Page History

Understanding your system's hardware and software configuration

    uname -a # Displays kernel version and system architecture.
    lscpu  # Provides detailed information about the CPU.
    lsblk # Lists all available block devices.
    lsusb # Shows USB devices connected to the system.

Monitoring CPU and memory usage helps in identifying performance bottlenecks.

Commands:

htop is an interactive system monitor process viewer and process manager. It is designed as an alternative to the Unix program top. It shows a frequently updated list of the processes running on a computer, normally ordered by the amount of CPU usage.

    htop 

Image Removed

 vmstat -s Provides a detailed breakdown of memory usage and other related metrics since the last system boot. 

    uptime # Shows how long the system has been running and load averages.Load average reflects the average number of processes waiting to run or use CPU resources over different time intervals, typically 1, 5, and 15 minutes.

Monitoring CPU and memory usage helps in identifying performance bottlenecks.

Commands:

htop is an interactive system monitor process viewer and process manager. It is designed as an alternative to the Unix program top. It shows a frequently updated list of the processes running on a computer, normally ordered by the amount of CPU usage.

Installation: on Ubuntu or Debian-based systems via command apt install htop or sudo yum install htop on CentOS

    htop 

Image Added

 vmstat -s # Provides a detailed breakdown of memory usage and other related metrics since the last system boot. 

    vmstat -s
     
       980492 K total memory
       480208 K used memory
       132040 K active memory
       582364 K inactive memory
        67924 K free memory
        21724 K buffer memory
       410636 K swap cache
            0 K total swap

 free -h # Displays memory usage in "human-readable" format

    free -h
               total        used        free      shared  buff/cache   available
Mem:           7.7G        1.9G

    vmstat -s
     
       980492 K total memory
       480208 K used memory
       132040 K active memory
       582364 K inactive memory
        67924 K free memory
        21724 K buffer memory
       410636 K swap cache
        3.9G    0 K total swap
 487M        1.9G   0 K used swap
  5.0G
Swap:          02.0G K free swap

 free -h Displays memory usage in "human-readable" format

    free -h
    0B        2.0G

mpstat # Reports CPU usage. ( requires install sysstat package on Ubuntu or Debian-based systems via command apt install sysstat or sudo yum install sysstat on CentOS ).

    total  mpstat
Linux 5.15.0-112-generic (testhost)    06/21/24  used      _x86_64_  free      shared  buff/cache   available
Mem:(1 CPU)

10:37:12     CPU     %usr 7.7G  %nice    %sys %iowait 1.9G   %irq   %soft  3.9G%steal  %guest  %gnice   %idle
10:37:12 487M    all    1.9G68    0.11    5.0G
Swap:1.38    0.14    0.00  2.0G  0.04    1.16    0B0.00    0.00    295.0G49

Keeping track of disk usage and health is crucial for preventing data loss and ensuring efficient storage management.

...

du -sh /path/to/directory  Displays # Displays the size of a specific directory.

 du -sh /path/to/directory

1.1G    /path/to/director

    iostat # Reports CPU and I/O statistics./directory

fdisk -l l # List all partitions

 fdisk -l
Disk /dev/sda: 20 GiB, 21474836480 bytes, 41943040 sectors
Disk model: QEMU HARDDISK    
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: XXXXXX-XXX-XXX-XXXX-XXXXXXXXXX

Device     Start      End  Sectors Size Type
/dev/sda1   2048     4095     2048   1M BIOS boot
/dev/sda2   4096 41940607 41936512  20G Linux filesystem

Managing processes and services is essential for maintaining system stability.

ps aux # Lists all running processesiostat # Reports CPU and I/O statistics ( requires install sysstat package on Ubuntu or Debian-based systems via command apt install sysstat or sudo yum install sysstat on CentOS ).

 ps aux

USER  iostat
Linux 5.15.0-112-generic (testhost)    06/21/24 PID %CPU %MEM    VSZ _x86_64_  RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.0 168800 10944 ?(1 CPU)

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           1.68  Ss  0.11 Jun12   0:02 /sbin/init
root1.41    0.14    1.16   95.50

Managing processes and services is essential for maintaining system stability.

ps aux # Lists all running processes

 ps aux

USER2  0.0  0.0      0 PID %CPU %MEM  0 ? VSZ   RSS TTY   S   STAT Jun12START   0:00 [kthreadd]TIME COMMAND
root         3  0.01  0.0      0  0.0 168800  010944 ?        I<Ss   Jun12   0:00 [rcu_gp]02 /sbin/init
root         42  0.0  0.0      0     0 ?        S I<   Jun12   0:00 [rcu_par_gp]
...

systemctl status service_name # Checks the status of a service

 systemctl status apache2

● apache2.service - The Apache HTTP Server
     Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2024-05-29 16:06:04 UTC; 2 weeks 5 days ago
kthreadd]
root         3  0.0  0.0      0     0 ?        I<   Jun12   0:00 [rcu_gp]
root         4 Docs: https://httpd.apache.org/docs/2.4/
 0.0  0.0      Process:0 1000205 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=0/SUCCESS)
 ?  Main PID: 40385 (apache2)
   I<   Tasks:Jun12  55 (limit0: 1013)00 [rcu_par_gp]
...

