这里写目录标题
1.查看磁盘使用
du f1
-a:递归输出当前所有文件
-h:以k,m显示当前的文件大小
-k:以kb为大小显示
-c:统计文件列表总共占用大小
-s:只显示总计大小
–exclude-form:排除文件列表
–max-depth:最大深度
Ian>du -ah ./
4.0K ./a.txt
4.0K ./b.txt
4.0K ./a.txt.bakfile
4.0K ./cut/a.txt
8.0K ./cut
24K ./
Ian>du -h ./
8.0K ./cut
24K ./
Ian>du -sh ./
24K ./
Ian>du -ak ./ | sort -nrk 1|head -n 3#查找前三大小的文件和目录
287952 ./
166028 ./VMwareTools-10.3.10-13959562
166024 ./VMwareTools-10.3.10-13959562/vmware-tools-distrib
Ian>find . -type f -exec du -k {} \; | sort -nrk 1 | head -n 3#查找前三大小的文件
4 ./test.txt
4 ./sed/cut/a.txt
4 ./sed/b.txt
2.计算命令执行时间
time command:获取运行时间
time -o file command:将运行时间输出到文本
time -a -o file command:将时间追加到文本
time -f “time_format” command:将时间格式写入文本,其中%e为real时间,%U为user时间,%S为系统时间
- -f的参数说明
https://blog.csdn.net/qq_34595352/article/details/86702411- Real时间:命令从开始执行到结束执行的时间,包括其他进程所占用的时间片及被进程阻塞所花费的时间,如等待io操作的时间等
- User时间:花费在用户模式下的时间,真正用于执行进程所用的时间,执行其他进程以及阻塞时间没有计算
- Sys时间:花费在内核中的CPU时间,代表在内核中执行系统调用所用时间
Ian>time ls
a.log a.sh awk cut grep out.html paste sed test.txt tree1 tree2
real 0m0.001s
user 0m0.001s
sys 0m0.000s
Ian>/usr/bin/time -a -o time_find.log find / -iname "*.txt"
Ian>cat time_find.log
Command exited with non-zero status 1
0.13user 1.16system 0:02.05elapsed 63%CPU (0avgtext+0avgdata 5016maxresident)k
23590inputs+0outputs (0major+600minor)pagefaults 0swaps
Ian>/usr/bin/time -f "Real Time: %r" ls
a.log a.sh awk cut grep o.log out.html paste sed test.txt time_find.log time.log tree1 tree2
Real Time: 0
3.收集登录用户信息
who:获取当前用户
w:获取登录用户更详细信息
users:当前登录的所有用户
uptime:查看系统已运行时间
last:获取上次启动及登录会话的信息
Ian>who
ian :0 2020-04-09 21:15 (:0)
Ian>w
11:44:57 up 7 days, 4 min, 1 user, load average: 0.00, 0.01, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
ian :0 :0 Thu21 ?xdm? 12:24 0.01s /usr/lib/gdm3/gdm-x-session --run-script env GNOME_SHELL_SESSION_MODE=ubuntu gnome-session --session=ubuntu
Ian>users
ian
Ian>uptime
11:45:06 up 7 days, 4 min, 1 user, load average: 0.00, 0.01, 0.00
Ian>last
ian :0 :0 Thu Apr 9 21:15 still logged in
ian :0 :0 Wed Apr 8 11:41 - 21:15 (1+09:33)
reboot system boot 5.3.0-46-generic Wed Apr 8 11:40 still running
ian :0 :0 Wed Apr 8 11:33 - 11:40 (00:07)
reboot system boot 5.3.0-46-generic Wed Apr 8 11:32 - 11:40 (00:07)
ian :0 :0 Wed Apr 8 10:33 - down (00:57)
wtmp begins Wed Apr 8 10:33:26 2020
4.监控命令输出(watch)
watch ls:监控ls输出,默认2s一次
watch -n 5 ls:5s一次
watch -d ls:不同以颜色显示:
Ian>watch -n 3 ls
Every 3.0s: ls ian-virtual-machine: Wed Apr 15 11:52:27 2020
a
b
5.记录文件及目录访问(inotifywait)
inotifywait -m -r -e create,move,delete ./ -q:监控目录的创建,修改,删除
Ian>inotifywait -m -r -e create,move,delete ./ -q
./ CREATE,ISDIR new
./new/ CREATE a.txt
./new/ CREATE a.txt.bakfile
./new/ CREATE b.txt
./new/ DELETE a.txt
./new/ DELETE b.txt
./new/ DELETE a.txt.bakfile
./ DELETE,ISDIR new
-m:持续监控,而不是事发之后退出
-r:递归监控
-e:监控的事件,可选事件如下:modify、delete、create、close_write、move、close、unmount和attrib等
- -e可选事件
http://blog.chinaunix.net/uid-31484238-id-5784955.html
6.使用syslog监控日志(logger)
logger message:向/var/log/syslog中写日志
logger -t -t TAG logline:在日志中加tag
Ian>logger this is a log line
Ian>tail -n 2 syslog
Apr 15 12:10:40 ian-virtual-machine ian:
Apr 15 12:12:28 ian-virtual-machine ian: this is a log line
Ian>logger -t TESTTAG this is a log line
Ian>tail -n 2 syslog
Apr 15 12:12:28 ian-virtual-machine ian: this is a log line
Apr 15 12:15:23 ian-virtual-machine TESTTAG: this is a log line
7.监控io(iotop)
iotop -o:监视正在io的进程的情况,排除干扰
iotop -b -n 2:只监视两条然后退出
iotop -p PID:监视某个进程
Ian>sudo iotop
Total DISK READ : 0.00 B/s | Total DISK WRITE : 0.00 B/s
Actual DISK READ: 0.00 B/s | Actual DISK WRITE: 0.00 B/s
TID PRIO USER DISK READ DISK WRITE SWAPIN IO> COMMAND
1 be/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % init splash
2 be/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [kthreadd]
Ian>sudo iotop -p 8862
Total DISK READ : 0.00 B/s | Total DISK WRITE : 0.00 B/s
Actual DISK READ: 0.00 B/s | Actual DISK WRITE: 0.00 B/s
TID PRIO USER DISK READ DISK WRITE SWAPIN IO> COMMAND
8862 be/4 ian 0.00 B/s 0.00 B/s 0.00 % 0.00 % Xorg vt2 -displayfd 3 -auth /run/user/1000/gdm/Xauthority -background none -noreset -keeptty -verbose 3
8.检查磁盘文件系统错误(fsck)
fsck /dev/sda1:检查文件系统
fsck -A:检测/etc/fstab中所配置的文件系统
fsck -a /dev/sda1:修复文件系统