Linux – Basic Performance Monitoring tools


-d   Specifies the delay between screen updates. You can change this with the s interactive command.

-p   Monitor only processes with given process id. This flag can be given up to twenty times.

-i   Start top ignoring any idle or zombie processes. See the interactive command i below.

-c  Display command line instead of the command name only. The default behavior has been changed as this seems to be more useful.

SAR   – System Activity Report

-d     Report activity for each block device

-m     Report power management statistics.

-i       Interval Select data records at seconds as close as possible to the number specified by the interval parameter.

-r     Report memory statistics.

-S     Report swap space utilization statistics.


sar  1 100   –> CPU

sar -r 1 100 –> Memory


VMSTAT virtual memory statistics

ex: vmstat 1 100


r: The number of processes waiting for run time.

b: The number of processes in uninterruptible sleep.


swpd: the amount of virtual memory used.

free: the amount of idle memory.

buff: the amount of memory used as buffers.

cache: the amount of memory used as cache.

inact: the amount of inactive memory. (-a option)

active: the amount of active memory. (-a option)


si: Amount of memory swapped in from disk (/s).

so: Amount of memory swapped to disk (/s).


bi: Blocks received from a block device (blocks/s).

bo: Blocks sent to a block device (blocks/s).


in: The number of interrupts per second, including the clock.

cs: The number of context switches per second.


These are percentages of total CPU time.

us: Time spent running non-kernel code. (user time, including nice time)

sy: Time spent running kernel code. (system time)

id: Time spent idle. Prior to Linux 2.5.41, this includes IO-wait time.

wa: Time spent waiting for IO. Prior to Linux 2.5.41, included in idle.

st: Time stolen from a virtual machine. Prior to Linux 2.6.11, unknown.

netstat – Shows open ports and connections

Is the tool Linux administrators use to show various network information, like what ports are open and what network connections are established and what process runs that connection. It also shows various information about the Unix sockets that are open between various programs. It is part of most Linux distributions A lot of the commands are explained in the article on netstat and its various outputs. Most used commands are:

$ netstat | head -20

$ netstat –r   (routing)

$ netstat –rC (routing from cache)

$ netstat –i (traffic)

$ netstat –ie (interface)

$ netstat –s (statistics of each protocol)

$ netstat –g (multicast group)

$ netstat –tapn (with PID & port port)

tcpdump – insight on network packets

tcpdump can be used to see the content of the packets on a network connection. It shows various information about the packet content that pass. To make the output useful, it allows you to use various filters to only get the information you wish. A few examples on how you can use it:

# tcpdump -i eth0 not port 22

# tcpdump -c 10 -i eth0

# tcpdump -ni eth0 -c 10 not port 22

# tcpdump -w aloft.cap -s 0

# tcpdump -r aloft.cap

# tcpdump -i eth0 dst port 80

lsof – list open files

lsof is a command meaning “list open files”, which is used in many Unix-like systems to report a list of all open files and the processes that opened them.

It is used by most Linux distributions and other Unix-like operating systems by system administrators to check what files are open by various processes.

# lsof +p process_id
# lsof | less
# lsof –u username
# lsof /etc/passwd
# lsof –i TCP:ftp
# lsof –i TCP:80


  • strace provides you the execution sequence of a binary from start to end
  • Strace monitors the system calls and signals of a specific program. It is helpful when you do not have the source code and would like to debug the execution of a program.
  • Strace is a debugging tool that will help you troubleshoot issues.

Trace the Execution of an Executable


Leave a Comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>