systemctl status service_name # Checks the status of a service

 systemctl status apache2

● apache2.service - The Apache HTTP Server
     Memory: 8.8M
        CPU: 1min 55.654s
     CGroupLoaded: loaded (/lib/systemd/system.slice/apache2.service
;             ├─  40385 /usr/sbin/apache2 -k startenabled; vendor preset: enabled)
     Active: active (running) since Wed 2024-05-29 16:06:04 UTC; 2 ├─1000209 /usr/sbin/apache2 -k startweeks 5 days ago
       Docs: https://httpd.apache.org/docs/2.4/
    Process: └─10002101000205 ExecReload=/usr/sbin/apache2apachectl -kgraceful start

 kill -9 process_id(PID) # Forces termination of a process.

(No output unless there is an error, the process is terminated forcefully)

Analyzing logs and monitoring system activities can help in identifying issues and tracking system performance.

Linux log files are stored in plain-text and can be found in the /var/log directory

Essential Linux Log Files:

/var/log/syslog or /var/log/messages - stores all activity data across the global system. Activity for Redhat-based systems, such as CentOS or Rhel, are stored in messages, while Ubuntu and other Debian-based systems are stored in Syslog.

/var/log/auth.log or /var/log/secure - Stores authentication logs, including both successful and failed logins and authentication methods.  Debian/Ubuntu information is stored in /var/log/auth.log, while Redhat/CentrOS is stored in /var/log/secure.

/var/log/apt directory on Debian-based systems, we can find the logs for the apt package manager, directory contains several log files that provide important information about apt-related activities on the system.

/var/log/yum.log - Red Hat-based systems store the yum and dnf package manager logs, file provides information about the results of a specific command, such as any errors or warnings that were generated. For example, if a package update fails,

/var/log/dmesg
dmesg # allows reviewing messages stored in the Linux ring buffer, providing insights into hardware errors and startup issues. How To Use dmesg

(code=exited, status=0/SUCCESS)
   Main PID: 40385 (apache2)
      Tasks: 55 (limit: 1013)
     Memory: 8.8M
        CPU: 1min 55.654s
     CGroup: /system.slice/apache2.service
             ├─  40385 /usr/sbin/apache2 -k start
             ├─1000209 /usr/sbin/apache2 -k start

systemctl restart service_name # Restarts a service.If a service is not behaving correctly, stopped responding, restarting it can often resolve the issue without needing a full system reboot. Also, when you modify a service config file, using systemctl restart applies the changes immediately. 

systemctl enable service_name # Enables a service to start at boot.
 
kill -9 process_id(PID) # Forces termination of a process.
#(No output unless there is an error, the process is terminated forcefully)

Analyzing logs and monitoring system activities can help in identifying issues and tracking system performance.

Linux log files are stored in plain-text and can be found in the /var/log directory

journalctl -f # will show you the latest system logs and keep updating the display with new log entries as they are created, which is useful for monitoring live system activity.

Essential Linux Log Files:

1. System logs:

/var/log/syslog or /var/log/messages - Stores all activity data across the global system. Activity for Redhat-based (CentOS or Rhel) stored in messages, while Debian-based (Ubuntu) systems are stored in syslog.

/var/log/dmesg
dmesg allows reviewing messages stored in the Linux ring buffer, providing insights into hardware errors and startup issues. How To Use dmesg

 dmesg -T 

 dmesg -T 

[Wed May 29 14:46:00 2024] Run /init as init process
[Wed May 29 14:46:00 2024]   with arguments:
[Wed May 29 14:46:00 2024]     /init
[Wed May 29 14:46:00 2024]   with environment:
[Wed May 29 14:46:00 2024]     HOME=/
[Wed May 29 14:46:00 2024]     TERM=linux
[Wed May 29 14:46:00 2024]     BOOT_IMAGE=/boot/vmlinuz-5.15.0-97-generic
[Wed May 29 14:46:00 2024]     biosdevname=0
[Wed May 29 14:46:00 2024]     netcfg/do_not_use_netplan=true
[Wed May 29 14:46:00 2024] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0Run /init as init process
[Wed May 29 14:46:00 2024] scsi host2: Virtio SCSI HBAwith arguments:
[Wed May 29 14:46:00 2024] scsi 2:0:0:0: Direct-Access     QEMU     QEMU HARDDISK    2.5+ PQ: 0 ANSI: 5/init
[Wed May 29 14:46:00 2024]   with environment:
[Wed May 29 14:46:00 2024] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input4 HOME=/
[Wed May 29 14:46:00 2024] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input3   TERM=linux
[Wed May 29 14:46:00 2024] cryptd: max_cpu_qlen set to 1000

journalctl # Views systemd logs and allows filtering Linux system logs to extract relevant information for monitoring and troubleshooting. How To Use journalctl

 BOOT_IMAGE=/boot/vmlinuz-5.15.0-97-generic
[Wed May 29 14:46:00 2024]     biosdevname=0
[Wed May 29 14:46:00 2024]     netcfg/do_not_use_netplan=true
[Wed May 29 14:46:00 2024] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0

