USER TTY from [email protected] IDLE jcpu PCPU Root pts/0 10.1.3.145 14:55 5.00s 0.04s 0.02s vim/etc/resolv.conf Root pts/1 10.1.3.145 17:43 0.00s 0.03s 0.00s W #4: Uptime-Tell the system how long it has been running? The uptime command used to show only how long the system was running. Now, you can show how long the system is running, how many users are currently logged in, and what the average load is in the last 1, 5, 15 minutes. # uptime Input sample: 18:02:41 up, 23:42, 1 user, Load average:0.00, 0.00, 0.00 1 can be considered as the optimal load value. The load will vary with the system. Single CPU system 1-3 and SMP system 6-10 are all possible to accept. #5: PS-Show process The PS command displays a snapshot of the currently running process. Displays all processes using-a or-E. # ps-a Output example: PID TTY time CMD 1? 00:00:02 Init 2? 00:00:02 migration/0 3? 00:00:01 ksoftirqd/0 6} 00:00:00 watchdog/0 5? 00:00:00 MIGRATION/1 4} 00:00:15 KSOFTIRQD/1 .... ..... 4881? 00:53:28 Java 4885 tty1 00:00:00 Mingetty 4886 Tty2 00:00:00 Mingetty 4887 Tty3 00:00:00 Mingetty 4888 Tty4 00:00:00 Mingetty 4891 tty5 00:00:00 Mingetty 4892 Tty6 00:00:00 Mingetty 4893 ttyS1 00:00:00 Agetty 12853? 00:00:00 CIFSOPLOCKD 12854? 00:00:00 cifsdnotifyd 14231? 00:10:34 lighttpd 14232? 00:00:00 php-cgi 54981 pts/0 00:00:00 Vim 55465? 00:00:00 php-cgi 55546? 00:00:00 Bind9-snmp-stat 55704 PTS/1 00:00:00 PS PS is very similar to top, but PS provides more information. Output Long Format # Ps-al Output append full format (shows parameters passed in when the process executes) # Ps-alf Show process Structure # PS-ALFH Show threads after a process # PS-ALLM Print all processes on the server # PS AX # PS Axu Print Process Tree # PS-EJH # PS AXJF # Pstree Print security information # Ps-eo Euser,ruser,suser,fuser,f,comm,label # PS AXZ # Ps-em View processes running with the Vivek user name # ps-u vivek-u Vivek U Setting Custom output formats # Ps-eo Pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm # PS Axo Stat,euid,ruid,tty,tpgid,sess,pgrp,ppid,pid,pcpu,comm # Ps-eopid,tt,user,fname,tmout,f,wchan Show only the LIGHTTPD process ID # ps-c Lighttpd-o pid= Or # pgrep LIGHTTPD Or # pgrep-u Vivek PHP-CGI Show process name with PID 55977 # ps-p 55977-o comm= Identify the top 10 processes that consume the most memory # PS-AUXF | Sort-nr-k 4 | Head-10 Find the top 10 processes with the most CPU # PS-AUXF | Sort-nr-k 3 | Head-10

#6: Free-memory usage
The free command displays the idle, used physical memory and swap memory in the system, and the buffer used by the kernel.
# free
Output example: Total used free shared buffers Cached
mem:12302896 9739664 2563232 0 523124 5154740
-/+ buffers/cache:4061800 8241096
swap:1052248 0 1052248
#7: iostat-cpu average load, HDD activity
The Iostat command reports statistics on the central Processing Unit (CPU), various devices, partitions, and network file system input/output statistics.
