Monitoring commands for a Linux Server

Here you will get some good tricks and tips on how to monitor a Linux Server or how to manage Linux Server if its causing load,  How to find a Spammer, how to check HTTP and MySQL processes.

General Commands

To check the server load and which users are logged on the server with IP address you can fire this command:

w

 

Monitor performance of various Linux subsystems (CPU, Memory, I/O..) in real time:

sar

sar -u 1 3 : CPU usage of all CPU's.

sar -P 1 3: CPU usage of individual CPU or core.

sar -r 1 3: Memory statistics

sar -b 1 3 : I/O statistics

sar -q 1 3 : Load average statistics

 

sadc - To get the system activity data:

sa1 - Collect and store binary data in the system activity daily data file

sa2 - Create a report from the current standard system activity daily data file.

sadf - Displaying the contents of data files created by the sar command.

 

To check for the server load and watch for the processes:

top

top –d2

top –cd2

 

Monitoring system I/O of the device loading by observing the time the devices are active:

iostat

iostat -x

iostat -c

 

mpstat - The mpstat command writes to standard output activities for each available processor.

pidstat - The pidstat command is used for monitoring individual tasks currently being managed by the Linux kernel.

nfsiostat - The nfsiostat command displays NFS client per-mount statistics.

cifsiostat - The cifsiostat command displays statistics about read and write operations on CIFS filesystems.

iotop - The iotop command is top like utility for disk I/O. It watches I/O usage information output by the Linux kernel.

iftop - iftop is a command-line system monitor tool that produces a frequently updated list of network connections. 

 

Memory status

free –m

 

To see all processes running on the server:

ps –aufx

 

With above commands you can which process is causing load on the server after that, you can go with next steps.

If you see many processes of exim then you can check exim in more detail. shows the total number of email in the queue:

exim –bpc

 

Print a listing of the messages in the queue:

exim -bp

 

The following command will show path to the script being utilized to send mail:

ps -C exim -fH eww

ps -C exim -fH eww | grep home

cd /var/spool/exim/input/

egrep "X-PHP-Script" * -R

 

Shows the number of frozen emails:

exim -bpr | grep frozen | wc -l

 

To remove FROZEN emails from the server:

exim -bp | exiqgrep -i | xargs exim -Mrm

exiqgrep -z -i | xargs exim –Mrm

 

Check for spamming if anybody is using php script for sending mail through home

tail -f /var/log/exim_mainlog | grep home

If anyone is spamming from /tmp

tail -f /var/log/exim_mainlog | grep /tmp

 

To display the IP and number of tries done bu the IP to send mail but rejected by the server:

tail -3000 /var/log/exim_mainlog |grep ‘rejected RCPT’ |awk ‘{print$4}’|awk -F\[ '{print $2} '|awk -F\] ‘{print $1} ‘|sort | uniq -c | sort -k 1 -nr | head -n 5

 

Shows the  connections from a certain ip to the   SMTP server

netstat -plan|grep :25|awk {‘print $5′}|cut -d: -f 1|sort|uniq -c|sort -nk 1

 

To shows the domain name and the number of emails sent   by that domain

exim -bp | exiqsumm | more

 

If  spamming from outside domain then you can block that domain or email id on the server

pico /etc/antivirus.exim

Add the following lines:

if $header_from: contains “[email protected]

then

seen finish

endif

Catching spammer

Check mail stats

exim -bp | exiqsumm | more

 

Following command will show you the maximum number of email currently in the mail queue have from or to the email address in the mail queue with the exact figure.

exim -bpr | grep “<*@*>” | awk ‘{print $4}’|grep -v “<>” | sort | uniq -c | sort -n

 

That will show you the maximum number of email currently in the mail queue have for the domain or from the domain with number.

exim -bpr | grep “<*@*>” | awk ‘{print $4}’|grep -v “<>” |awk -F “@” ‘{ print $2}’ | sort | uniq -c | sort -n

Check if any php script is causing the mass mailing with

cd /var/spool/exim/input

egrep “X-PHP-Script” * -R

 

Just cat the ID that you get and you will be able to check which script is here causing a problem for you.

To Remove particular email account email

exim -bpr |grep “ragnarockradio.org”|awk {‘print $3′}|xargs exim -Mrm

 

If Mysql causing the load so you can use following commands to check it.

mysqladmin pr

mysqladmin -u root processlist

mysqladmin version

watch mysqladmin proc

 

If Apache is causing the load so we can check using following commands:

netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort –n

netstat -an |grep :80 |wc –l

netstat -n | grep :80 | wc -l;uptime ; netstat -n | wc –l

netstat –tupl

pidof httpd

history | netstat

lsof -p pid

 

If MySQL is causing load so you can check it using following commands:

mysqladmin -u root processlist

mysqladmin version

watch mysqladmin proc

mysqladmin -u root processlist

 

Other Useful Commands

 

To check pid of php:

pidof php

lsof  -p pid

netstat -an |grep :80 |wc –l

netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n

netstat -na |grep :80 |sort

 

Use the below-mentioned command to get top memory consuming processes

ps aux | head -1;ps aux –no-headers| sort -rn +3 | head

 

Use below command to get top CPU consuming processes

ps aux | head -1;ps aux –no-headers | sort -rn +2 |more

 

You can check if any backup is going on, run the following commands

ps aux | grep pkg

ps aux | grep gzip

ps aux | grep backup

  • server monitoring, linux monitoring
  • 0 Bu dökümanı faydalı bulan kullanıcılar:
Bu cevap yeterince yardımcı oldu mu?

İlgili diğer dökümanlar

How To Install and Use Docker on Ubuntu 16.04

Introduction Docker is an application that makes it simple and easy to run application processes...

Change Main IP of the server :: Vesta Panel

If we are changing the main IP of a server installed with Vesta panel, we can use the following...

cPanel: Apache-FastCGI Data Timeout Error

If you are using a cPanel server and have FastCGI enabled in Apache, you might be facing the...

Domainkey installer in cPanel

You can use the following cPanel script to install domainkey for an account...

Email issues :: Common Troubleshooting Steps

Here I will discuss some common errors and their solution: We are using a mail relay setup for...