-d Specifies the delay between screen updates. You can change this with the s interactive command.
-p Monitor only processes with given process id. This flag can be given up to twenty times.
-i Start top ignoring any idle or zombie processes. See the interactive command i below.
-c Display command line instead of the command name only. The default behavior has been changed as this seems to be more useful.
SAR – System Activity Report
-d Report activity for each block device
-m Report power management statistics.
-i Interval Select data records at seconds as close as possible to the number specified by the interval parameter.
-r Report memory statistics.
-S Report swap space utilization statistics.
sar 1 100 –> CPU
sar -r 1 100 –> Memory
VMSTAT virtual memory statistics
ex: vmstat 1 100
r: The number of processes waiting for run time.
b: The number of processes in uninterruptible sleep.
swpd: the amount of virtual memory used.
free: the amount of idle memory.
buff: the amount of memory used as buffers.
cache: the amount of memory used as cache.
inact: the amount of inactive memory. (-a option)
active: the amount of active memory. (-a option)
si: Amount of memory swapped in from disk (/s).
so: Amount of memory swapped to disk (/s).
bi: Blocks received from a block device (blocks/s).
bo: Blocks sent to a block device (blocks/s).
in: The number of interrupts per second, including the clock.
cs: The number of context switches per second.
These are percentages of total CPU time.
us: Time spent running non-kernel code. (user time, including nice time)
sy: Time spent running kernel code. (system time)
id: Time spent idle. Prior to Linux 2.5.41, this includes IO-wait time.
wa: Time spent waiting for IO. Prior to Linux 2.5.41, included in idle.
st: Time stolen from a virtual machine. Prior to Linux 2.6.11, unknown.
netstat – Shows open ports and connections
Is the tool Linux administrators use to show various network information, like what ports are open and what network connections are established and what process runs that connection. It also shows various information about the Unix sockets that are open between various programs. It is part of most Linux distributions A lot of the commands are explained in the article on netstat and its various outputs. Most used commands are:
$ netstat | head -20
$ netstat –r (routing)
$ netstat –rC (routing from cache)
$ netstat –i (traffic)
$ netstat –ie (interface)
$ netstat –s (statistics of each protocol)
$ netstat –g (multicast group)
$ netstat –tapn (with PID & port port)
tcpdump – insight on network packets
tcpdump can be used to see the content of the packets on a network connection. It shows various information about the packet content that pass. To make the output useful, it allows you to use various filters to only get the information you wish. A few examples on how you can use it:
# tcpdump -i eth0 not port 22
# tcpdump -c 10 -i eth0
# tcpdump -ni eth0 -c 10 not port 22
# tcpdump -w aloft.cap -s 0
# tcpdump -r aloft.cap
# tcpdump -i eth0 dst port 80
lsof – list open files
lsof is a command meaning “list open files”, which is used in many Unix-like systems to report a list of all open files and the processes that opened them.
It is used by most Linux distributions and other Unix-like operating systems by system administrators to check what files are open by various processes.
# lsof +p process_id
# lsof | less
# lsof –u username
# lsof /etc/passwd
# lsof –i TCP:ftp
# lsof –i TCP:80
- strace provides you the execution sequence of a binary from start to end
- Strace monitors the system calls and signals of a specific program. It is helpful when you do not have the source code and would like to debug the execution of a program.
- Strace is a debugging tool that will help you troubleshoot issues.
Trace the Execution of an Executable