vmstat samples

virtual memory Monitoring   ---- vmstat

vmstat fields description:

Procs – r: Total number of threads/processes waiting to run. The amount of threads in the run queue. These are threads that are runnable, but the
CPU is not available to execute them. 
Procs – b: Total number of busy processes. the number of processes blocked and waiting on IO requests to finish.
Memory – swpd: Used virtual memory
Memory – free: Free virtual memory
Memory – buff: Memory used as buffers
Memory – cache: Memory used as cache.
Swap – si: Memory swapped from disk (for every second)
Swap – so: Memory swapped to disk (for every second)
IO – bi: Blocks in. i.e blocks received from device (for every second)
IO – bo: Blocks out. i.e blocks sent to the device (for every second)
System – in: Interrupts per second.  the number of interrupts being processed. 
System – cs: Context switches. the number of context switches currently happening on the system. 
CPU – us, sy, id, wa, st: CPU user time, system time, idle time, wait time

vmstat – Display active and inactive memory

#vmstat -a

vmstat – Display number of forks 

#vmstat -f

vmstat – Display slab info

#vmstat -s

vmstat – Display disk statistics

#vmstat -d

vmstat – Display statistics for a partition

#vmstat -p /dev/sda1

3. virtual memory Monitoring   ---- vmstat

vmstat fields description:

Procs – r: Total number of threads/processes waiting to run. The amount of threads in the run queue. These are threads that are runnable, but the
CPU is not available to execute them. 
Procs – b: Total number of busy processes. the number of processes blocked and waiting on IO requests to finish.
Memory – swpd: Used virtual memory
Memory – free: Free virtual memory
Memory – buff: Memory used as buffers
Memory – cache: Memory used as cache.
Swap – si: Memory swapped from disk (for every second)
Swap – so: Memory swapped to disk (for every second)
IO – bi: Blocks in. i.e blocks received from device (for every second)
IO – bo: Blocks out. i.e blocks sent to the device (for every second)
System – in: Interrupts per second.  the number of interrupts being processed. 
System – cs: Context switches. the number of context switches currently happening on the system. 
CPU – us, sy, id, wa, st: CPU user time, system time, idle time, wait time

vmstat – Display active and inactive memory

#vmstat -a

vmstat – Display number of forks 

#vmstat -f

vmstat – Display slab info

#vmstat -s

vmstat – Display disk statistics

#vmstat -d

vmstat – Display statistics for a partition

#vmstat -p /dev/sda1

4. network monitoring: netstat 

List All Ports

# netstat -an

List Sockets which are in Listening State

# netstat -l

Show the statistics for each protocol

#netstat -s

Display PID and program names in netstat output

# netstat -p

Show the list of network interfaces

# netstat -i

5. iptrafic

iptrafic -s eth0

6. tcpdump

Capture packets from a particular ethernet interface

# tcpdump -i eth0

Capture only N number of packets

# tcpdump -c N -i eth0

Display Captured Packets in ASCII

# tcpdump -i eth0 -A

Display Captured Packets in HEX and ASCII using tcpdump

# tcpdump -i eth0 -XXX

Capture the packets and write into a file

# tcpdump -i eth0 -w /tmp/a.pcap

Reading the packets from a saved file

# tcpdump -ttt -r /tmp/a.pcap

Capture packets with proper readable timestamp

# tcpdump -ttt

Receive only the packets of a specific protocol type

# tcpdump -i eth0 <prt name>

# tcpdump -i eth0 arp

Receive packets flows on a particular port (eg. ssh port)

# tcpdump -i eth0 port 22

Capture packets for particular destination IP and Port

# tcpdump -i eth0 dst 10.181.140.216 and port 22

Filter Packets

#tcpdump -i eth0 not arp and not rarp