30 Linux System Monitoring Tools Every SysAdmin Should Know

Posted on in Categories CentOS, Debian Linux, Howto, Linux, Monitoring, Networking, RedHat/Fedora Linux, Security, Sys admin last updated January 8, 2018

Need to monitor Linux server performance? Try these built-in commands and a few add-on tools. Most distributions come with tons of Linux monitoring tools. These tools provide metrics which can be used to get information about system activities. You can use these tools to find the possible causes of a performance problem. The commands discussed below are some of the most fundamental commands when it comes to system analysis and debugging Linux server issues such as:

  1. Finding out system bottlenecks
  2. Disk (storage) bottlenecks
  3. CPU and memory bottlenecks
  4. Network bottleneck.

1. top – Process activity monitoring command

top command display Linux processes. It provides a dynamic real-time view of a running system i.e. actual process activity. By default, it displays the most CPU-intensive tasks running on the server and updates the list every five seconds.

top - Linux monitoring command
Fig.01: Linux top command

Commonly Used Hot Keys With top Linux monitoring tools

Here is a list of useful hot keys:

Hot KeyUsage
tDisplays summary information off and on.
mDisplays memory information off and on.
ASorts the display by top consumers of various system resources. Useful for quick identification of performance-hungry tasks on a system.
fEnters an interactive configuration screen for top. Helpful for setting up top for a specific task.
oEnables you to interactively select the ordering within top.
rIssues renice command.
kIssues kill command.
zTurn on or off color/mono

How do I Find Out Linux CPU Utilization?

2. vmstat – Virtual memory statistics

The vmstat command reports information about processes, memory, paging, block IO, traps, and cpu activity.
# vmstat 3
Sample Outputs:

procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------
 r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa st
 0  0      0 2540988 522188 5130400    0    0     2    32    4    2  4  1 96  0  0
 1  0      0 2540988 522188 5130400    0    0     0   720 1199  665  1  0 99  0  0
 0  0      0 2540956 522188 5130400    0    0     0     0 1151 1569  4  1 95  0  0
 0  0      0 2540956 522188 5130500    0    0     0     6 1117  439  1  0 99  0  0
 0  0      0 2540940 522188 5130512    0    0     0   536 1189  932  1  0 98  0  0
 0  0      0 2538444 522188 5130588    0    0     0     0 1187 1417  4  1 96  0  0
 0  0      0 2490060 522188 5130640    0    0     0    18 1253 1123  5  1 94  0  0

Display Memory Utilization Slabinfo

# vmstat -m

Get Information About Active / Inactive Memory Pages

# vmstat -a
How do I find out Linux Resource utilization to detect system bottlenecks?

3. w – Find out who is logged on and what they are doing

w command displays information about the users currently on the machine, and their processes.
# w username
# w vivek
Sample Outputs:

 17:58:47 up 5 days, 20:28,  2 users,  load average: 0.36, 0.26, 0.24
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/0    10.1.3.145       14:55    5.00s  0.04s  0.02s vim /etc/resolv.conf
root     pts/1    10.1.3.145       17:43    0.00s  0.03s  0.00s w

4. uptime – Tell how long the Linux system has been running

uptime command can be used to see how long the server has been running. The current time, how long the system has been running, how many users are currently logged on, and the system load averages for the past 1, 5, and 15 minutes.
# uptime
Output:

 18:02:41 up 41 days, 23:42,  1 user,  load average: 0.00, 0.00, 0.00

1 can be considered as optimal load value. The load can change from system to system. For a single CPU system 1 – 3 and SMP systems 6-10 load value might be acceptable.

5. ps – Displays the Linux processes

ps command will report a snapshot of the current processes. To select all processes use the -A or -e option:
# ps -A
Sample Outputs:

  PID TTY          TIME CMD
    1 ?        00:00:02 init
    2 ?        00:00:02 migration/0
    3 ?        00:00:01 ksoftirqd/0
    4 ?        00:00:00 watchdog/0
    5 ?        00:00:00 migration/1
    6 ?        00:00:15 ksoftirqd/1
....
.....
 4881 ?        00:53:28 java
 4885 tty1     00:00:00 mingetty
 4886 tty2     00:00:00 mingetty
 4887 tty3     00:00:00 mingetty
 4888 tty4     00:00:00 mingetty
 4891 tty5     00:00:00 mingetty
 4892 tty6     00:00:00 mingetty
 4893 ttyS1    00:00:00 agetty
12853 ?        00:00:00 cifsoplockd
12854 ?        00:00:00 cifsdnotifyd
14231 ?        00:10:34 lighttpd
14232 ?        00:00:00 php-cgi
54981 pts/0    00:00:00 vim
55465 ?        00:00:00 php-cgi
55546 ?        00:00:00 bind9-snmp-stat
55704 pts/1    00:00:00 ps

ps is just like top but provides more information.

Show Long Format Output

# ps -Al
To turn on extra full mode (it will show command line arguments passed to process):
# ps -AlF

Display Threads ( LWP and NLWP)

# ps -AlFH

Watch Threads After Processes

# ps -AlLm

Print All Process On The Server

# ps ax
# ps axu

Want To Print A Process Tree?

# ps -ejH
# ps axjf
# pstree

Get Security Information of Linux Process

# ps -eo euser,ruser,suser,fuser,f,comm,label
# ps axZ
# ps -eM

Let Us Print Every Process Running As User Vivek

# ps -U vivek -u vivek u

Configure ps Command Output In a User-Defined Format

# ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm
# ps axo stat,euid,ruid,tty,tpgid,sess,pgrp,ppid,pid,pcpu,comm
# ps -eopid,tt,user,fname,tmout,f,wchan

Try To Display Only The Process IDs of Lighttpd

# ps -C lighttpd -o pid=
OR
# pgrep lighttpd
OR
# pgrep -u vivek php-cgi

Print The Name of PID 55977

# ps -p 55977 -o comm=

Top 10 Memory Consuming Process

# ps -auxf | sort -nr -k 4 | head -10

Show Us Top 10 CPU Consuming Process

# ps -auxf | sort -nr -k 3 | head -10
Show All Running Processes in Linux

6. free – Show Linux server memory usage

free command shows the total amount of free and used physical and swap memory in the system, as well as the buffers used by the kernel.
# free
Sample Output:

            total       used       free     shared    buffers     cached
Mem:      12302896    9739664    2563232          0     523124    5154740
-/+ buffers/cache:    4061800    8241096
Swap:      1052248          0    1052248
  1. Linux Find Out Virtual Memory PAGESIZE
  2. Linux Limit CPU Usage Per Process
  3. How much RAM does my Ubuntu / Fedora Linux desktop PC have?

