Commands to Monitor Servers (CENTOS AND REDHAT)
These commands are mainly for rpm based linux servers like CentOS etc..
May be some commands works in ubuntu servers etc…
Command to find out total established connections, closing connection, TIME_WAIT and much more.
netstat -nat | awk ‘{print $6}’ | sort | uniq -c | sort -n
Sample Output:
1 established
1 Foreign
5 LISTEN
16 TIME_WAIT
19 ESTABLISHED
ig out more information about a specific ip address
netstat -nat |grep {IP-address} | awk ‘{print $6}’ | sort | uniq -c | sort -n
2 LISTEN
4 FIN_WAIT1
4 ESTABLISHED
7 TIME_WAIT
To print list of all unique IP address connected to server, enter:
netstat -nat | awk ‘{ print $5}’ | cut -d: -f1 | sed -e ‘/^$/d’ | uniq
To print total of all unique IP address, enter:
netstat -nat | awk ‘{ print $5}’ | cut -d: -f1 | sed -e ‘/^$/d’ | uniq | wc -l
If Box is Under DoS Attack or Not
If you think your Linux box is under attack, print out a list of open connections on your box and sorts them by according to IP address, enter:
netstat -atun | awk ‘{print $5}’ | cut -d: -f1 | sed -e ‘/^$/d’ |sort | uniq -c | sort -n
ommand to list the connections to port 80:
netstat -alntp | grep :80
To check the number of connections to port 80:
netstat -alntp | grep :80 | wc -l
Command To Find Out Top 10 CPU Consuming Process
ps -auxf | sort -nr -k 3 | head -10
Command To Find Out The Top 10 Memory Consuming Process
ps -auxf | sort -nr -k 4 | head -10
An useful command to list connections to a particular port with its proccess id.
For eg: Port 8080
lsof -w -n -i tcp:8080
Linux Screen Command
Steps
– Create a screen using the command
screen -S geopc
– Close the shell without logout
– Open a new shell and type
screen -ls
Sample Output:
There are screens on:
16921.joemon (Dead ???)
3981.name (Attached)
5002.geopc (Attached)
Remove dead screens with ‘screen -wipe’.
3 Sockets in /tmp/screens/S-root.
– You can login to that screen using the command screen -r ‘screen name’
screen -r 5002.geopc
To attach a scree that is already attached with the following command:
screen -x -R
very nice site.