You are here: Home » Performance Tools » Performance-tools-linux


top – Process Activity Command

The top program provides a dynamic real-time view of a running system i.e. actual process activity.

By default, it displays the most CPU-intensive tasks running on the server and updates the list every five seconds.


The top command provides several useful hot keys:

Hot Key Usage
t Displays summary information off and on.
m Displays memory information off and on.
A Sorts the display by top consumers of various system resources.

Useful for quick identification of performance-hungry tasks on a system.

f Enters an interactive configuration screen for top. Helpful for setting up top for a specific task.
o Enables you to interactively select the ordering within top.
r Issues renice command.
k Issues kill command.
z Turn on or off color/mono

vmstat – System Activity, Hardware and System Information

The command vmstat reports information about processes, memory, paging, block IO, traps, and cpu activity.

# vmstat 3

Sample Outputs:

Display Memory Utilization Slabinfo

# vmstat -m

iptraf – Real-time Network Statistics

The iptraf command is interactive colorful IP LAN monitor.
It is an ncurses-based IP LAN monitor that generates various network statistics including TCP info, UDP counts, ICMP and OSPF information, Ethernet load info, node stats, IP checksum errors, and others. It can provide the following info in easy to read format:

  • Network traffic statistics by TCP connection
  • IP traffic statistics by network interface
  • Network traffic statistics by protocol
  • Network traffic statistics by TCP/UDP port and by packet size
  • Network traffic statistics by Layer2 address


tcpdump – Detailed Network Traffic Analysis

The tcpdump is simple command that dump traffic on a network. However, you need good understanding of TCP/IP protocol to utilize this tool. For.e.g to display traffic info about DNS, enter:

# tcpdump -i eth1 'udp port 53'

To display all IPv4 HTTP packets to and from port 80, i.e. print only packets that contain data, not, for example, SYN and FIN packets and ACK-only packets, enter:

# tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'

To display all FTP session to, enter:

# tcpdump -i eth1 'dst and (port 21 or 20'

To display all HTTP session to

# tcpdump -ni eth0 'dst and tcp and port http'

Leave a Reply

Your email address will not be published. Required fields are marked *