7. iostat – Montor Linux average CPU load and disk activity

iostat command report Central Processing Unit (CPU) statistics and input/output statistics for devices, partitions and network filesystems (NFS).
# iostat
Sample Outputs:

Linux 2.6.18-128.1.14.el5 (www03.nixcraft.in) 	06/26/2009

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           3.50    0.09    0.51    0.03    0.00   95.86

Device:            tps   Blk_read/s   Blk_wrtn/s   Blk_read   Blk_wrtn
sda              22.04        31.88       512.03   16193351  260102868
sda1              0.00         0.00         0.00       2166        180
sda2             22.04        31.87       512.03   16189010  260102688
sda3              0.00         0.00         0.00       1615          0

Linux Track NFS Directory / Disk I/O Stats

8. sar – Monitor, collect and report Linux system activity

sar command used to collect, report, and save system activity information. To see network counter, enter:
# sar -n DEV | more
The network counters from the 24th:
# sar -n DEV -f /var/log/sa/sa24 | more
You can also display real time usage using sar:
# sar 4 5
Sample Outputs:

Linux 2.6.18-128.1.14.el5 (www03.nixcraft.in) 		06/26/2009

06:45:12 PM       CPU     %user     %nice   %system   %iowait    %steal     %idle
06:45:16 PM       all      2.00      0.00      0.22      0.00      0.00     97.78
06:45:20 PM       all      2.07      0.00      0.38      0.03      0.00     97.52
06:45:24 PM       all      0.94      0.00      0.28      0.00      0.00     98.78
06:45:28 PM       all      1.56      0.00      0.22      0.00      0.00     98.22
06:45:32 PM       all      3.53      0.00      0.25      0.03      0.00     96.19
Average:          all      2.02      0.00      0.27      0.01      0.00     97.70

9. mpstat – Monitor multiprocessor usage on Linux

mpstat command displays activities for each available processor, processor 0 being the first one. mpstat -P ALL to display average CPU utilization per processor:
# mpstat -P ALL
Sample Output:

Linux 2.6.18-128.1.14.el5 (www03.nixcraft.in)	 	06/26/2009

06:48:11 PM  CPU   %user   %nice    %sys %iowait    %irq   %soft  %steal   %idle    intr/s
06:48:11 PM  all    3.50    0.09    0.34    0.03    0.01    0.17    0.00   95.86   1218.04
06:48:11 PM    0    3.44    0.08    0.31    0.02    0.00    0.12    0.00   96.04   1000.31
06:48:11 PM    1    3.10    0.08    0.32    0.09    0.02    0.11    0.00   96.28     34.93
06:48:11 PM    2    4.16    0.11    0.36    0.02    0.00    0.11    0.00   95.25      0.00
06:48:11 PM    3    3.77    0.11    0.38    0.03    0.01    0.24    0.00   95.46     44.80
06:48:11 PM    4    2.96    0.07    0.29    0.04    0.02    0.10    0.00   96.52     25.91
06:48:11 PM    5    3.26    0.08    0.28    0.03    0.01    0.10    0.00   96.23     14.98
06:48:11 PM    6    4.00    0.10    0.34    0.01    0.00    0.13    0.00   95.42      3.75
06:48:11 PM    7    3.30    0.11    0.39    0.03    0.01    0.46    0.00   95.69     76.89

Linux display each multiple SMP CPU processors utilization individually.

10. pmap – Montor process memory usage on Linux

pmap command report memory map of a process. Use this command to find out causes of memory bottlenecks.
# pmap -d PID
To display process memory information for pid # 47394, enter:
# pmap -d 47394
Sample Outputs:

47394:   /usr/bin/php-cgi
Address           Kbytes Mode  Offset           Device    Mapping
0000000000400000    2584 r-x-- 0000000000000000 008:00002 php-cgi
0000000000886000     140 rw--- 0000000000286000 008:00002 php-cgi
00000000008a9000      52 rw--- 00000000008a9000 000:00000   [ anon ]
0000000000aa8000      76 rw--- 00000000002a8000 008:00002 php-cgi
000000000f678000    1980 rw--- 000000000f678000 000:00000   [ anon ]
000000314a600000     112 r-x-- 0000000000000000 008:00002 ld-2.5.so
000000314a81b000       4 r---- 000000000001b000 008:00002 ld-2.5.so
000000314a81c000       4 rw--- 000000000001c000 008:00002 ld-2.5.so
000000314aa00000    1328 r-x-- 0000000000000000 008:00002 libc-2.5.so
000000314ab4c000    2048 ----- 000000000014c000 008:00002 libc-2.5.so
.....
......
..
00002af8d48fd000       4 rw--- 0000000000006000 008:00002 xsl.so
00002af8d490c000      40 r-x-- 0000000000000000 008:00002 libnss_files-2.5.so
00002af8d4916000    2044 ----- 000000000000a000 008:00002 libnss_files-2.5.so
00002af8d4b15000       4 r---- 0000000000009000 008:00002 libnss_files-2.5.so
00002af8d4b16000       4 rw--- 000000000000a000 008:00002 libnss_files-2.5.so
00002af8d4b17000  768000 rw-s- 0000000000000000 000:00009 zero (deleted)
00007fffc95fe000      84 rw--- 00007ffffffea000 000:00000   [ stack ]
ffffffffff600000    8192 ----- 0000000000000000 000:00000   [ anon ]
mapped: 933712K    writeable/private: 4304K    shared: 768000K

The last line is very important:

  • mapped: 933712K total amount of memory mapped to files
  • writeable/private: 4304K the amount of private address space
  • shared: 768000K the amount of address space this process is sharing with others

Linux find the memory used by a program / process using pmap command

11. netstat – Linux network and statistics monitoring tool

netstat command displays network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.
# netstat -tulpn
# netstat -nat

12. ss – Network Statistics

ss command use to dump socket statistics. It allows showing information similar to netstat. Please note that the netstat is mostly obsolete. Hence you need to use ss command. To ss all TCP and UDP sockets on Linux:
# ss -t -a
OR
# ss -u -a
Show all TCP sockets with process SELinux security contexts:
# ss -t -a -Z
See the following resources about ss and netstat commands:

13. iptraf – Get real-time network statistics on Linux

iptraf command is interactive colorful IP LAN monitor. It is an ncurses-based IP LAN monitor that generates various network statistics including TCP info, UDP counts, ICMP and OSPF information, Ethernet load info, node stats, IP checksum errors, and others. It can provide the following info in easy to read format:

  • Network traffic statistics by TCP connection
  • IP traffic statistics by network interface
  • Network traffic statistics by protocol
  • Network traffic statistics by TCP/UDP port and by packet size
  • Network traffic statistics by Layer2 address
Fig.02: General interface statistics: IP traffic statistics by network interface
Fig.02: General interface statistics: IP traffic statistics by network interface
Fig.03 Network traffic statistics by TCP connection
Fig.03 Network traffic statistics by TCP connection

Install IPTraf on a Centos / RHEL / Fedora Linux To Get Network Statistics

14. tcpdump – Detailed network traffic analysis

tcpdump command is simple command that dump traffic on a network. However, you need good understanding of TCP/IP protocol to utilize this tool. For.e.g to display traffic info about DNS, enter:
# tcpdump -i eth1 'udp port 53'
View all IPv4 HTTP packets to and from port 80, i.e. print only packets that contain data, not, for example, SYN and FIN packets and ACK-only packets, enter:
# tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
Show all FTP session to 202.54.1.5, enter:
# tcpdump -i eth1 'dst 202.54.1.5 and (port 21 or 20'
Print all HTTP session to 192.168.1.5:
# tcpdump -ni eth0 'dst 192.168.1.5 and tcp and port http'
Use wireshark to view detailed information about files, enter:
# tcpdump -n -i eth1 -s 0 -w output.txt src or dst port 80

15. iotop – Linux I/O monitor

iotop command monitor, I/O usage information, using the Linux kernel. It shows a table of current I/O usage sorted by processes or threads on the server.
$ sudo iotop
Sample outputs:
iotop monitoring linux disk read write IO
Linux iotop: Check What’s Stressing And Increasing Load On Your Hard Disks

16. htop – interactive process viewer

htop is a free and open source ncurses-based process viewer for Linux. It is much better than top command. Very easy to use. You can select processes for killing or renicing without using their PIDs or leaving htop interface.
$ htop
Sample outputs:
htop process viewer for Linux

17. atop – Advanced Linux system & process monitor

atop is a very powerful and an interactive monitor to view the load on a Linux system. It displays the most critical hardware resources from a performance point of view. You can quickly see CPU, memory, disk and network performance. It shows which processes are responsible for the indicated load concerning CPU and memory load on a process level.
$ atop
atop Command Line Tools to Monitor Linux Performance

18. ac and lastcomm –

You must monitor process and login activity on your Linux server. The psacct or acct package contains several utilities for monitoring process activities, including:

  1. ac command : Show statistics about users’ connect time
  2. lastcomm command : Show info about about previously executed commands
  3. accton command : Turns process accounting on or off
  4. sa command : Summarizes accounting information

How to keep a detailed audit trail of what’s being done on your Linux systems

19. monit – Process supervision

Monit is a free and open source software that acts as process supervision. It comes with the ability to restart services which have failed. You can use Systemd, daemontools or any other such tool for the same purpose. This tutorial shows how to install and configure monit as Process supervision on Debian or Ubuntu Linux.