# Iostat
Output Example: Linux 2.6.18-128.1.14.el5 (www03.nixcraft.in) 06/26/2009
AVG-CPU:%user%nice%system%iowait%steal%idle
3.50 0.09 0.51 0.03 0.00 95.86
Device:tps blk_read/s blk_wrtn/s Blk_read Blk_wrtn
SDA 22.04 31.88 512.03 16193351 260102868
SDA1 0.00 0.00 0.00 2166 180
Sda2 22.04 31.87 512.03 16189010 260102688
Sda3 0.00 0.00 0.00 1615 0
#8: Sar-collecting and reporting system activities
The SAR command is used to collect, report, and store system activity information. To view the network counters, enter:
# Sar-n DEV | More
Displays the last 24 hours of network counters
# sar-n Dev-f/var/log/sa/sa24 | More
You can also use SAR to display real-time situations
# SAR 4 5
Sample output:
Linux 2.6.18-128.1.14.el5 (www03.nixcraft.in) 06/26/2009
06:45:12 PM CPU%user%nice%system%iowait%steal%idle
06:45:16 PM All 2.00 0.00 0.22 0.00 0.00 97.78
06:45:20 PM All 2.07 0.00 0.38 0.03 0.00 97.52
06:45:24 PM All 0.94 0.00 0.28 0.00 0.00 98.78
06:45:28 PM All 1.56 0.00 0.22 0.00 0.00 98.22
06:45:32 PM All 3.53 0.00 0.25 0.03 0.00 96.19
Average:all 2.02 0.00 0.27 0.01 0.00 97.70

#9: Mpstat-Multi-processor utilization
The Mpstat command displays the usage of all available processors, starting with the processor number 0. Mpstat-p all shows the average usage per processor.
# mpstat-p All
Sample output:
Linux 2.6.18-128.1.14.el5 (www03.nixcraft.in) 06/26/2009
06:48:11 PM CPU%user%nice%sys%iowait%irq%soft%steal%idle intr/s
06:48:11 PM All 3.50 0.09 0.34 0.03 0.01 0.17 0.00 95.86 1218.04
06:48:11 PM 0 3.44 0.08 0.31 0.02 0.00 0.12 0.00 96.04 1000.31
06:48:11 PM 1 3.10 0.08 0.32 0.09 0.02 0.11 0.00 96.28 34.93
06:48:11 PM 2 4.16 0.11 0.36 0.02 0.00 0.11 0.00 95.25 0.00
06:48:11 PM 3 3.77 0.11 0.38 0.03 0.01 0.24 0.00 95.46 44.80
06:48:11 PM 4 2.96 0.07 0.29 0.04 0.02 0.10 0.00 96.52 25.91
06:48:11 PM 5 3.26 0.08 0.28 0.03 0.01 0.10 0.00 96.23 14.98
06:48:11 PM 6 4.00 0.10 0.34 0.01 0.00 0.13 0.00 95.42 3.75
06:48:11 PM 7 3.30 0.11 0.39 0.03 0.01 0.46 0.00 95.69 76.89
#10: PMAP-memory usage for processes
The PMAP command displays the memory map of the process, and uses this command to identify the cause of the memory bottleneck.
# pmap-d PID
Displays the memory information for the PID 47394 process.
# pmap-d 47394
Sample output:
47394:/usr/bin/php-cgi
Address Kbytes Mode Offset Device Mapping
0000000000400000 2584 r-x--0000000000000000 008:00002 php-cgi
0000000000886000-RW---0000000000286000 008:00002 php-cgi
00000000008a9000-RW---00000000008a9000 000:00000 [anon]
0000000000aa8000 rw---00000000002a8000 008:00002 php-cgi
000000000F678000 1980 RW---000000000f678000 000:00000 [anon]
000000314a600000 r-x--0000000000000000 008:00002 ld-2.5.so
000000314a81b000 4 R----000000000001b000 008:00002 ld-2.5.so
000000314a81c000 4 rw---000000000001c000 008:00002 ld-2.5.so
000000314aa00000 1328 r-x--0000000000000000 008:00002 libc-2.5.so
000000314ab4c000 2048-----000000000014c000 008:00002 libc-2.5.so
.....
......
..
