System monitoring

System monitoring

Monitoring is an important part of system administration. It allows you to proactively react to issues in real-time. Monitoring also gives cues on how to improve the performance of the system. The following are some of the most important command-line tools used in monitoring various components of the system…

top: Top provides a real-time view of the running system. It can be considered as one of the most versatile system monitoring tools out there. It

displays summary information, a list of threads or processes, types of system memory, process status, CPU usage etc.

uptime: Uptime displays the duration for which the system has been up. It also displays how many users are currently logged on, along with

the system load averages for the past 1, 5 and 15 minutes.

$ uptime

12:18pm up 12:22, 4 users, load

average: 0.00, 0.01, 0.05

sysstat performance tools: Most distributions do not include sysstat by default, but you can easily install it using your distribution’s package manager. Systat includes the following tools:

- lostat: reports CPU utilization and disk I/O statistics;

- mpstat: reports statistics global and per-processor statistics;

- pidstat: reports statistics for Linux tasks (processes);

- nfslostat: reports I/O statistics for network filesystems;

- clfslostat: reports I/O statistics for CIFS filesystems

- sar: collects and reports system activity information;

These tools are very helpful in I/O across the whole system

Pmap: pmap reports a memory map of a process. It is very helpful in detecting memory bottlenecks.

$ pmap -d 3275

Iptraf: iptraf is a TCP/UDP network monitoring utility. It has a nice ncurses-based user interface which liberates users from having to remember any command-line switches.

Strace: strace intercepts and records the system calls which are called by the process and the signals which are received by a process. The name of each system call, its arguments and its return value are printed on standard error or to the file specified with the –o option.  Strace is a useful diagnostic, instructional and debugging tool. It is particularly good for solving problems with programs for which the source is not readily available, since they do not need to be recompiled in order to trace them.

$ strace wget www.rarlab.com/rar/

winrar-x64-420.exe

execve(“/usr/bin/wget”, [“wget”, “http://www.

rarlab.com/rar/winrar”...], [/* 43 vars */])

= 0

brk(0) = 0x2463000

access(“/etc/ld.so.nohwcap”, F_OK) = -1

ENOENT (No such file or directory)

munmap(0x7f259cb5f000, 4096) = 0

stat(“/home/kunal/.wgetrc”, 0x7fff01fb9010) =

-1 ENOENT (No such file or directory)

write(2, “Connecting to www.rarlab.com

(ww”..., 67Connecting to www.rarlab.com (www.

rarlab.com)|188.138.1.135|:80... ) = 67

socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 3

connect(3, {sa_family=AF_INET, sin_

port=htons(80), sin_addr=inet_

addr(“188.138.1.135”)}, 16) = 0

write(2, “connected.\n”, 11connected.

As you can see in the above example, we are using strace to obtain detailed information about everything wget is doing since we have issued the command. This includes the files it has opened, network connections it has made and so on.