20. nethogs- Find out PIDs that using most bandwidth on Linux

NetHogs is a small but handy net top tool. It groups bandwidth by process name such as Firefox, wget and so on. If there is a sudden burst of network traffic, start NetHogs. You will see which PID is causing bandwidth surge.
$ sudo nethogs
nethogs linux monitoring tools open source
Linux: See Bandwidth Usage Per Process With Nethogs Tool

21. iftop – Show bandwidth usage on an interface by host

iftop command listens to network traffic on a given interface name such as eth0. It displays a table of current bandwidth usage by pairs of hosts.
$ sudo iftop
iftop in action

22. vnstat – A console-based network traffic monitor

vnstat is easy to use console-based network traffic monitor for Linux. It keeps a log of hourly, daily and monthly network traffic for the selected interface(s).
$ vnstat
vnstat linux network traffic monitor

23. nmon – Linux systems administrator, tuner, benchmark tool

nmon is a Linux sysadmin’s ultimate tool for the tunning purpose. It can show CPU, memory, network, disks, file systems, NFS, top process resources and partition information from the cli.
$ nmon
nmon command
Install and Use nmon Tool To Monitor Linux Systems Performance

24. glances – Keep an eye on Linux system

glances is an open source cross-platform monitoring tool. It provides tons of information on the small screen. It can also work in client/server mode.
$ glances
Glances
Linux: Keep An Eye On Your System With Glances Monitor

25. strace – Monitor system calls on Linux

Want to trace Linux system calls and signals? Try strace command. This is useful for debugging webserver and other server problems. See how to use to trace the process and see What it is doing.

26. /proc/ file system – Various Linux kernel statistics

/proc file system provides detailed information about various hardware devices and other Linux kernel information. See Linux kernel /proc documentations for further details. Common /proc examples:
# cat /proc/cpuinfo
# cat /proc/meminfo
# cat /proc/zoneinfo
# cat /proc/mounts

27. Nagios – Linux server/network monitoring

Nagios is a popular open source computer system and network monitoring application software. You can easily monitor all your hosts, network equipment and services. It can send alert when things go wrong and again when they get better. FAN is “Fully Automated Nagios”. FAN goals are to provide a Nagios installation including most tools provided by the Nagios Community. FAN provides a CDRom image in the standard ISO format, making it easy to easilly install a Nagios server. Added to this, a wide bunch of tools are including to the distribution, in order to improve the user experience around Nagios.

28. Cacti – Web-based Linux monitoring tool

Cacti is a complete network graphing solution designed to harness the power of RRDTool’s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. It can provide data about network, CPU, memory, logged in users, Apache, DNS servers and much more. See how to install and configure Cacti network graphing tool under CentOS / RHEL.

29. KDE System Guard – Real-time Linux systems reporting and graphing

KSysguard is a network enabled task and system monitor application for KDE desktop. This tool can be run over ssh session. It provides lots of features such as a client/server architecture that enables monitoring of local and remote hosts. The graphical front end uses so-called sensors to retrieve the information it displays. A sensor can return simple values or more complex information like tables. For each type of information, one or more displays are provided. Displays are organized in worksheets that can be saved and loaded independently from each other. So, KSysguard is not only a simple task manager but also a very powerful tool to control large server farms.

Fig.05 KDE System Guard
Fig.05 KDE System Guard {Image credit: Wikipedia}

See the KSysguard handbook for detailed usage.

30. Gnome Linux system monitor

The System Monitor application enables you to display basic system information and monitor system processes, usage of system resources, and file systems. You can also use System Monitor to modify the behavior of your system. Although not as powerful as the KDE System Guard, it provides the basic information which may be useful for new users:

  • Displays various basic information about the computer’s hardware and software.
  • Linux Kernel version
  • GNOME version
  • Hardware
  • Installed memory
  • Processors and speeds
  • System Status
  • Currently available disk space
  • Processes
  • Memory and swap space
  • Network usage
  • File Systems
  • Lists all mounted filesystems along with basic information about each.
Fig.06 The Gnome System Monitor application
Fig.06 The Gnome System Monitor application

Bonus: Additional Tools

A few more tools:

  • nmap – scan your server for open ports.
  • lsof – list open files, network connections and much more.
  • ntop web based tool – ntop is the best tool to see network usage in a way similar to what top command does for processes i.e. it is network traffic monitoring software. You can see network status, protocol wise distribution of traffic for UDP, TCP, DNS, HTTP and other protocols.
  • Conky – Another good monitoring tool for the X Window System. It is highly configurable and is able to monitor many system variables including the status of the CPU, memory, swap space, disk storage, temperatures, processes, network interfaces, battery power, system messages, e-mail inboxes etc.
  • GKrellM – It can be used to monitor the status of CPUs, main memory, hard disks, network interfaces, local and remote mailboxes, and many other things.
  • mtr – mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool.
  • vtop – graphical terminal activity monitor on Linux
  • gtop – Awesome system monitoring dashboard for Linux/macOS Unix terminal

Did I miss something? Please add your favorite system motoring tool in the comments.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Share this on (or read 355 comments/add one below):

355 comment

    1. (quote)
      Pretty much common knowledge. . . .
      (/quote)

      Yea, right!
      I’ve been around the block two or three times – and a number of these are familiar to me – but some of the ways they’re used here were not. Also a fair number of these were absolutely brand-new – and they look damned useful!

      I am so going to book-mark this page it isn’t funny! It’s likely that I will want to spread this URL around like the Flu as well. . . . πŸ˜€

      @Vivek
      *GREAT* list – for those of us who are mere mortals. . . .

      Jim (JR)

    2. For someone with the common knowledge, why would this be handy? I mean, if you already know/use these, then why would you need a page detailing them?

      1. Because a lot of us have to live with faulty memory modules, Steve.
        I do agree with you too.:This knowledge isn’t that common outside the comic book fraternity.

  3. Nice list. For systems with just a few nodes I recommend Munin. It’s easy to install and configure. My favorite tool for monitoring a linux cluster is Ganglia.

    P.S. I think you should change this “#2: vmstat – Network traffic statistics by TCP connection …”

  4. another useful tool is dstat , which combines vmstat, iostat, ifstat, netstat information and more. but this is a very useful list with some interesting examples!

    1. Dear i am learning the Linux pl z help me, I you have any useful notes pl z sent it to my E-mail.

      Thanks

      1. In my system booting time it showing error fsck is fails. plz login as root…….– how to repair or check linux os using fsck command plz help me

        1. Most of the time that happens if the fsck operation requires human interaction, which the boot fsck doesn’t have. Just restart it, if you don’t normally get a grub delay the hold down the shift key to get one, if you do then just select recovery mode, or single user mode, it depends on your distro. It’s the same thing in all, just tripping single user mode with a kernel arg, but it will let you boot, and run fsck on unmounted partitions. If it is your root partition, you may need to boot from an external medium, unless you have a kick ass initrd, lol.