2. Service Logs:

/var/log/daemon.log - Tracks services running in the background that perform important tasks, but has no graphical output

journalctl # Views systemd logs and allows filtering Linux system logs to extract relevant information for monitoring and troubleshooting. How To Use journalctl

 journalctl

-- Logs begin at Tue 2024-06-

 journalctl

-- Logs begin at Tue 2024-06-18 10:55:23 UTC, end at Tue 2024-06-18 12:06:19 UTC. --
Jun 18 10:55:23 hostname kernel: Linux version 5.4.0-74-generic (buildd@lcy01-amd64-013) (gcc version 9.3.0 (Ubuntu 9.3.0-17ubuntu1~20.04)) #83-Ubuntu SMP Thu May 6 10:34:06 UTC 2021 (Ubuntu 5.4.0-74.83-generic 5.4.101)
Jun 18 10:55:23 hostnameUTC, kernel:end Commandat line: BOOT_IMAGE=/boot/vmlinuz-5.4.0-74-generic root=UUID=5d7f5dcd-1234-5678-9abc-def012345678 ro quiet splash vt.handoff=7
...     

journalctl -u service_name # Views Logs for a Specific Service

Tue 2024-06-18 12:06:19 UTC. --
Jun 18 10:55:23 hostname kernel: Linux version 5.4.0-74-generic (buildd@lcy01-amd64-013) (gcc version 9.3.0 (Ubuntu 9.3.0-17ubuntu1~20.04)) #83-Ubuntu SMP Thu May 6 10:34:06 UTC 2021 (Ubuntu 5.4.0-74.83-generic 5.4.101)
Jun 18 10:55:23 hostname kernel: Command line: BOOT_IMAGE=/boot/vmlinuz-5.4.0-74-generic root=UUID=5d7f5dcd-1234-5678-9abc-def012345678 ro quiet splash vt.handoff=7
...     

journalctl -u service_name # Views Logs for a Specific Service

 journalctl -u apache2

-- Logs begin at Tue 2024-06-18 10:55:23 UTC, end at Tue 2024-06-18 12:05:19 UTC. --

 journalctl -u apache2

-- Logs begin at Tue 2024-06-18 10:55:23 UTC, end at Tue 2024-06-18 12:05:19 UTC. --
Jun 18 11:56:19 hostname systemd[1]: Starting The Apache HTTP Server...
Jun 18 11:56:19 hostname apache2[1342]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
Jun 18 11:56:19 hostname systemd[1]: Started The Apache HTTP Server.

tail /var/log/syslog # Shows the last part of the logs, where problems usually lie.

 tail /var/log/syslog
 Starting The Apache HTTP Server...
Jun 18 1611:2556:0119 userhostname CRON[777810]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)apache2[1342]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
Jun 18 1611:2756:0219 userhostname dbus-daemonsystemd[7561]: Started [system]The ActivatingApache service name='org.kde.powerdevil.backlighthelper' requested by ':1.49' (uid=1000 pid=1527 comm="/usr/lib/x86_64-linux-gnu/libexec/org_kde_powerdev" label="unconfined") (using servicehelper)
Jun 18 16:27:02 user dbus-daemon[756]: [system] Successfully activated service 'org.kde.powerdevil.backlighthelper'
Jun 18 16:29:08 user dbus-daemon[756]: [system] Activating service name='org.kde.powerdevil.backlighthelper' requested by ':1.49' (uid=1000 pid=1527 comm="/usr/lib/x86_64-linux-gnu/libexec/org_kde_powerdev" label="unconfined") (using servicehelper)
Jun 18 16:29:08 user dbus-daemon[756]: [system] Successfully activated service 'org.kde.powerdevil.backlighthelper'
 HTTP Server.

3. Authentication Logs:

/var/log/auth.log or /var/log/secure - Stores authentication logs, including both successful and failed logins and authentication methods. Debian/Ubuntu information is stored in /var/log/auth.log, while Redhat/CentrOS is stored in /var/log/secure.

4. Application Logs(examples):

/var/log/apache2/ - Apache HTTP server logs (access, error).

/var/log/mysql/ - MySQL database server logs.

5. Package Management Logs:

/var/log/apt directory - contains several log files that provide important information about apt-related activities on Debian-based systems.

/var/log/yum.log - Red Hat-based systems store the yum and dnf package manager logs, file provides information about the results of a specific command, such as any errors or warnings that were generated. For example, if a package update fails

6. Event Logs:

var/log/wtmp - Records of user logins and logouts.

var/log/lastlog - Information about the last logins for all users. This binary file can be read by command lastlog.

.home-banner {
                    background: #459df0;
                    color: #fff;
                    font-size: 20px;
                    padding: 20px;
                    }
                    .home-banner h2 {
                    color: #fff;
                    }
                    .title-box {
                    border: 1px none #459df0;
                    padding: 10px;
                    }
                    .title-box > h2 {
                    background: #459df0;
                    bottom: 10px;
                    color: #fff;
                    margin-left: -10px;
                    margin-right: -10px;
                    padding: 2px 10px;
                    position: relative;
                    }

...