Linux - System Monitoring

 

Overview
Goal	To evaluate and control processes running on a Lunix system
Objectives	List and interpret basic information about processes running on the system Control processes in the shellś session using bash job control Terminate and control porcesses using singnals Moniror resource usage and system load due to process activity
Sections	Processes Controlling Jobs Killing Processes Monitoring Process Activity
Lab	Monitoring and Managing Linux Process

 

Part 1: System Resources

What is process?

A process is a running instance of a launched, executable program. A process consists of:

• an address space of allocated memory,
• secuirty properties including ownership credentials and privileges
• one or more execution threads of program code, and
• the process state.

 

An existing(Parent) process duplicates its own address space(fork) to create a new(child) process structure. Every new process is assigned a unique process ID(PID) for tracking and security. The PID and the Parentsś Process ID(PPID) are elements of the new process enviroment. All processes are descendants of the first system process, systemd.

 

Linux process States

Name	Flag	Kernel-defined state name and description
Running	R	TASK_RUNNING: The process is either executing on a CPU or waiting to run. Process can be executing user routines or kernel routines(system calls), or be queued and ready when in the Running(or Runnable) state.
Sleeping	S	TASK_INTERRUPTIBLE:
	D	TASK_UNINTERRUPTIBLE
	K	TASK_KILLABLE
Stopped	T	TASK_STOPPED
	T	TASK_TRACKED
Zombie	Z	EXIT_ZOMBIE
	X	EXIT_DEAD

 

 

 

 

 

 

 

 

 

Listing processes

the ps command is used for listing current processes. The command can provide detailed process infomation, include:

• the UID which determines process privileges
• PID
• the CPU and real time already expended
• how much memory the process has allocated in various locations
• the location of process STDOUT, known as the controlling terminal, and
• the current process state

 

Note: The linux version of ps supports three option formats, including:

• UNIX(POSIX) options
• BSD options
• GNU long options

 

The top Command

 

The iostat command

 

 

the ps command

 

the vmstat

The vmstat command will provide a report showing statistics for system processes, memory, swap, I/O, and the CPU. 

 

Procs
    r: The number of processes waiting for run time.
    b: The number of processes in uninterruptable sleep.
    w: The number of processes swapped out but otherwise runnable.  This
       field is calculated, but Linux never desperation swaps.

Memory
    swpd: the amount of virtual memory used (kB).
    free: the amount of idle memory (kB).
    buff: the amount of memory used as buffers (kB).

Swap
    si: Amount of memory swapped in from disk (kB/s).
    so: Amount of memory swapped to disk (kB/s).

IO
    bi: Blocks sent to a block device (blocks/s).
    bo: Blocks received from a block device (blocks/s).

System
    in: The number of interrupts per second, including the clock.
    cs: The number of context switches per second.

CPU
    These are percentages of total CPU time.
    us: user time
    sy: system time
    id: idle time

 

the lsof command

The lsof command will print out a list of every file that is in use. Since Linux considers everythihng a file, this list can be very long. 

 

Part 2: Filesystem Usage

The df Command

df -h, or df -i

 

the du command

Now that you know how much space has been used on a filesystem how can you find out where that data is? To view usage by a directory or file you can use du. Unless you specify a filename duwill act recursively. 

 

Part 3: Monitoring Users

the who command