      1. Uhm, geez, this isn’t blogspot. Head over there if you have an uncontrollable need to flame people above your level of understanding…

      3. it is you’re – you are a tool. Please when randomly slamming someones post to feel better about yourself, at least you proper grammer. Then at least you sound like an intelligent a55h0le. πŸ˜›

        1. Sarcastic pro’s, N00bs, flaming, harsh language, grammar nazis. All we need now is a Hitler comparison and we have the full set. Who’s up for a ban?

          Also: before stuff can become common knowledge you’ll first have to encounter it at least once. Like here in this nice list. Thanks for sharing!

        3. Let me go ahead and re-write your comment, grammer nazi. It seems you have quite a few errors.

          “It is ‘you’re–you are’ a tool. Please, when randomly slamming someone’s post to feel better about yourself, at least use proper grammar. Then, at least, you sound like an intelligent a55h0le.”

          In the future, I would recommend proof-reading your own posts before you arrogantly correct others. I counted at least six mistakes in your “correction.” Have a nice day! πŸ™‚

  9. I can see that the best tool to monitor processes , CPU, memeory and disk bottleneck at once is atop …

    But the tool itself can cause a lot of trouble in heavily loaded servers and it enables process accounting and has a service running all the time …

    To use it efficiently on RHEL , CentOS;
    1- install rpmforge repo
    2- # yum install atop
    3- # killalll atop
    4- # chkconfig atop off
    5- # rm -rf /tmp/atop.d/ /var/log/atop/
    6- then don’t directly run “atop” command , but instead run it as follows;
    # ATOPACCT=” atop

    This tool has saved me hundreds of hours really! and helped me to diagnose bottlenecks and solve them that couldn’t otherwise be easily detected and would need many different tools

  12. You probably wanna add IFTOP tool, its really simple and light, very useful when u need to have a last moment remote access to a server to see hows the trific going.

  13. Yeah, well why a so good admin (I dig(g) your site) won’t you use spelling checkers?
    Typo #2 Web-based __Monitioring__ Tool

  14. maybe it’s a typo too, but the title should be :
    “.. Tools Every SysAdmin MUST Know”
    and still, this is advanced user knowledge, at most. I would not trust a sysadmin that knows so few. And..

  15. Hi guys,

    good list – and some great submitted pointers to other useful tools.

    to those carp-ing on about typo’s – give us all a break. you’ve never made a typo? ever?

    Idea: How ’bout those who have never *ever* made an error in typing text be the first one(s) to give people grief about making a typo?

    I _used_ to be a real PITA about this; then I grew up.

    The purpose of this blog, and other forms of communication, is to *communicate* concepts and ideas. *If* you have received those clearly – in spite of the typos – then the purpose has been fulfilled.

    /me gets down off his soapbox

    .h

    1. I totally second that!
      WTF is up with people making such a big deal about spelling? I could understand if the complaints were in regards to a misspelling of a code-example, but if the language is coherent enough to get the idea across, then that’s all that really matters.

  17. This blog is more impressive and more useful than ever. I need more help regarding proper installation document on “php-network weathermap” on Cacti as plugins

  20. dtrace is a notable mention for the picky hackers that wish to know more about the behavior of the operating system and it’s programs internals.

  23. Excellent list. Like Amr El-Sharnoby above, I also find atop indispensable and think it must be installed on every system.

    In addition I would like to add iotop to monitor disk usage per process and jnettop to very easily monitor bandwidth allocation between connections on a Linux system.

  27. One tool which seems to be missing from this list is LTTng. It is a system-wide tracing tool which helps understanding complex performance problems in multithreaded, multiprocess applications involving many userspace-kernel interactions.

    The project is available at http://www.lttng.org. Recent SuSE distributions, WindRiver, Monta Vista and STLinux offer the tracer as distribution packages. The standard way to use it is to install a patched kernel though. It comes with a trace analyzer, LTTV, which provides nice view of the overall system behavior.

    Mathieu

  31. If we’re talking about a web server, apachetop is a nice tool to see Apache’s activity.

  32. Dude you forgot the most important of ALL!

    net-snmpd

    With it you can collect vast amounts of information. Then with snmpwalk and scripts you can create your own web NMS to collect simple information like ping, disk space, services down.

  33. `iotop` is nice one to be include in list. I used `vnstat` very much for keeping track of my download when I was on limited connection πŸ™‚

  35. Very useful, thinks for sharing.

    Take a look to a great tools called nmon. I use it on AIX IBM system but works now on all GNU/linux system now.

  37. I’m with @paul tergeist, tools every linux user should know. The ps samples are nice, thanks.

    No reference to configuration management tools ?

    cfengine/puppet/chef?

  38. Nice summary article.

    If your “system” is large and/or distributed, and the performance issues you’re tackling are complex, you may wish to explore Performance Co-Pilot (PCP). It unifies all of the performance data from the tools you’ve mentioned (and more), can be extended to include new applications and service layers, works across the network and for clusters and provides both real-time and retrospective analysis.

    See http://www.oss.sgi.com/projects/pcp

    PCP is included in the Debian-based and SUSE distributions and is likely to appear in the RH distributions in the future.

    As a bonus, PCP also works for monitoring non-Linux platforms (Windows and some of the Unix derivatives).

  39. I love your collection.

    I use about 25% of those regularly, and another 25% semi-regularly. I’ll have to add another 25% of those to my list of regulars.

    Thanks for compiling this list.

  40. Very nice collection of linux applications. I work with linux but I can’t say that i know them all.

  46. Great article, many great suggestions.

    Was surprised not to see these among the suggestions:

    bmon – graphs/tracks network activity/bandwidth real time.
    etherape – great visual indicator of what traffic is going where on the network
    wireshark – tcpdump on steroids.
    multitail – tail multiple files in a single terminal window
    swatch – track your log files and fire off alerts

  47. how the hell i missed this site this many days… πŸ˜› thank god i found it… πŸ™‚ i love it…

  48. O personally much prefer htop to top. Displays everything very nicely.

    phpsysinfo is another nice light web-based monitoring tool. Very easy to setup and use.

  49. Osmius: The Open Source Monitoring Tool is C++ and Java. Monitor “everything” connected to a network with incredible performance. Create and integrate Business Services, SLAs and ITIL processes such as availability management and capacity planning.

  51. Nice compilation. As usual, always very useful.

    It would be nice if some of you knowledgeable guys can shed some light on java heap monitoring thing, thread lock detection and analysis, heap analysis etc.

  54. And for those which like lightweight and concise graphical metering:
    xosview +disk -ints -bat

  60. From the guy who wrote the collect utility for Tru64:

    Name : collectl Relocations: (not relocatable)
    Version : 3.3.5 Vendor: Fedora Project
    Release : 1.fc10 Build Date: Fri Aug 21 13:22:42 2009
    Install Date: Tue Sep 1 18:10:34 2009 Build Host: x86-5.fedora.phx.redhat.com
    Group : Applications/System Source RPM: collectl-3.3.5-1.fc10.src.rpm
    Size : 1138212 License: GPLv2+ or Artistic
    Signature : DSA/SHA1, Mon Aug 31 14:42:40 2009, Key ID bf226fcc4ebfc273
    Packager : Fedora Project
    URL : http://collectl.sourceforge.net
    Summary : A utility to collect various linux performance data
    Description :
    A utility to collect linux performance data

    Best regards, Bob

  62. Hi,

    Thanks for the nice collection with useful samples. Consider adding tools to monitor SAN storage, multipath etc. also.

