12 Essential Linux Command-Line Tools for Performance Monitoring

For system and network administrators, monitoring and debugging Linux performance is a demanding daily task. After five years of experience, the author compiled the most commonly used command-line tools to help Linux/Unix administrators monitor and troubleshoot performance issues.

1. lsof – List Open Files

lsof displays all open files and processes, including disk files, network sockets, pipes, devices, and processes. It is especially useful when a disk cannot be mounted or when you need to identify which file is in use.

<code>lsof</code>

2. htop – Interactive Process Monitor

htop is an advanced, interactive, real‑time process monitor. It offers richer features than the classic top command, such as friendly process management, keyboard shortcuts, and both vertical and horizontal display modes.

<code># htop</code>

3. iotop – Disk I/O Monitoring

iotop works similarly to top and htop but focuses on real‑time disk I/O statistics per process, making it valuable for identifying processes that heavily read or write to disk.

<code># iotop</code>

4. IPTraf – Real‑Time LAN IP Monitoring

IPTraf is an open‑source console application that monitors LAN traffic, providing detailed information such as TCP flags, ICMP details, TCP/UDP traffic separation, and interface statistics.

5. psacct / acct – User Activity Accounting

psacct (or acct) runs as a background service and records detailed activity for every user, including commands executed, resources consumed, and session duration, helping administrators track user behavior.

6. monit – Process and Service Monitoring

Monit is a free, open‑source network‑enabled monitoring tool that automatically watches and manages system processes, files, directories, permissions, and services such as Apache, MySQL, Nginx, SSH, and more.

7. netHogs – Per‑Process Network Bandwidth

netHogs is a small open‑source program that monitors network activity per process, showing real‑time bandwidth usage for each application.

8. iftop – Network Bandwidth Monitor

iftop displays a continuously updated list of network bandwidth usage per host or interface, similar to how top shows CPU usage.

9. Monitorix – System and Network Monitoring

Monitorix is a lightweight, free application designed to monitor Linux/Unix servers. It runs an HTTP server that collects system and network metrics and presents them graphically, covering load, memory, disk health, services, ports, mail statistics, MySQL stats, and more.

10. arpwatch – Ethernet Activity Monitor

arpwatch watches Ethernet address resolution changes (MAC and IP) over time, logging pair changes and optionally sending email alerts, useful for detecting ARP attacks.

11. Suricata – Network Security Monitoring

Suricata is an open‑source high‑performance network security, intrusion detection, and anti‑evasion tool that runs on Linux, FreeBSD, and Windows.

12. vnStat PHP – Web Front‑End for vnStat

vnStat PHP provides a web‑based front‑end for the popular vnStat network traffic monitor, displaying hourly, daily, and monthly upload/download statistics with graphical reports.