top – Process Activity Command
The top program provides a dynamic real-time view of a running system i.e. actual process activity.
By default, it displays the most CPU-intensive tasks running on the server and updates the list every five seconds.
The top command provides several useful hot keys:
vmstat – System Activity, Hardware and System Information
The command vmstat reports information about processes, memory, paging, block IO, traps, and cpu activity.
# vmstat 3
Display Memory Utilization Slabinfo
# vmstat -m
iptraf – Real-time Network Statistics
The iptraf command is interactive colorful IP LAN monitor.
tcpdump – Detailed Network Traffic Analysis
The tcpdump is simple command that dump traffic on a network. However, you need good understanding of TCP/IP protocol to utilize this tool. For.e.g to display traffic info about DNS, enter:
# tcpdump -i eth1 'udp port 53'
To display all IPv4 HTTP packets to and from port 80, i.e. print only packets that contain data, not, for example, SYN and FIN packets and ACK-only packets, enter:
# tcpdump 'tcp port 80 and (((ip[2:2] - ((ip&0xf)<<2)) - ((tcp&0xf0)>>2)) != 0)'
To display all FTP session to 18.104.22.168, enter:
# tcpdump -i eth1 'dst 22.214.171.124 and (port 21 or 20'
To display all HTTP session to 192.168.1.5:
# tcpdump -ni eth0 'dst 192.168.1.5 and tcp and port http'