00002af8d48fd000 4 rw---0000000000006000 008:00002 xsl.so
00002af8d490c000 r-x--0000000000000000 008:00002 libnss_files-2.5.so
00002af8d4916000 2044-----000000000000a000 008:00002 libnss_files-2.5.so
00002af8d4b15000 4 R----0000000000009000 008:00002 libnss_files-2.5.so
00002af8d4b16000 4 rw---000000000000a000 008:00002 libnss_files-2.5.so
00002af8d4b17000 768000 rw-s-0000000000000000 000:00009 Zero (deleted)
00007fffc95fe000-RW---00007ffffffea000 000:00000 [stack]
ffffffffff600000 8192-----0000000000000000 000:00000 [anon]
mapped:933712k writeable/private:4304k shared:768000k
The last line is important:
* mapped:933712k Memory Map occupies the space size
* WRITEABLE/PRIVATE:4304K Private address space size
* shared:768000k shared address space size

#11和 #12:netstat and SS-Network-related information Netstat can display network links, routing table information, interface statistics, spoofing links, and multicast members (multicast memberships), which are used to display network socket information, which allows the display of information similar to netstat. For SS and Netstat use, refer to the following resources. #13: Iptraf-Network real-time information The Iptraf is an interactive IP network monitoring tool. It can generate a variety of network statistics including: TCP information, UDP number, ICMP and OSPF information, Ethernet load information, node status, IP checksum error, and so on. There are several information formats: TCP link traffic on different networks IP traffic for different network interfaces Network throughput of different protocols Different TCP/UDP ports and different packet sizes network throughput Different second-tier address network traffic Figure 02: General interface Information: IP traffic for different network interfaces Figure 03: TCP link Transfer over different networks #14: tcpdump: Detailed network traffic analysis Tcpdump is a simple network traffic dump tool, but it is very familiar to the TCP/IP protocol to use well. For example, to display network traffic about DNS, enter: # tcpdump-i eth1 ' UDP port 53 ' Displays all incoming and outgoing 80-port IPv4 HTTP packets, that is, only packages that contain data are printed. For example: SYN, FIN, and ack-only package inputs: # tcpdump ' TCP port and (((Ip[2:2)-((IP[0]&AMP;0XF) <<2)-((tcp[12]&0xf0) >>2))! = 0) ' To display all the FTP sessions to, enter: # tcpdump-i eth1 ' DST 202.54.1.5 and (port or 20 ') Show all HTTP sessions to 192.168.1.5 # tcpdump-ni eth0 ' DST 192.168.1.5 and TCP and port HTTP ' Using Wireshark to browse the details in the dump file, enter: # tcpdump-n-i eth1-s 0-w output.txt src or DST Port 80 #15: Strace-System call Track system calls and models, which is useful for debugging Web servers and other servers. Learn how to track processes and features. #16:/proc file System-Various kernel information The files in the/proc directory provide detailed information on many different hardware devices and cores. See Linux Kernel/proc for more details. General/proc For example: # Cat/proc/cpuinfo # Cat/proc/meminfo # Cat/proc/zoneinfo # cat/proc/mounts #17: Nagios-Server and network monitoring Nagios is a very popular system and network monitoring software. You can easily monitor all of your hosts, network devices and services. It can send alerts after a failure and recovery. Fan is the abbreviation for "Fully automated Nagios". Fan's goal is to provide Nagios's installation by the Nagios community. To make it easier to install the Nagios server, fan provides a compact disc image in the standard ISO format. This release also includes a set of tools to enhance the user experience. #18: Cacti-web-based monitoring tools Cacti is a complete network graphics solution based on RRDtool data storage and graphical capabilities. Cacti provides a fast polling, advanced graphical templates, a variety of data acquisition methods and user management functions. These features have a very user-friendly interface that ensures they can be deployed in a complex network of hundreds of devices. It provides information about networks, CPUs, memory, logged-in users, Apache, DNS, and more. #19: KDE System Guard Ksysguard is the next networked system monitoring tool on the KDE desktop. This tool can be run through an SSH session. It offers many features, such as a client/server architecture that monitors both native and remote hosts, and the front-end graphical interface uses so-called sensors to get information and display it. The sensor can return a simple numeric value or a set of tabular information. Provides one or more displays for different types of information. These displays are organized in multiple worksheets, and worksheets can be monolithic stored and loaded. So, Ksysguard is not just a simple task manager, but also a powerful tool to control multiple servers. Figure 05:kde System Guard #20: Gnome System Monitor System Monitor can display the basic information, monitor system processes, system resources, and file system usage. You can also use System Monitor to monitor and modify the behavior of your systems. Although not as powerful as the KDE System Guard, the basic information it provides is very useful for getting started users. * Displays a variety of basic information about computer hardware and software. * Linux kernel version * Gnome Version * Hardware * Installed Memory * Processor and its speed * System Status * The currently available hard disk space * Process * Memory and swap space * Network Utilization * File System * All mounted file systems and their basic information Figure 06:the Gnome System Monitor Application