TOP Command
If your server is under a high load, the command
# top
can provide you with real time information about the top CPU and memory using processes on the server. Top also has an interactive interface, so you can control the output. Some of these options are listed below.
P sort tasks by CPU usage (default).
M sort tasks by resident memory usage.
T sort tasks by time / cumulative time.
m toggle display of memory information. (on/off)
l toggle display of load average and uptime information. (on/off)
c toggle display of command name or full command line. (on/off)
More information on the process ‘top’ can be found by running the command:
# man top
============================================================================================
The top command gives a list of the most active 20 processes in terms of CPU usage .
Display is updated every 5 seconds as a default value, you can change it by pressing d while top is running, enter the new display value in seconds, and press enter. The first line shows the time, for how long the computer has been running, number of users, CPU average load during the last 1minute, 5 minutes, 15 minutes. Again every terminal window is counted as a user, and this is the same info you get using uptime command.
The second line speaks for it self , some statistics of the processes.
The Third line is the CPU usage stats,
us “user” is the percentage of CPU time used by the user.
sy “system” the percentage of CPU time used by the kernel.
ni “Niced” is that used by the niced processes ( Niced processes are those which have a positive nice value , which means they have a different priority, see this post).
id “idle” is that used by idle processes.
wa “waiting” is that percentage of CPU time which is used by the processes waiting for I/O.
hi “hardware interrupt”, si “software interrupts” are the percentage of CPU time for which it has been servicing hardware and software interrupts.
The fourth and fifth lines speak for them selves .
Now we have 12 columns:
PID is the process ID.
USER is the name of the user running the process.
PR is the Process Priority.
NI nice value a negative nice value means higher priority, a positive nice value means lower priority.
VIRT is the total amount of virtual memory used by the task.
S Process Status
The status of the task which can be one of:
’D’ = uninterruptible sleep
’R’ = running
’S’ = sleeping
’T’ = traced or stopped
’Z’ = zombie
%CPU is the percentage of CPU time used by the process.
%MEM physical memory share.
There are a bunch of Interactive commands which can be run by pressing :
k to kill a process by giving it is PID.
r to renice a process by giving it is PID.
d to change the display time interval, just enter the new value in seconds.
q to quit top.
How to displaying system temperature of System
# cat /proc/acpi/thermal_zone/THRM/temperature
temperature: 30 C
How to monitor specific process (ie apache) using Top Command
How to monitor specific process (ie apache) using Top Command
# top -p `pidof httpd | awk ‘{gsub(/[ ]/,”,”);print}’`
How to check disk for bad sectors
Checks Hard disk drive or bad sectors, just like scandisk or chkdisk under some other operating system.
# badblocks -n -s /dev/sdX
How to run a file system check on your next boot
The empty file /forcefsck causes the file system check fsck to be run next time you boot up, after which it will be removed.
# touch /forcefsck
How to clean up cache memory of unnecessary things
First run sync first to flush useful things out to disk ! ! !
To free pagecache:
# echo 1 > /proc/sys/vm/drop_caches
To free dentries and inodes:
# echo 2 > /proc/sys/vm/drop_caches
To free pagecache, dentries and inodes:
# echo 3 > /proc/sys/vm/drop_caches
How to find all symbolic links with the “find” command
Find all symbolic links
Substitute [path] in the example below with the root level path you want to find symlinks from, and note that the final letter after -type is a lower case L (i.e. l for link):
# find [path] -type l
To find symlinks in all subdirectories from the current directory :-
# find . -type l
Add timestamp to history
History is a linux shell command that list all the executed command on server. Default 1000 commands can be displayed in history. This command is use for invistigation purpose as which command was executed to solve the issue or to malfunctioning of server.
Initally output of history command is simple links.
989 date
990 history
991 history
992 w
993 top
994 w
995 cd /tmp
996 date
but adding timestamp it will provide you with an addational information of date and time of execution of command.
