Tuesday 16 September 2008

Command of the Hour: Top Variants

So, I'm trying to start something that I've dubbed "Command of the Hour" on my local Canberra Linux Users Group mailing list. Quite simply, everyone just chimes in and tells everyone else about some random, obscure and useful command that they know of. Doesn't matter what, doesn't have to be related to any previous post, it just has to be something that they've found useful or can see that others might find useful.

But then I thought, why limit this to just my local LUG list? Sure it's great to test drive the idea, but why not try aiming for a wider audience - so here I am copying my initial get the ball rolling post with some top variants here:

atop - I just had an issue where gnome wasn't logging in, but seemed to be stuck constantly accessing the hard drive. This command saved me by showing me exactly which program was using the hard drive and a quick aptitude remove mlocate later my system was working perfectly again. It monitors CPU, memory, disk and network highlighting any that are particularly stressed and shows the processes responsible. Processes are only displayed if they have done something interesting
since the last update. Kernel patches can be taken to enhance the experience if one is so inclined.

htop - Awesome ncurses graphical top. Looks pretty, coloured, and simply highlighting a process and pressing 'S' will attach strace to it to see what that run away process is actually up to. Tag multiple processes and alter the niceness of them all at once or just kill em' all. 'T' toggles between process tree view and ordinary top view.

powertop - I'm sure lots of people know about this one by now, but for anyone who doesn't it can show you various information about what is chewing up energy in your system and provide some recommendations for conserving power.

iftop - top for network traffic. Shows the traffic going to and fro on every individual transfer and totalled down the bottom in ncurses bar graph style. Amounts are displayed for the last 2, 10 and 40 seconds. Filters can be applied if one is only interested in a subset of the total traffic, and it can naturally do hostname lookups and show port numbers/service names.

ntop - another network top, but this one starts a web server on port 3000 to display it's results with pretty graphs. It has the advantage that it provides much more detail - it breaks packets down by size, protocol, etc. It has many displays to analyse the data in varying and sometimes entertaining ways. Of course, being heavyweight as it is, if all you need to know is that traffic is flowing from A to B, firing this one up may be overkill, though it would easily suit as a very
quick and dirty network monitoring solution.

And a few others that I haven't found so useful myself, but someone else might:

itop - top for interrupts. I can imagine it would be useful for checking if hardware is getting the computers attention when it should be.

jnettop - this is another network top. I prefer iftop since it gives me a graphical display (and it's help page is somewhat more detailed than "I must write something here... :)").


Baxter said...

Very nice! iftop is -almost- exactly what I've been looking for. What I really need is something that attaches program names to those traffic stream...find out what's causing the chatter over the network.

I've installed all of them, though, and anticipate them proving quite useful. ^_^

DarkStarSword said...

Hey Jon,

This reply is about four years too late (I must have comment notifications turned off - I only just noticed your comment in bloggers global comment view), but maybe others will find it useful...

The "nethogs" command is the best I've found for relating programs to their traffic.