Home > Articles > Certification > Other IT

  • Print
  • + Share This
This chapter is from the book

Monitoring System Performance

Every time a program or command is run, a process is created for it. These processes are all unique and identified by the process identification (PID) that becomes allocated to it. System processes are critical to keeping the system up and running or providing services to clients. Management of processes can help keep the system stable or help when the system becomes unstable. Here are some of the process management commands you can use:


Displays information about running processes


Terminates a process


Finds a process based on its PID


Displays all processes related to a service or command


Monitors system resources (similar to Task Manager in Windows)


Adjusts the priority of a particular process

First, let's look at the processes the root user currently owns by using the ps command:

# ps
  PID TTY           TIME CMD
 4474 pts/3    00:00:00 bash
 4506 pts/3    00:00:00 ps

The ps command includes a number of options for producing different types of output, including viewing all processes currently running on the system.

To view processes with more detailed information, you can use the following command:

# ps u
root   2387  0.0  0.1   1660   424 tty1  Ss+  07:30   0:00 /sbin/mingetty tty1
root   2388  0.0  0.1   1660   420 tty2  Ss+  07:30   0:00 /sbin/mingetty tty2
root   2389  0.0  0.1   1660   420 tty3  Ss+  07:30   0:00 /sbin/mingetty tty3
root   2390  0.0  0.1   1660   420 tty4  Ss+  07:30   0:00 /sbin/mingetty tty4
root   2391  0.0  0.1   1660   448 tty5  Ss+  07:30   0:00 /sbin/mingetty tty5
root   2392  0.0  0.1   1660   420 tty6  Ss+  07:30   0:00 /sbin/mingetty tty6

Here, you see not only the PID, but also the CPU and memory utilization. A common set of options that I use when working with the ps command is aux combined with the grep command to weed out anything I'm not interested in. This way, I can get detailed information about a particular process. Say you'd like to see what information is available about any process pertaining to the SSH service:

# ps aux | grep ssh
root      4286  0.0  0.1  62616  1216 ?   Ss  Sep23  0:00 /usr/sbin/sshd
root     15872  0.0  0.3  90116  3248 ?   Ss  10:06  0:00 sshd: user01 [priv]
user01   15874  0.0  0.1  90116  1740 ?   S   10:06  0:00 sshd: user01@pts/0
user01   15921  0.0  0.0  61176   728 pts/0  R+  10:14  0:00 grep ssh

You also could use

# ps aux

With this command, however, you would receive 59 lines of output that you would have had to go through to view those 4 lines that you actually need. You can see how narrowing down your output can be really helpful.

Let's also look at some of the other options the ps command offers:

$ ps—help
********* simple selection *********  ********* selection by list *********
-A all processes                        -C by command name
-N negate selection                   -G by real group ID (supports names)
-a all w/ tty except session leaders  -U by real user ID (supports names)
-d all except session leaders         -g by session OR by effective group name
-e all processes                      -p by process ID
T  all processes on this terminal     -s processes in the sessions given
a  all w/ tty, including other users  -t by tty
g  OBSOLETE—DO NOT USE              -u by effective user ID (supports names)
r  only running processes             U  processes for specified users
x  processes w/o controlling ttys     t  by tty
*********** output format **********  *********** long options ***********
-o,o user-defined  -f full            --Group --User --pid --cols --ppid
-j,j job control   s  signal          --group --user --sid --rows --info
-O,O preloaded -o  v  virtual memory  --cumulative --format --deselect
-l,l long          u  user-oriented   --sort --tty --forest --version
-F   extra full    X  registers       --heading --no-heading --context
                     ********* misc options *********
-V,V  show version      L  list format codes  f  ASCII art forest
-m,m,-L,-T,H  threads   S  children in sum    -y change -l format
-M,Z  security data     c  true command name  -c scheduling class
-w,w  wide output       n  numeric WCHAN,UID  -H process hierarchy

You can see here that there are numerous output formats and sort features. Knowing how to manipulate the output of the ps command and find what you're looking for really helps when troubleshooting on the exams, but it also plays a huge role in troubleshooting in the real world.

What happens if one of the processes running on your system becomes out of control? In that case, you can use the kill command to terminate the process, even if it isn't responding (also called a runaway process). To use the kill command, however, you need to know the PID of the process that you want to kill (are you starting to see why the ps command is so helpful?).

Syntax: kill PID

If you want to stop the SSH service because it isn't responding, you just have to look for the PID associated with the SSH daemon. If you look back at the output, you can see this is PID 4286. To kill the process forcefully and effectively stop the SSH service, you can do the following:

# kill 4286

Sometimes if the kill command doesn't work the way you intended it to, you can also call it with the -9 option to give it priority on the system:

# kill -9 4286

What happens if you don't know the PID of the process you want to terminate? How could you look that up if you weren't sure what to query from the output of the ps command? There are actually two other commands you can use to determine the PID(s) of a service or command: pidof and pgrep.

First, let's look at pidof, to which you can pass just the name of the service or daemon. To find the PID(s) belonging to the SSH service, use the following:

# pidof sshd
15874 15872 4286

To achieve the same information in an easier-to-read format, you can use the pgrep command:

# pgrep sshd

It's good to know that you can hunt down and kill processes or even just find out how many are running, but what if you need more information? Suppose you need to know how much of the CPU a particular process is taking up? Let's look at the final command: top. This command gives you an overview of processes on the system, including memory usage, CPU utilization, and more.

To check out the system overall, issue the following command and you get results similar to those shown in Figure 9-1:


Figure 9-1

Figure 9-1 Results of running .

The output in Figure 9-1 shows real-time information about the system resources. You can use the q to quit from the top command.

When you're comfortable working with processes, you can then make some more advanced adjustments, such as changing the priority of a particular process. Let's say that you have a custom application running on your system. You can use the renice command to give that particular process higher priority on the CPU.

Syntax: renice <priority> [options]


-p PID

Changes process priority for a particular PID

-u user

Changes process priority for a particular user(s)

The priority values range from –20 (first priority) to 20 (dead last priority). Only the root user may set processes to use a priority under 0. Going back to the example, you can give the application extra priority by using the following:

# renice -2 3874

This command changes the application process (3874) to have better priority than its default priority of 0. Knowing how to work with system processes and extract information from your system will help you become a better system administrator. It can also help you troubleshoot faster on the Red Hat exams.

In the next section, we look at job scheduling, which can be combined with some of the commands just covered to automate system monitoring.

  • + Share This
  • 🔖 Save To Your Account