    Best Regards,
    Somnath

  65. Thanks for the article. I am not admin myself, but tools are very useful for me too.

    Thanks for the comments also πŸ™‚

  66. When I wrote collectl my goal was to replace as many utilities as possible for several reasons including:
    – not all write to log files
    – different output formats make correlation VERY difficult
    – sar is close but still too many things it doesn’t collect
    – I wanted option to generate data that can be easily plotted or loaded into spreadsheet
    – I wanted sub-second monitoring
    – I want an API and I want to be able to send data over sockets to other tools
    – and a whole lot more

    I think I succeeded on many fronts, in particular not having to worry if the right data is being collected. Just install rpm and type “/etc/init.d/collectl start” and you’re collecting everything such as slabs and processes every 60 seconds and everything else every 10 seconds AND using <0.1% of the CPU to do so. I personally believe if you're collecting performance counters at a minute or coarser you're not really seeing what your system is doing.

    As for the API, I worked with some folks at PNNL to monitor their 2300 node cluster, pass the data to ganglia and from there they pass it to their own real-time plotting tool that can display counters for the entire cluster in 3D. They also collectl counters from individual CPUs and pass that data to collectl as well.

    I put together a very simple mapping of 'standard' utilities like sar to the equivilent collectl commands just to get a feel for how they compare. But also keep in mind there are a lot of things collectl does for which there is no equivalent system command, such as Infiniband or Lustre monitoring. How about buddyinfo? And more…

    http://collectl.sourceforge.net/Matrix.html

    -mark

  67. Darn,
    I’ve been using Linux since Windows 98 was the current MicroSnot FOPA.
    I know all this stuff. I do not make typoous.
    Why do you post this stuff?
    We all know it.
    Sure we do!
    But do we remember it? I just read through it and found stuff that I used long ago and it was like I just learned it. I found stuff I didn’t know either.
    Hummmm…… Imagine that!
    Thanks, particularly for the PDF.
    Saved me making one.
    Hey, where’s the HTML to PDF howto?

    Thanks again.

  69. Is it possible to display hard drive temps from hddtemp in KSysGuard? They are available in Ksensors and GKrellM, without any configuration required. However I prefer the interface and flexibility of KSysGuard. Is there a way of configuring it?

    Andrew

    1. Zabbix is a great tool that it doesn’t require a entirely separate project to make it easy to install and use (like Nagios and FAN).

      I’ve been following it since its early days and its come a long way. Its sad that lists like this never give it its due, not even a foot note mention.

      while on that note.. really? your 17-20 makes the list, but nmap, mtr, and lsof get relegated to foot notes?

  73. Good Job on assembling the list
    If I may suggest trafshow as an alternative to iptraf when you need to see more detailed info on source/destination , proto and ports at once.

  82. Mark,

    I am in technology myself and this tutorial page is very well organized
    Thanks for taking the time to create this awesome page
    great help for Linux new bees like myself.

  87. Dear all Members,

    Thanks for sharing all your knowledge about Linux.. i really thankful for your share linux tips..!!

    thanks and continue this jurny…as well

    thank you..

  89. This is indeed an impressive collection of tools but I still have to ask if people are really happy with having to know so many names, so many switches and so many formats. If you run one command and see something weird doesn’t it bother you if you have to run a different tool but the anomaly already passed and you can no longer see it with a different tool? For example if you see a drop in network performance and wonder if there was a memory or cpu problem, it’s too late to go back and see what else was going on. I know it bothers me. Again, by running collectl I never have to worry about that because it collects everything (when run as a deamon) or you can just tell it to report lots of things when running interactively and by default is shows cpu, disk and network. If you want to add memory, you can always include it but you will need a wider screen to see the output.

    As a curiosity for those who run sar – I never do – what do you use for a monitoring interval? The default is to take 10 minute samples which I find quite worthless – remember sar has been around forever dating back to when cpus were much slower and monitoring much more expensive. I’d recommend to run sar with a 10 second sampling level like collectl and you’ll get far more out of it. The number of situations which this would be too much of a load on your system would be extremely rare. Anyone care to comment?

    -mark

  91. hi Mark

    absolutely agreed with you mate! if you are the sysadmin something – you will do it for yourself and do it right!
    These tools like ps,top and other is commonly used by users who administrated a non-productive or desktop systems or for some users who’s temporary came to the system and who needed to get a little bit of information about the box – and its pretty good enough for them. )

  92. If you are running a web server and you have multiple clients writing code, you will one day see CPU slow to a crawl. “Why?”, you will ask. ps -ef and top will show that mysql is eating up resources…

    HMM?

    If only there was a tool which showed me what command was being issued against the database…

    mytop

    Once you find the select statement that has mysql running at 99% of the CPU, you can kill the query and then go chase down the client and kill them too (or in my case bill them at $250/hr for fixing their code).

  93. re mysql – it’s not necessarily that straight forward. I was working with someone who had a system with mysql that was crawling. it was taking multiple seconds for vi to echo a single character! we ran collectl on it and could see low cpu, low network and low disk i/o. Lots of available memory, so what gives? A close look showed me that even those the I/O rates were low, the average request sizes were also real low – probably do so small db requests.

    digging even deeper with collectl I saw the i/o request service times were multiple seconds! in other words when you requested an I/O operation not matter how fast the disk is, it took over 2 second to complete and that’s why vi was so slow, it was trying to write to it’s backing store.

    bottom line – running a single tool and only looking at one thing does not tell the whole story. you need to see multiple things AND see them at the same time.

    -mark

  94. I have a postfix mail server, recently through tcpdump I see alot of traffic to dc.mx.aol.com, fedExservices.com, wi.rr.com, mx1.dixie-net.com. I believe my mail server is spamming. How do I find out it is spamming? and how do I stop it. Please help.

    1. Only allow authenticated email users to send an email. There are other things too such as anti-spam, ssl keys, domain keys and much more.

  97. Hiii vivek,
    Do you know any application to shut down a ubuntu 9.1 machine when one of its network interface is down..I need it for clustering..

  99. Actually where I work we have and isa server acting as a proxy/firewall, which prevent me from monitoring internet traffic consumption. so i installed debian as a network bridge between the isa server and the lan, and equipped it with various monitoring tools (bandwidthd, ntop, vnstat, iftop, iptraf, darkstat).

  107. Hi
    Its a great topic. Actually i am a Mysql DBA and i fond a lot of new things here.
    So i can say it will help in future.

    Thanks once again

  109. wow this is some great info,also the various inputs in comments. One i would like to add is

    ulimit

    User limits – limit the use of system-wide resources.

    Syntax
    ulimit [-acdfHlmnpsStuv] [limit]

    Options

    -S Change and report the soft limit associated with a resource.
    -H Change and report the hard limit associated with a resource.

    -a All current limits are reported.
    -c The maximum size of core files created.
    -d The maximum size of a process’s data segment.
    -f The maximum size of files created by the shell(default option)
    -l The maximum size that may be locked into memory.
    -m The maximum resident set size.
    -n The maximum number of open file descriptors.
    -p The pipe buffer size.
    -s The maximum stack size.
    -t The maximum amount of cpu time in seconds.
    -u The maximum number of processes available to a single user.
    -v The maximum amount of virtual memory available to the process.

    ulimit provides control over the resources available to the shell and to processes started by it, on systems that allow such control.

  110. hello Vivek Gite,
    This is really a very good post and useful for all admin.
    Thanks,
    Ashraf

  115. if an “admin” doesnt know 90% of those tools, he isn’t a real admin. you will find most of these tools explained in any basic linux howto…

  116. how the systems can be seen from sitting on one computer like as admin. what is going on screen in grd floor computers?

    1. I assume you can find the process ID – for example if your process is called foo.bar, you could do
      ps -ef | grep foo.bar
      this will give the PID (process ID) as well as other information.
      Then do
      kill -9 PID (where PID is the number your found in the above).

