システム調査系ツールを調べたい
http://kkovacs.eu/cool-but-obscure-unix-tools
- sysstat
- sar
- qstat
- dstat
- iostat
- vmstat
- lsof
- netstat
- ss - socket statistic
- ss stands for socket statistics. This displays information that are similar to netstat command.
- http://ir-hosting.com/support/knowledgebase/53/Socket-Statistics–SS.html
- iotop
netstat
netstat [-a]
LISTEN されているネットワークポートや UNIX domain socket が見れる
参考
lsof
lsof -i
ネットワークポートがどんな感じで開いてるかリスト
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME dhcpcd 264 root 10u IPv4 10545 0t0 UDP *:bootpc sshd 268 root 3u IPv4 10522 0t0 TCP *:ssh (LISTEN) sshd 268 root 4u IPv6 10524 0t0 TCP *:ssh (LISTEN) sshd 485 root 3u IPv4 728 0t0 TCP localhost:ssh->gateway:52362 (ESTABLISHED) sshd 491 vagrant 3u IPv4 728 0t0 TCP localhost:ssh->gateway:52362 (ESTABLISHED)
sudo lsof <filename>
ファイルを開いているプロセスをリスト
: 2015/09/02 03:06 SSH $ lsof /bin/bash COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME bash 492 vagrant txt REG 0,20 791304 117676 /usr/bin/bash
その他、 PID でフィルタしたり、ポート番号でフィルタしたりできる
- 参考
- perf
strace
strace echo abc
- コマンドがどういう systemcall を出してるかわかる
vagrant@localhost ~]$ strace echo abc execve("/usr/bin/echo", ["echo", "abc"], [/* 16 vars */]) = 0 brk(0) = 0x246a000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=39086, ...}) = 0 mmap(NULL, 39086, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fd28e0c8000 close(3) = 0 open("/usr/lib/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \t\2\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=1984880, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd28e0c7000 mmap(NULL, 3813008, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fd28db0e000 mprotect(0x7fd28dca7000, 2097152, PROT_NONE) = 0 mmap(0x7fd28dea7000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x199000) = 0x7fd28dea7000 mmap(0x7fd28dead000, 16016, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fd28dead000 close(3) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd28e0c6000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd28e0c5000 arch_prctl(ARCH_SET_FS, 0x7fd28e0c6700) = 0 mprotect(0x7fd28dea7000, 16384, PROT_READ) = 0 mprotect(0x606000, 4096, PROT_READ) = 0 mprotect(0x7fd28e0d2000, 4096, PROT_READ) = 0 munmap(0x7fd28e0c8000, 39086) = 0 brk(0) = 0x246a000 brk(0x248b000) = 0x248b000 fstat(1, {st_mode=S_IFCHR|0622, st_rdev=makedev(136, 0), ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd28e0d1000 write(1, "abc\n", 4abc ) = 4 close(1) = 0 munmap(0x7fd28e0d1000, 4096) = 0 close(2) = 0 exit_group(0) = ? +++ exited with 0 +++