Logging
Monitor logs
journalctl
tail -f /var/log/messages
Kernel messages
journalctl -k
cat /var/log/kern.log
tail -f /var/log/syslog
System messages
journalctl
journalctl | grep ssh
The boot process, kernel, and all systemd services put messages into the systemd journal.
Installation logs
anaconda.log
/var/log/anaconda/anaconda.log
Logs location
/var/log
Performance monitoring
- CPU
mpstatMemoryvmstatDiskiostatNetworknetstat
top(Display and manage the top processes)
free-m or -g
vmstat -a(active and inactive memory),d(disk stats)
mpstat 1(processor related statistics)
iostat 1(I/O statistics)
Process management
ps -efto find the process ID.
kill -9 <PID>to kill the process.-9is the priority.
Port
netstat -putan | grep :22(check open port)
lsof -i :22(list open port)
tcpdump -i any port 80( captures traffic from port 80)
ngrep -q -d any port 80(identifying misconfigured clients)
iftop -P -f "port 80"(monitoring website load during high traffic)
tcpdump -i eth0 port 80 -w suspicious_traffic.pcap(suspects malicious traffic targeting port 80)
Cronjobs
* * * * * command_to_execute
/etc/crontab
crontab -e(edit crontab file, or create one if it doesn’t already exist)
crontab -l(crontab list of cronjobs , display crontab file contents)
crontab -r(remove your crontab file)- First check your system
time - then
crontabentry, - then check
/var/log/messages
If your cron job didn't work, how would you check?
How to check open port on Linux system?
netstat putan | grep :22
IP
hostname -I
Process vs Thread
- A process is an instance of a running program with its own dedicated memory space
- A thread is the smallest unit of processing that can be scheduled by an operating system
Threads operate within a process and share its memory space.
Text manipulation
sed -i 's/OLD_TERM/NEW_TERM/g' file.txt