      If you are working on a Mac you have to do ‘sudo kill -9 PID’ since the kill command is an “admin” action that it wants you to be sure about.

      Or if you use top, and you can see the process you want to kill in your list, you can just type k and you will be prompted for the PID (the screen will freeze so it’s easy to read). You type the number and “enter”, will have to confirm (y), and the process is killed with -15. Which is less “severe” than a “kill -9” which really kills just about any process (without allowing it a graceful exit of any kind).

      Use with care!

  118. Gnome system monitor is a pretty useless utility if you ask me.
    its neat to have it as an applet, but thats it.

  119. Thanks,

    I think it will be very helpfull for me as i am practicng oracle in redhat linux4. Today i will try to check it. I want 1 more help. I am not clear about crontab. saupposed i want to start a crontab in my system with any script which i have kept in /home/oracle and want to execute in every 1 hour. Can u send me how i can do with details.
    Thanks,

    kalyan de.
    Chennai, india
    +91 9962300520

  123. atop

    man atop shows

    “The program atop is an interactive monitor to view the load on a Linux system. It shows the occupation of the most critical hardware resources (from a performance point of view) on system level, i.e. cpu, memory, disk and network.It also shows which processes are responsible for the indicated load with respect to cpu- and memory load on process level; disk- and network load is only shown per process if a kernel patch has been installed.”

    1. Have to agree with zim. Atop is a great tool along with it’s report generating sister application atopsar. This is a must-have on any server I manage.

  129. I´m lookuing for apache parameter on the web and found here.

    So, my contribute is: try to use iftop, iptraf, ifstat, jnettop and ethstatus for network graphical and CLI monitoring.

    Use tcmpdump and ngrep for packet sniffing

    HTB is very good for QoS in the network, especially if you need to reduce slower VPN network

  130. fuser command is missing from this list. it tells you which command is using a file at the moment. Since in Linux everything is a file, it is very useful to know!
    Use it this way:
    # to know which process listens on tcp port 80:
    fuser 80/tcp

    # to know which process uses the /dev/sdb1 filesystem:
    fuser -vm /dev/sdb1
    etc …

  132. ‘ethtool’ can also be very useful, depending on the situation:

    – searching for network problems
    – checking link status of ethernet connections
    – and so on

  133. nice list, at the end i think what you meant is “Bonus” and not “bounce”

    “bounce” means “jump”

    “bonus” means extra goodies πŸ™‚

  140. Though i have come across most of these names, having them all in one list will prove to be a good resource. I am going to make a list from these and have it within my website which i use for reference.

    Thanks for the examples.

  142. Hi ite really very very nice which is helful to fresher.

    Thanks a lot…………………..

    Regards
    Amuri Chandra

  144. hiiiiiiiiiiiii
    we r SHREESAI LINUX USER GROUP FRM MUMBAI
    THIS COMMANDS R REALLY NICE

    THANKS
    VIVEK SIR
    PLZ REPLY US ON MAIL

  145. Thanks for this great tips.
    My question is how to show the username(s) wich are connected to the server and they are using ftp protocole ?

    1. Try ftptop . I think you can find it in centos , red hat , slack, debian etc…
      Ftptop works with a lot of ftp servers daemons.

  146. I don’t believe that ftp usage by user is recorded anywhere, so you’d have to get inventive. The way I would do it is use collectl to show both processes sorted by I/O and ftp stats. Then is simply becomes a matter of see which processes are contributing to the I/O and who their owners are.
    -mark

  148. There is another tools “Incron” :
    This program is an “inotify cron” system. It consists of a daemon and a table manipulator. You can use it a similar way as the regular cron. The difference is that the inotify cron handles filesystem events rather than time periods.

  150. Handy list.

    Also, these might be handy as well…

    lsdev – list of installed devices
    lsmod – list of installed modules
    ldd – to see dependencies of a executable file
    watch – automated refresh of any code every specified seconds, etc
    stat – details of any file
    getconf – to get HP server details
    runlevel – redhat run level

    Search in web for more detailed info.

    Good luck…

  151. Hi guys,
    I m totally new to the linux & this web aswell.
    Would some1 help me here regarding, mirrordir utility?
    what would b the full syntex if i only want to copy/mirror changed/edited files from
    source to destination. since last mirror.
    And how to define specific time to run this command, i mean schedule.
    Thanks in advance.

  153. Don’t forget systemtap (stap) which provides the equivalent of Solaris’ invaluable “dtrace” scripting utility. There’s a “dtrace” for Linux project but I haven’t been able to get it to compile on my OpenSuSE 11.x.

    On SuSE Linux is “getdelays” , enabled via the grub kernel command line “delayacct” switch (starting with SuSE 10 Enterprise…). It’ll reveal the amount of wait a given process spends waiting for CPU, disk (I/O) or memory (swap), great for isolating lag in the system.

    There are many many other monitoring tools (don’t know if these were mentioned before) atopsar (atop-related), the sysstat/sar-related sa* series (sadc, sadf, sa1), isag, saidar, blktrace (blktrace-blkiomon / blktrace-blkparse), iotop, ftop, htop, nigel’s monitor (nmon), famd/fileschanged, acctail, sysctl, dstat, iftop, btrace, ftop, iostat, iptraf, jnettop, collectl, nagios, the RRD-related tools, the sys-fs tools, big sister/brother … you could fill a book with them all.

  154. please help where I can insert the command of route add of a node. whenever the server is up i have to re do the command. I need to know where i can put this command permanently

  161. another good tool for monitoring traffic and network usage:
    vnstat
    this also makes statistics for bandwidth usage over time which can be display for daily, weekly and monthly usage. very useful if you don’t want to install a web-based tool for this.

  162. very nice
    very importan tool of monetering
    thanks for ……………………………………….

  163. this rocks. it could not have come at a better time as i am into my first networking course. thanks so much… i found this through stumbleupon linux/unix

  165. If you want to monitor CPU, memory, I/O and disk usage across multiple servers you can use Librato Silverline – it’s a commercial product but the first 8 cores are always free. You can actually do a lot more with Silverline, i.e. place apps in individual containers, assign resource quotas to containers, trigger events etc. but as a monitoring tool it is really great too.

  168. And a good Sysadmin always can count with you prefered script language.

    I using perl for monitoring a lot of basic infra structure services, like DHCP, DNS, Ldap, and Zabbix for generate alarms and very nice graphs.

  169. Hi,

    One of My Professor is introduce about the Ubantu This os is I like very much this flyover. Before I am Using XP but now I download all app. and I all applications. i always love linux, great article.

    sarath

  175. Great list, but why is TOP still used?

    It is a highly limited utility. HTOP can do all top can, plus a ton of stuff more:
    1. use colors for better readabilty. In the 21st century, all computers have a super hightech thing on their monitor called COLORS (sarcasm off)
    2. allow process termination and sending of signals (even multi select several processes)
    3. show cpu / ram usage with visual bars instead of numbers
    4. show ALL processes: top cannot do that, it just shows what is on the screen. It is the main limiting factor that made me chuck it to the curb.
    5. Use your cursor keys to explore what cannot be shown on the screen, for example full CLI parameters from commands.
    6. Active development. There are new features. Top is dead and there does not seem to have been any active development for 10 years (and that is how the tool looks)

  176. Dear All,

    My Oracle Enterprice Linux getting very slow, when my local R12.1 start.

    by using “top” command i found lot of Database users are running.
    normally in other R12 instance only few Database users are available. can any one tell me what might be the problem,, is it OS level issue or my Application Issue.. where i have to start the tuning .

    Kinldy advice me.

    Thanks in Advance,
    Abdul Hameed

  178. “My Oracle Enterprice Linux getting very slow, when my local R12.1 start.”

