Server Administration & Management

TOP Command

If your server is under a high load, the command

# top

can provide you with real time information about the top CPU and memory using processes on the server. Top also has an interactive interface, so you can control the output. Some of these options are listed below.

P sort tasks by CPU usage (default).

M sort tasks by resident memory usage.

T sort tasks by time / cumulative time.

m toggle display of memory information. (on/off)

l toggle display of load average and uptime information. (on/off)

c toggle display of command name or full command line. (on/off)

More information on the process ‘top’ can be found by running the command:

# man top


The top command gives a list of the most active 20 processes in terms of CPU usage .

Display is updated every 5 seconds as a default value, you can change it by pressing d while top is running, enter the new display value in seconds, and press enter. The first line shows the time, for how long the computer has been running, number of users, CPU average load during the last 1minute, 5 minutes, 15 minutes. Again every terminal window is counted as a user, and this is the same info you get using uptime command.

The second line speaks for it self , some statistics of the processes.

The Third line is the CPU usage stats,

us “user” is the percentage of CPU time used by the user.

sy “system” the percentage of CPU time used by the kernel.

ni “Niced” is that used by the niced processes ( Niced processes are those which have a positive nice value , which means they have a different priority, see this post).

id “idle” is that used by idle processes.

wa “waiting” is that percentage of CPU time which is used by the processes waiting for I/O.

hi “hardware interrupt”, si “software interrupts” are the percentage of CPU time for which it has been servicing hardware and software interrupts.

The fourth and fifth lines speak for them selves .

Now we have 12 columns:

PID is the process ID.
USER is the name of the user running the process.
PR is the Process Priority.
NI nice value a negative nice value means higher priority, a positive nice value means lower priority.
VIRT is the total amount of virtual memory used by the task.
S Process Status
The status of the task which can be one of:
’D’ = uninterruptible sleep
’R’ = running
’S’ = sleeping
’T’ = traced or stopped
’Z’ = zombie
%CPU is the percentage of CPU time used by the process.
%MEM physical memory share.

There are a bunch of Interactive commands which can be run by pressing :

k to kill a process by giving it is PID.
r to renice a process by giving it is PID.
d to change the display time interval, just enter the new value in seconds.
q to quit top.

April 30, 2012 Posted by | Tips & Tricks, Unix/Linux | , , , | Leave a comment

How to displaying system temperature of System

# cat /proc/acpi/thermal_zone/THRM/temperature

temperature:             30 C

April 6, 2012 Posted by | Tips & Tricks, Unix/Linux | , , , | Leave a comment

How to monitor specific process (ie apache) using Top Command

How to monitor specific process (ie apache) using Top Command

# top -p `pidof httpd | awk ‘{gsub(/[ ]/,”,”);print}’`

April 4, 2012 Posted by | Apache, Tips & Tricks, Unix/Linux | , , , , | Leave a comment

How to check disk for bad sectors

Checks Hard disk drive or bad sectors, just like scandisk or chkdisk under some other operating system.

# badblocks -n -s /dev/sdX

April 2, 2012 Posted by | Tips & Tricks, Unix/Linux | , , , | Leave a comment

How to run a file system check on your next boot

The empty file /forcefsck causes the file system check fsck to be run next time you boot up, after which it will be removed.

# touch /forcefsck

March 31, 2012 Posted by | Tips & Tricks, Unix/Linux | , , , | Leave a comment

How to clean up cache memory of unnecessary things

First run sync first to flush useful things out to disk ! ! !

To free pagecache:

# echo 1 > /proc/sys/vm/drop_caches

To free dentries and inodes:

# echo 2 > /proc/sys/vm/drop_caches

To free pagecache, dentries and inodes:

# echo 3 > /proc/sys/vm/drop_caches

March 29, 2012 Posted by | Tips & Tricks, Unix/Linux | , , , | Leave a comment

How to find all symbolic links with the “find” command

Find all symbolic links

Substitute [path] in the example below with the root level path you want to find symlinks from, and note that the final letter after -type is a lower case L (i.e. l for link):

# find [path] -type l

To find symlinks in all subdirectories from the current directory :-

# find . -type l

February 18, 2011 Posted by | Tips & Tricks, Unix/Linux | , , | 1 Comment

Add timestamp to history

History is a linux shell command that list all the executed command on server. Default 1000 commands can be displayed in history. This command is use for invistigation purpose as which command was executed to solve the issue or to malfunctioning of server.

Initally output of history command is simple links.

