Useful Commands for Basic Linux Monitoring
I've covered more advanced Linux network and disk monitoring in the past. But here are some basic, pre-installed tools that every beginner Linux admin should be using frequently.
netstat -plntu
Show all the network ports the system has open and is listening to.
netstat -plntu Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 2265/nginx: master tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 2325/mysqld tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2265/nginx: master
Have you recently audited your open connections to the outside world? This simple command will show you what software devices are listening to network ports.
You see very clearly what port each program has open, and which network it is listening on. The above example shows three ports open to external interfaces denoted by the asterisk * under Foreign Address.
df -h
"disk free human"Show the local filesystem mounts and their available space in a human readable format.
df -h Filesystem Size Used Avail Use% Mounted on /dev/xvda1 20G 6.6G 13G 36% / devtmpfs 236M 0 236M 0% /dev tmpfs 243M 0 243M 0% /dev/shm tmpfs 243M 21M 223M 9% /run tmpfs 243M 0 243M 0% /sys/fs/cgroup
Running out of system disk space is a beginner's error. While the example above is from a small cloud server, typical rackmounted servers are installed with different filesystems for essential directories. For instance, a file server for employees of a company will generally have a separate filesystem mount for /home, a database server will have a separate mount for /var/lib, and web server will have one for /var/www. Regardless, consider using a separate filesystem mount for /var/log.
top
Display an updated list of the system's processes, sorted by CPU utilization.
top
top - 08:46:56 up 10 days, 11:13, 1 user, load average: 0.00, 0.01, 0.05
Tasks: 122 total, 5 running, 117 sleeping, 0 stopped, 0 zombie
%Cpu(s): 0.7 us, 0.3 sy, 0.0 ni, 99.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem: 496536 total, 439620 used, 56916 free, 22988 buffers
KiB Swap: 0 total, 0 used, 0 free. 123216 cached Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
2290 apache 20 0 399664 20780 4280 S 0.3 4.2 2:21.97 php-fpm
1 root 20 0 52920 6996 2052 S 0.0 1.4 0:44.46 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.02 kthreadd
3 root 20 0 0 0 0 S 0.0 0.0 0:00.78 ksoftirqd/0
5 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:06.28 kworker/u30:0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcuob/0
10 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcuob/1
11 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcuob/2
12 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcuob/3
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcuob/4
System performance is a tedious task for servers that are over-utilized. Generally, one hopes for the fastest CPU specs, and the most amount of disk space and system volatile memory as possible.
If your server has to resort to utilizing Swap memory space you may find yourself in need for some optimization.
- Tune less important applications to be less resource intensive.
- Look at ways to eliminate unnecessary services from loading at startup.
chkconfig --list | grep $(runlevel | awk '{ print $2}'):on - Optimize your web server (Apache, Nginx, etc.) to extend the correct number of child processes/threads based off of your actual needs.
- Consider compiling your middleware applications from source to trim off unnecessary bloated features (such as those found in packaged PHP/PHP-FPM installs)
- Remove buggy software and patch middleware frameworks that cause memory leaks.
ps aux
Show a snapshot of the current system processes.
ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 1.4 52920 6996 ? Ss Mar03 0:44 /usr/lib/systemd/systemd --switched-root --sys root 2 0.0 0.0 0 0 ? S Mar03 0:00 [kthreadd] root 3 0.0 0.0 0 0 ? S Mar03 0:00 [ksoftirqd/0] root 5 0.0 0.0 0 0 ? S< Mar03 0:00 [kworker/0:0H] root 6 0.0 0.0 0 0 ? S Mar03 0:06 [kworker/u30:0] [...] root 1370 0.0 2.1 387784 10804 ? Ss Mar03 0:53 php-fpm: master process (/etc/php-fpm.conf) mysql 1541 0.0 0.2 115344 1228 ? Ss Mar03 0:00 /bin/sh /usr/bin/mysqld_safe --basedir=/usr root 2265 0.0 1.5 113136 7668 ? Ss Mar03 0:00 nginx: master process /usr/sbin/nginx apache 2289 0.0 3.9 398460 19752 ? S Mar03 2:08 php-fpm: pool www apache 2290 0.0 4.1 399664 20780 ? S Mar03 2:21 php-fpm: pool www mysql 2325 0.0 9.7 617228 48516 ? Sl Mar03 0:01 /usr/libexec/mysqld --basedir=/usr --datadir=/ root 20059 0.0 0.0 4312 360 ? S 08:49 0:00 sleep 60 root 20065 0.0 0.2 123356 1312 pts/0 R+ 08:50 0:00 ps aux nginx 28589 0.0 1.6 115400 8072 ? S Mar12 0:07 nginx: worker process nginx 28590 0.0 1.5 115400 7692 ? S Mar12 0:07 nginx: worker process nginx 28591 0.0 1.5 115400 7804 ? S Mar12 0:07 nginx: worker process nginx 28592 0.0 1.6 115400 8048 ? S Mar12 0:07 nginx: worker process
To check memory stats for a specific processes try ps aux | grep -E 'nginx|apache|php|www'
ps aux | grep -E 'nginx|apache|php|www' root 1370 0.0 2.1 387784 10804 ? Ss Mar03 0:53 php-fpm: master process (/etc/php-fpm.conf) root 2265 0.0 1.5 113136 7668 ? Ss Mar03 0:00 nginx: master process /usr/sbin/nginx apache 2289 0.0 3.9 398460 19752 ? S Mar03 2:08 php-fpm: pool www apache 2290 0.0 4.1 399664 20780 ? S Mar03 2:21 php-fpm: pool www root 20511 0.0 0.1 112640 932 pts/0 R+ 09:05 0:00 grep --color=auto -E nginx|apache|php|www nginx 28589 0.0 1.6 115400 8072 ? S Mar12 0:07 nginx: worker process nginx 28590 0.0 1.5 115400 7692 ? S Mar12 0:07 nginx: worker process nginx 28591 0.0 1.5 115400 7804 ? S Mar12 0:07 nginx: worker process nginx 28592 0.0 1.6 115400 8048 ? S Mar12 0:07 nginx: worker process