    Arghh! Linux is turning into Windows!

    These are super machines, people! Remember when 4.2BSD came out, and people were saying “Unix is becoming VMS”? With 4.1 BSD, we had been flying on one MIP machines (think of a one Mhz clock rate – three orders of magnitude slower than today’s machines, not Ghz… Mhz!). So much was added so quickly into 4.2 (kernels were no longer a few hundred kilobytes at most) that performance took a nose dive. But then 4.3 BSD fixed things for a while (with lots of optimizations such as unrolling the the instructions in a bcopy loop till they just just filled an instruction cache line). It didn’t hurt either that memory was getting cheaper, and we could afford to upgrade our 30 user timesharing systems from four Megabytes to eight Megabytes, or even more! It takes an awful amount of software bloat (and blind ignorance of the principles we all learned in our “combinatorial algorithms” classes) to be able to make machines that are over a thousand times faster than the Vaxen we cut our teeth on be “slow”.

    Today’s Linux systems hardly feel much faster on multicore x86 machines than they did on personal MicroVaxes or the somewhat faster Motorola 68020 based workstations (except for compilations, which now really scream by – compiling a quarter meg kernel used to take hours, whereas now it feels like barely seconds pass when compiling kernels that, even compressed, are many times larger. But then, compiler writers for the most part (25 years ago, Green Hills employees seemed a glaring exception and I don’t know about Microsoft) have to prove they have learned good programming practices before their skills are considered acceptable). Other software, like the X server, still feels about the same as it did in the eighties, despite today’s machines being so much faster. And forget about Windows!

  181. Friends I have typed the corrected question here below. Please let me know if you can help:

    Part1 : Find out the system resources — CPU Usage, Memory Usage, & How many process are running currently in “exact numbers”?, what are the process?
    Part2: Assume a process CACHE is running on the same system — How many files are opened by CACHE out of the total numbers found above?? what are the files used by CACHE? Whats the virtual memory used by the process. What is the current run level of the process.
    Part3: How many users or terminals are accessing the process CACHE?
    Part4: The script should run every 15secs with the time of execution & date of script and the output should be given to a file “richprocess” in the same order as that of the question.
    Note: NO EXTERNAL TOOLS are allowed to be used with linux. Only shell script should be written for the same!

    1. I got the answer for it i used
      $vi file1
      #!/bin/bash
      while [ true ]
      do
      echo “—$(date)—-” >> richprocess
      echo ” 1. virtual mem of the system” >> richprocess
      vmstat >> richprocess
      echo ” 2. Free mem available in system” >> richprocess
      free -m >> richprocess
      echo ” 3. Mem used by cache & to print files used by CACHE”
      pmap -x `ps -A | pgrep CACHE` >> richprocess
      sleep 15
      done
      :wq!
      $bash file1 &
      $cat richprocess # to see the output..

      I had a worse comment from someone to try a nonexistent website.. saying “www.Iwantothersdomyhomework.com” please dont post things like this. I am asking help only because I want to learn. Thanks for support from this site..

  184. Very good for beginners as well as professional. Thank you very much Sir for sharing your knowledge. I really appreciate.

  186. This is really helpful. I know these tools, but did not use them well. Many thanks for your tips.

  188. cant see nload on the list , easy showing of whats going on with your network..

    nload eth0 should show rest.

  192. Thanks for sharing a good list of useful commands.

    I found a typo where there should not be a dash in front of the options for

    ps auxf

    in the command for
    Find Out The Top 10 Memory Consuming Process
    and
    Find Out top 10 CPU Consuming Process

  193. Thanks for sharing such a use full commands,
    friends i want to watch terminal session, which is logged in vai ssh
    could you please help me??

  200. Hi
    I want to learn linux firewall and file server from base.
    Can u sujjest me, in which link i can get all those useful material.

    Thank You

  203. systemgraphhttp://www.decagon.de/sw/systemgraph/

    Nice graphical system statistics RRDTool frontend which produces hourly, daily, weekly, monthly … graphs of various system data. At the moment it provides graphs for memory usage, cpu info, cpu frequency, disk iostat, number of users, number of processes, number of open files, number of tcp connections, system load, network traffic, protocl statistic, harddisk/partition usage and temperatures, privoxy proxy statistic, ntpdrift, fan status and system temperatures.
    It is simple and it doesn’t require snmp. It consists only of some shell and perl scripts.

  205. An other interesting program wich hasn’t been mentioned yet is Midnight Commander (mc). At least it’s my favourite file manager in a console environment.

    Thanks all for your contributions. There are a lot of interesting programs wich I already use, or certainly will be using in the future.

  207. NO PRINT FUNKTION ? BIG FAIL IN YOUR FACE…damn why is every hole blogging but a printfunktion is missing ? i dont need the scrappie comments in my prints…..

    1. Nice Roundup. However, I love you not having a print function. I am able to print what I need without it… πŸ˜‰

      htop missing? πŸ™‚

  213. m using ubuntu 9.10 on system but problem is regarding internet …. unable to connect with internet…
    waiting for useful reply

  214. Very good post. I’ve some problems trying to figure out historical data about disk usage. I still dont know a good tool for that. sar is wonderful but it’s unable to record disk usage per process. You know any tool for that?

    1. most monitoring tools like nagios, cacti, and zabbix give you the ability to trend your disk usage, and even alert at certain capacity points.

  215. Its great, but i’m having a little inconvenient, i want to look the detail for a process, exactly from apache, but the result is always the seem, any one have a trick for see them? explaining better, i have a process from apache but not die, it keep for a long time using the resource and overloading the machine, when i see with a “ps auxf” the result is
    apache 32327 85.7 0.5 261164 39036 ? R 22:49 0:49 _ /usr/sbin/httpd

    I want see wath is doing this process “32327” exactly, any idea?

    1. you can try strace as mentioned in the tools and you can also look at the files in /proc/PID/ (so /proc/32327 for you)

  218. Great it was bagger description for me.
    This is article has solved my lot of problems
    thanks for this
    gkjha009

  220. Great article, there are many great suggestions! I want to contribute with these two:

    GoAccess – real-time Apache/nginx log analyzer and viewer, runs in a terminal in *nix systems.
    CCZE – modular log colorizer

  222. I have just recently released my first open source project the Remote Linux Monitor, which you can find at here . I modeled it on Gnome’s System Monitor and I would love get your feedback on it. Thanks.

  224. yeah really nice post !!!
    It’s really help me but how about the centos linux command can anyone tell me about that, all the linux command will be same for the all versions of linux (Is it wright guys) .
    or
    please email me if you know some code of contos linux cause i using this lunux.

    regards,

  228. Am working in small company having around 45 employees,we r using linux server in our office, i need to checkout or monitor the user’s website, which they are accessing in office hours,Please any one suggest me with correct command. Thanks

  229. Dear Sir,

    My Name is Govardhan Raju from TIRUPATI, ANDHRA PRADESH. working as a linux (RHEL4) operator. I want to take data backup daily. Is there any posibility to take todays date files only ? Please suggest me the commands which are useful to take backup daily with syntax.

    Thanking U Sir,

    S Govardhan Raju

  230. Hi, I’m using windows 7 version. how to access the UNIX commands in windows plat form without installing any set up file or UNIX Operating System.

    Could you please suggest any to me.

    Thanks,

  231. I feel an important one is psacct.. Should have at least made the list. Very useful to track what commands/users are eating cpu time.

  232. There is another tool we use for system monitoring, it’s from IBM called NMON – pretty good tool, I recommend it.

    AL

  234. nice collection..referencing related articles are like ‘feathers in the cap’ !!
    appreciate it..thanks!

