LinuxHelps.com

A blog for Linux Lovers.

Archive for the ‘Monitoring Tools’ Category

Posted by sibu on September 20, 2009

Commands to monitor the process.

Find Out The Top 10 Memory Consuming Process

# ps -auxf | sort -nr -k 4 | head -10

Find Out top 10 CPU Consuming Process

# ps -auxf | sort -nr -k 3 | head -10

Max cpu resource usage

# ps -eo pcpu,pid,user,args | sort -r -k1 | more

To get the long list of a process, if we have pid

# ps -efm –columns 2048 | grep <pid>

Iostat

The command iostat report Central Processing Unit (CPU) statistics and input/output statistics for devices, partitions and network filesystems (NFS).

#iostat

Posted by sibu on March 10, 2009

tcptrack Installations.

tcptrack provides a packet sniffer that displays TCP connections similarly to ‘top’.

tcptrack is a packet sniffer, which passively watches for connections on a specified network interface, tracks their states, and lists them in a manner similar to the Unix ‘top’ command.

It displays source and destination addresses and ports, connection state, idle time, and bandwidth usage.

Requirements:

· libpcap 0.7.2 or higher

To build and install:

# ./configure
# make
# make install

To run tcptrack, you need to specify an interface for it to sniff:

# tcptrack -i eth0

You can also provide a pcap filter expression:

# tcptrack -i eth0 src or dst 192.168.33.92 and port 80

Posted by sibu on March 3, 2009

MRTG

MRTG (Multi Router Traffic Grapher) is an application that allows us to observe the traffic of a network.

Before Mrtg installation we have to install SNMP on the server.

#yum install net-snmp-utils net-snmp

And we start the server.

# chkconfig –level 345 snmpd

We can see that it is running in port 199.
# service snmpd start


# netstat -natv | grep ‘:199′

tcp 0 0 127.0.0.1:199 0.0.0.0:* LISTEN

Configuration

We run ‘snmpwalk’ which creates a “tree” of information for our network. If you see an output like this one you may proceed with the MRTG installation. Else you should make some configuration first.
# snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex

ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.127.0.0.1 = 1
ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.192.168.0.3 = 2

We keep a backup of snmpd.conf just in case anything goes wrong
# cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.original

# nano /etc/snmp/snmpd.conf

And do the follow changes:

* Replace following line

com2sec notConfigUser default public

with those

com2sec local localhost public
com2sec mynetwork 10.0.0.0/8 public

(where 10.0.0.0/8 we put what our network is)

* Replace following line

group notConfigGroup v1 notConfigUser
group notConfigGroup v2c notConfigUser

with those

group MyRWGroup v1 local
group MyRWGroup v2c local
group MyRWGroup usm local
group MyROGroup v1 mynetwork
group MyROGroup v2c mynetwork
group MyROGroup usm mynetwork

* find and replace following lines

view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1

with this

view all included .1 80

* find and replace following line

access notConfigGroup “” any noauth exact systemview none none

with those

access MyROGroup “” any noauth exact all none none
access MyRWGroup “” any noauth exact all all none

* and finally replace those lines

syslocation Unknown (edit /etc/snmp/snmpd.conf)
syscontact Root (configure /etc/snmp/snmp.local.conf)

with something like this

syslocation Linux, Fedora Core 6
syscontact Root root@localhost

We restart the server to take affect of the notices

# service snmpd restart

And we run again

# snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex

Now we should see something like that

IP-MIB::ipAdEntIfIndex.10.103.0.33 = INTEGER: 2
IP-MIB::ipAdEntIfIndex.127.0.0.1 = INTEGER: 1

(Where 10.103.0.33 is your ip address. )

MRTG Installation

# yum install mrtg
# mkdir /var/www/html/mrtg/

( in which our graphs and html pages will be kept)

And next run ‘cfgmaker’ for the configuration file to be created.

# cfgmaker –global “workdir: /var/www/mrtg” -ifref=ip –output /etc/mrtg/mrtg.cfg –global ‘options[_]: growright,bits’ public@localhost

With this command we tell MRTG to create a configuration file with the name ‘mrtg.cfg’ for the traffic of our computer (localhost). Instead of localhost you may put the address of any computer you may monitor as long as it runs SNMP.

Next we create our default index page

# indexmaker –output=/var/www/html/mrtg/index.html /etc/mrtg/mrtg.cfg

Apache configuration

MRTG creates a file ‘mrtg.cfg’ under /etc/httpd/conf.d we contains all the necessary for Apache. We change it to contain the ips we want to have access to our MRTG graphs.

Alias /mrtg /var/www/mrtg

<Location /mrtg>
Order deny,allow
Deny from all
Allow from 127.0.0.1 10.0.0.0/8
</Location>

We run the following command

In case you get an error like this
# mrtg /etc/mrtg/mrtg.cfg

ERROR: Mrtg will most likely not work properly when the environment
variable LANG is set to UTF-8. Please run mrtg in an environment
where this is not the case. Try the following command to start:
env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg

you have to run the above command more than once till it runs without any error. This is normal.
# env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg

23-02-2007 17:28:53, Rateup WARNING: /usr/bin/rateup Can’t remove localhost_2.old updating log file

# env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg

#

Now you can access mrtg at

http://127.0.0.1/mrtg