Which will help you inistigate as at what exact date and time command was executed.
To add time stamp add following.
Edit file /root/.bash_profile and add following.
export HISTTIMEFORMAT=”%F %T
How to determine the connection speed
I’ve been asked this several times so I hope this little article will help many people. The question is: how do I determine the connection speed negotiated with the switch? Many ask this because they want to be sure that they are getting what they pay for. Please note that this is will NOT determine your server max speed but rather it will tell you the connection speed negotiated with the switch.
Simply run as root:
# mii-tool
This will output something like:
eth0: negotiated 100baseTx-FD, link ok
How to create a tar archive from a directory
How can you do this? It’s not difficult at all. For exemple to backup a user home directory you would have to run:
# tar -pczf rchive.tar.gz /home/USERNAME
Since I started working with cPanel server I always needed to create archives from directories.
For example backing up a user’s home directory.
You can read more about tar by reading it’s manual.
# man tar
Screen command
Many times as a Linux sysadmin, you will need to run multiple commands at once. You are probably doing this by opening multiple ssh sessions but there is a better way to do it ! Also as a sysadmin you probably had to run a command or script that is taking hours to finish like a rsync. This usually requires you to keep the ssh session open as if you close it the command or script will also be closed. If you ever faced any of those problems then it’s probably time to learn about the screen command.
Screen – makes it possible to run multiple full-screen pseudo-terminals from one real terminal, and lets you manipulate and save your screen input and output, copy and paste between windows.
First of all make sure that you have screen installed. If you don’t you can install it using yum, apt-get or any other package manager that you might have on your server.
# yum install screen
Now type in:
# screen
This will start a new screen for you. You could also name you screen using the -S option. Something like:
# screen -S 1
In this case I named the screen “1?.
The screen will look like any other ssh window. You can now type in your command that you want to run.
If you want to detach from the screen and still keep the command running you can do this by pressing:
Ctrl-a d (that is press Ctrl-a, release and press d)
Detaching a screen
To detach a screen, press ctrl+a release and then d. then you can just exit from your ssh shell. When you want to recover the jobs running under that screen just re-attach it.
Attaching to sessions again
First review the list of screen sessions you have running.
# screen -ls
There is a screen on:
3946.pts-0.arch (Dettached)
1 Socket in /tmp/screens/S-ggarron.
To resume the session run:
# screen -r 3946.pts-0.arch
If you want to reatach to a screen you simply type in:
# screen -r
Other options that you have when you are in a screen are:
1. To create a new screen:
Ctrl-a c
2. To switch between screens:
Ctrl-a n
3. And many others.
Commands
1. # netstat -tulpn | grep :80
2. # fuser 7000/tcp [Find out the processes PID that opened tcp port 7000]
3. # ps ax | grep httpd | wc -l
4. # ps aux | awk ‘{ print $8 ” ” $2 }’ | grep -w Z
5. # netstat -ant | awk ‘{print $NF}’ | grep -vE ‘[:upper:]’| sort | uniq -c | sort -rn
6. # netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n
7. # wc -l /proc/net/ip_conntrack
8. # history | awk ‘{print $2}’ | sort | uniq -c | sort -rn | head [List the most used commands in your history]
9. # cat /etc/domainusers | wc -l [Main Domain of Server]
10. # /ls /var/named/ | wc -l [Total Domain of Server]
11. # ps aux | awk ‘{print $2, $4, $11}’ | sort -k2rn | head -n 20 [List running processes ordered by RAM usage]
12. # netstat -nap | grep SYN [Synflood Attack]
13. # netstat -nap | grep SYN | wc -l [Synflood Attack]
14. # echo 1 > /proc/sys/vm/drop_caches [Flash RAM Memory]
15. # /bin/sed ‘s/(.*)(: )(.*)/3: 1/’ </etc/domainips | /bin/sort >/etc/domainips_reverse [command to create reverse IP for an domain]