  235. Dear all ,

    I have deployed some 40 routers in the cafes,60 more in have to deploy in diff region/areas.I want to monitor the Wifi routers sitting in one place.

    I have connected Debian installed thin client to each router to provide internet to the customers @ cafe,free browsing for 30 mins.

    Can some one suggest me a tool for monitoring the Routers & my debian machine performance.

    Regards
    Naveen C

    1. The router model is DAP-1155 Wireless N 150 i have purchased some 100 and i am planning to buy 300 more.

      pls do help me

      Thanks in advance

      Naveen C

    2. Such routers often include a management/monitoring package, which may be more immediately useful than using Debian-based commands, and the router software may allow for viewing the multiple routers you describe from a single screen. I know that the latest NETGEAR wireless routers include a software package like this.

      But, why just 30 minutes per customer? Isn’t that the wrong message to give the cafe customers?: Like, hurry up and drink your coffee/tea, and then get out!!
      Maybe you could try a one hour limit and see what happens. Linux is much more efficient than many people realize, even under heavy usage.

      I think that Starbucks and similar shops in North America tend to offer unlimited Internet access with any purchase – and most don’t really seem to enforce the purchase requirement, unless a “freeloader” is annoying or being offensive to other customers, etc.

  236. Great post! Some of these I never thought to use that way. When using free I will often use the -m option to display in Mb. (Example: free -m)

  237. Hi Team,

    I required to find the hardware information in linux, can you please advise.

    I recieved alert as below:

    Tivoli MINOR for : Accelerator board battery failed

    thanks
    sudarshan

  238. Thanks Vivek,

    For Posting this. It is very useful for Beginners as well.

    Keep the Great work going on…..

  239. Great Share πŸ™‚
    After using a few of these commands I am feeling like I am an Linux Operations Engineer πŸ˜‰

  241. Your forgot monit (I dont care why it failed at 3a.m. – just fix it and tell me!) and collectd (just record how things are going over the months, without freaky sar..)

    Michael πŸ˜‰

  244. excellent and concise info. For people who are not dedicated Linux Admin but need some tools to work with Linux, this is excellent!

  246. Excellent – can’t thank you enough.
    Not sure what CIFS ‘tools’ we were using – not SAMBA

  248. pl help me
    as i am new in linux i am copying a folder in
    /filesystem/usr/local …. form pen derive , but it is giving error msg ” no permission ”

    pl help

  250. Hi,

    How to take data back in Linux Enterprise 6 daily basis and how to speed up (refresh) in linux. is there any specific commands for this???

    help me out of this…

  256. +1

    Great post…now i’m think more prepared to find an strange memory usage on apache server ¬¬.

    Great post.

  258. My new favourite tool is “systemd.analyze”. It is great for pin-pointing bottle-necks in startup. It can produce a very nice plot of every process, allowing you instantly see what’s holding things up.

  260. What is tool to get All activity info. Like any user create/delete/move file or directory information???

  262. Instead of Cacti I prefer munin. Installation and configuration is easy and on monitored systems, only a small client is needed.

  266. And I am using “watch” utility. This is basically not a system monitoring tool. But in some case we need to watch the out put of a command continuously. That time this is not easy to enter the same command all the time and watch the output. In that case you can use this utility. You can set the interval of each refresh.

    Eg: watch -n 10 df -Th (this is just an example)
    This command will give you the output of df -Th in each 10 seconds. Then you can easily measure the hard disk usage.

    Cheers…!

  268. I’d also add ‘monit’ utility, to monitor assorted services and perform actions 9such as restarting the stopped service).

  270. All of these are must have tools for doing any analysis/monitoring of activity on Linux boxes. Thanks for collecting everything into a concise space.

  275. Hi..
    i would know about your opinion…i must do the project about monitoring devices availability…
    what the software in linux about this and i must editing the coding software.

  277. Please can somebody help me to with Autosys/ Control M sheduling tool. I ‘m new to both these tools and never used them. want some tutorials to learn any of these tools for beginners .

    also, which unix commands are important for production support guys apart from normal commands like Grep,find,less,more etc.
    any help in form of documents / tutorials is appreciated…

    thanks in advance…

    appreciate ur reply on my maild id

  280. TQ, Very helpful tips… Just my $0.02; ETHERAPE for linux is a free graphical tool http://etherape.sourceforge.net/ which is really helpful to help monitor network traffic in a network segment. Many instances i managed to pinpoint which PC/server is heavily broadcasting packets that caused network slow-down.. tq

  281. This are very helpful tips. Thank you chief.
    Am a newbie in SysAdmin and i this commands will come in hardy.

  285. thankz for this tips it was very useful
    to me.. get more updates about open source..=)

  288. Thx for that usefull info:
    Even if we use or not some web host managers, know manual usage of some tools is a must have for a sysadmin, or almost for decent ones… What will you do when the host manager dont work? Who have to repair it? Is You and you will need a real knowledge about what’s on your hands πŸ™‚

    So many thanks again.

  293. The ps syntax is wrong.

    For memory:
    ps aux |sort -nrk 4 |head -10

    For cpu:
    ps aux |sort -nrk 3 |head -10

  294. EXCELLENT work , one humble suggestion . when you use top command , or any command , please do mention the way to clear the work load of system so that the system can be speeded up .
    Regards . Very Informative.

  298. E X C E L L E N T !!!!! This word is also not sufficient for such a lovely information you are sharing with all of us without any selfish motto. Kudos .

    With warm regards

    Mahesh Vakharia

  302. A little notify in terms of “ps aux” and “ps -aux”

    cite:
    Note that “ps -aux” is distinct from “ps aux”. The POSIX and UNIX standards require that “ps -aux” print all processes owned by a user named “x”, as well as printing all processes that would be selected by the -a option. If the user named “x” does not exist, this ps may interpret the command as “ps aux” instead and print a warning.”

    quelle: http://superuser.com/questions/394414/ps-warns-me-about-bad-syntax-with-aux-options

  303. Hi,
    ————————————–
    Can not telnet to Debian 6.0 from Windows Box.
    —————————————–
    I have downloaded the file: telnetd_0.17-36_i386.deb and installed it on Debian 6.0 box using dpkg -i command. It was installed successfully. But I still do not find the telnetd process under the “ps -aef” output.

    How do I start the telnetd process automatically so that I can telnet to it from Windows box?

    Thanks.

  306. Hi Vivek and all,
    Its a very useful site. Iam about to complete my RHCE and currently residing in banglore ,plz guide with more of these linux topics on my mail: rajeshnarayanbe@gmail.com and how to face the interview as a sysadmin fresher
    I would be pleased if you even mail me about job openings in and around banglore which would be very helpful.
    I hope I would join the beautiful world of linux..
    Thanx Mr.Vivek for introducing me to various monitoring tools

  307. munin beats cacti, IMHO.
    lsblk list block devices.
    watch repeat a one-off executing CLI program, that way generating dynamically updating output.

  308. Check also netdata:

    netdata is a highly optimized Linux daemon providing real-time performance and health monitoring for Linux systems, applications and SNMP devices, over the web! It has been designed to permanently run on all systems, without disrupting the applications running on them.

    demo: http://my-netdata.io
    source: https://github.com/firehol/netdata
    wiki: https://github.com/firehol/netdata/wiki

    – real-time, per second updates, snappy refreshes!
    – 300+ charts out of the box, 2000+ metrics monitored!
    – zero configuration, zero maintenance, zero dependencies!
    – dozens of health monitoring alarms, out of the box!

  309. Just started learning Linux(Gentoo) but i’m not sure if that’s the best place to start. I would greatly appreciate any sites that might be helpful for learning.

    Have a question? Post it on our forum!