Top 5 Linux monitoring tools Every linux admin should know

Here i’am introducing the most popular, top 5 linux monitoring tools/commands. All the Linux distributions  have some built in linux monitoring tools and couple more add-ons for monitoring linux resource and performance. Including network, CPU, memory, Disk I/O, etc. Unlike Windows based servers, you are administering linux servers via command line on a shell. Since monitoring is essential for all the servers, here is the top frequently used 5 linux monitoring tools/commands.

Top 5 Linux monitoring tools

#1. “Top” command

One of the basic but essential linux monitoring tools that works on all the linuc distributions like Ubuntu, CentOS, Redhat, Debian, Fedora, etc. Top command displays all the precess running on with its PID, CPU, memory, virtual memory, time, etc. Simply press “q” to quit from the top command tool.

Top Command Usage examples (available switches -U User , -p PID , -d update intervals (in seconds)

top
top -p 1776
top -p 1876 -d .5

Sample Output:

top - 20:21:47 up  1:42,  2 users,  load average: 0.11, 0.08, 0.06
Tasks: 217 total,   2 running, 215 sleeping,   0 stopped,   0 zombie
%Cpu(s):  0.0 us,  1.0 sy,  0.0 ni, 99.0 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
KiB Mem:    493880 total,   358744 used,   135136 free,    11140 buffers
KiB Swap:  1046524 total,        0 used,  1046524 free.   230252 cached Mem

  PID USER      PR  NI    VIRT    RES    SHR S %CPU %MEM     TIME+ COMMAND                                                                                 
  154 root      20   0       0      0      0 S  0.3  0.0   0:02.73 kworker/0:1                                                                             
 1984 root      20   0   23676   3016   2460 S  0.3  0.6   0:00.68 top                                                                                     
    1 root      20   0   29164   3716   2452 S  0.0  0.8   0:02.55 init                                                                                    
    2 root      20   0       0      0      0 S  0.0  0.0   0:00.02 kthreadd                                                                                
    3 root      20   0       0      0      0 S  0.0  0.0   0:00.24 ksoftirqd/0                                                                             
    5 root       0 -20       0      0      0 S  0.0  0.0   0:00.00 kworker/0:0H                                                                            
    7 root      20   0       0      0      0 S  0.0  0.0   0:00.78 rcu_sched                                                                               
    8 root      20   0       0      0      0 R  0.0  0.0   0:00.25 rcuos/0

 #2 vmstat commandLinux monitoring tools

vmstat command is used for displaying the information about the following resources. Process, memory, paging, CPU, disk I/O, system, Swap, etc.

Command usage:

vmstat

Available vmstat command switches

-a, --active           active/inactive memory
 -f, --forks            number of forks since boot
 -m, --slabs            slabinfo
 -n, --one-header       do not redisplay header
 -s, --stats            event counter statistics
 -d, --disk             disk statistics
 -D, --disk-sum         summarize disk statistics
 -p, --partition <dev>  partition specific statistics
 -S, --unit <char>      define display unit
 -w, --wide             wide output

Example:

vmstat -a

Sample Output:

sreekanth@DigitPAGE:~$ vmstat
procs -----------memory---------- ---swap-- -----io---- -system-- ------cpu-----
 r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa st
 0  0      0 135280  11140 230252    0    0    44    27   40  103  0  0 99  0  0

#3. free command

Free is another simple but very usefull linux monitoring tool to monitor Memory resource usage. Free command can monitor the usage of Physical memory, virtual memory, Swap memory usage, buffer memory, cached, etc.

Command usage:

free

available free command switches:

-b, --bytes         show output in bytes
 -k, --kilo          show output in kilobytes
 -m, --mega          show output in megabytes
 -g, --giga          show output in gigabytes
     --tera          show output in terabytes
 -h, --human         show human-readable output
     --si            use powers of 1000 not 1024
 -l, --lohi          show detailed low and high memory statistics
 -o, --old           use old format (without -/+buffers/cache line)
 -t, --total         show total for RAM + swap
 -s N, --seconds N   repeat printing every N seconds
 -c N, --count N     repeat printing N times, then exit

Sample output:

sreekanth@DigitPAGE:~$ free -m
             total       used       free     shared    buffers     cached
Mem:           482        346        136          0         10        224
-/+ buffers/cache:        110        371
Swap:         1021          0       1021

#4  netstat command

netstat is another powerful built-in Linux monitoring tools used for getting the netword statistics. The command output displays the status of active network connections to/from the server. The output will displays the opened/ connected ports, remote/foreign ipaddres, connection state, type, etc.

command usage:

netstat

Sample command output:

sreekanth@DigitPAGE:~$ netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 172.16.197.129:ssh      172.16.197.1:51125      ESTABLISHED
udp6       0      0 localhost:51487         localhost:59966         ESTABLISHED
udp6       0      0 localhost:59966         localhost:51487         ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  7      [ ]         DGRAM                    10110    /dev/log
unix  2      [ ]         DGRAM                    20570    
unix  3      [ ]         STREAM     CONNECTED     9879     
unix  3      [ ]         STREAM     CONNECTED     9881     @/com/ubuntu/upstart
unix  2      [ ]         DGRAM                    13115    
unix  3      [ ]         STREAM     CONNECTED     12484    
unix  3      [ ]         STREAM     CONNECTED     13333    
unix  3      [ ]         STREAM     CONNECTED     10084    
unix  3      [ ]         STREAM     CONNECTED     12251    /var/run/dbus/system_bus_socket

#5 tcpdump command

tcpdump is one of the most powerful linux monitoring tools for network administration. tcpdump command will display packets i/o in a linux server. the popular command usage is monitoring the packets flow on a network interface

tcpdump command usage:

sudo tcpdump

Sample output:

sreekanth@DigitPAGE:~$ sudo tcpdump -i eth0 
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
20:31:41.345770 IP 172.16.197.129.ssh > 172.16.197.1.51125: Flags [P.], seq 2625823039:2625823155, ack 519009419, win 679, options [nop,nop,TS val 1614064 ecr 255900466], length 116
20:31:41.345977 IP 172.16.197.129.ssh > 172.16.197.1.51125: Flags [P.], seq 116:152, ack 1, win 679, options [nop,nop,TS val 1614064 ecr 255900466], length 36
20:31:41.346133 IP 172.16.197.1.51125 > 172.16.197.129.ssh: Flags [.], ack 116, win 8184, options [nop,nop,TS val 255900476 ecr 1614064], length 0
20:31:41.346140 IP 172.16.197.1.51125 > 172.16.197.129.ssh: Flags [.], ack 152, win 8189, options [nop,nop,TS val 255900476 ecr 1614064], length 0
20:31:41.346232 IP 172.16.197.129.ssh > 172.16.197.1.51125: Flags [P.], seq 152:268, ack 1, win 679, options [nop,nop,TS val 1614064 ecr 255900476], length 116