989  date
990  history
991  history
992  w
993  top
994  w
995  cd /tmp
996  date

but adding timestamp it will provide you with an addational information of date and time of execution of command.
Which will help you inistigate as at what exact date and time command was executed.

To add time stamp add following.

Edit file /root/.bash_profile and add following.


February 5, 2011 Posted by | Tips & Tricks, Unix/Linux | , , | 1 Comment

How to determine the connection speed

I’ve been asked this several times so I hope this little article will help many people. The question is: how do I determine the connection speed negotiated with the switch? Many ask this because they want to be sure that they are getting what they pay for. Please note that this is will NOT determine your server max speed but rather it will tell you the connection speed negotiated with the switch.

Simply run as root:

# mii-tool

This will output something like:

eth0: negotiated 100baseTx-FD, link ok

February 1, 2011 Posted by | Tips & Tricks, Unix/Linux | , , , | 2 Comments

How to create a tar archive from a directory

How can you do this? It’s not difficult at all. For exemple to backup a user home directory you would have to run:

# tar -pczf rchive.tar.gz /home/USERNAME

Since I started working with cPanel server I always needed to create archives from directories.
For example backing up a user’s home directory.

You can read more about tar by reading it’s manual.

# man tar

January 31, 2011 Posted by | Tips & Tricks, Unix/Linux | , , , , | Leave a comment

Screen command

Many times as a Linux sysadmin, you will need to run multiple commands at once. You are probably doing this by opening multiple ssh sessions but there is a better way to do it ! Also as a sysadmin you probably had to run a command or script that is taking hours to finish like a rsync. This usually requires you to keep the ssh session open as if you close it the command or script will also be closed. If you ever faced any of those problems then it’s probably time to learn about the screen command.

Screen – makes it possible to run multiple full-screen pseudo-terminals from one real terminal, and lets you manipulate and save your screen input and output, copy and paste between windows.

First of all make sure that you have screen installed. If you don’t you can install it using yum, apt-get or any other package manager that you might have on your server.

# yum install screen

Now type in:

# screen

This will start a new screen for you. You could also name you screen using the -S option. Something like:

# screen -S 1

In this case I named the screen “1?.

The screen will look like any other ssh window. You can now type in your command that you want to run.

If you want to detach from the screen and still keep the command running you can do this by pressing:

Ctrl-a d (that is press Ctrl-a, release and press d)

Detaching a screen

To detach a screen, press ctrl+a release and then d. then you can just exit from your ssh shell. When you want to recover the jobs running under that screen just re-attach it.

Attaching to sessions again

First review the list of screen sessions you have running.

# screen -ls

There is a screen on:
3946.pts-0.arch (Dettached)
1 Socket in /tmp/screens/S-ggarron.

To resume the session run:

# screen -r 3946.pts-0.arch

If you want to reatach to a screen you simply type in:

# screen -r

Other options that you have when you are in a screen are:

1. To create a new screen:

Ctrl-a c

2. To switch between screens:

Ctrl-a n

3. And many others.

January 30, 2011 Posted by | Tips & Tricks, Unix/Linux | , , , | 1 Comment


1. # netstat -tulpn | grep :80

2. # fuser 7000/tcp [Find out the processes PID that opened tcp port 7000]

3. # ps ax | grep httpd | wc -l

4. # ps aux | awk ‘{ print $8 ” ” $2 }’ | grep -w Z

5. # netstat -ant | awk ‘{print $NF}’ | grep -vE ‘[:upper:]’| sort | uniq -c | sort -rn

6. # netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n

7. # wc -l /proc/net/ip_conntrack

8. # history | awk ‘{print $2}’ | sort | uniq -c | sort -rn | head [List the most used commands in your history]

9. # cat /etc/domainusers | wc -l [Main Domain of Server]

10. # /ls /var/named/ | wc -l [Total Domain of Server]

11. # ps aux | awk ‘{print $2, $4, $11}’ | sort -k2rn | head -n 20 [List running processes ordered by RAM usage]

12. # netstat -nap | grep SYN [Synflood Attack]

13. # netstat -nap | grep SYN | wc -l [Synflood Attack]

14. # echo 1 > /proc/sys/vm/drop_caches [Flash RAM Memory]

15. # /bin/sed ‘s/(.*)(: )(.*)/3: 1/’ </etc/domainips | /bin/sort >/etc/domainips_reverse [command to create reverse IP for an domain]

January 13, 2011 Posted by | Tips & Tricks, Unix/Linux | , , | 2 Comments