BestHub
Sign in
Operations 13 min read

Essential Linux Commands for System Monitoring and Regex Toolkit

This article compiles a comprehensive set of Linux shell commands for server health checks—from file cleanup and process inspection to network, disk, and memory monitoring—followed by a handy collection of regular expressions for common validation tasks.

Efficient Ops
Efficient Ops
Efficient Ops
Essential Linux Commands for System Monitoring and Regex Toolkit

Essential Linux System Monitoring Commands

The following one‑line commands help you quickly assess the health of a Linux server. find -type f -size 0 -exec rm -rf {} \; Delete all zero‑byte files. PS -e -o "%C : %p : %z : %a" | sort -k5 -nr List processes sorted by memory usage (largest first). ps -e -o "%C : %p : %z : %a" | sort -nr List processes sorted by CPU utilization.

grep -r -a jpg /data/cache/* | strings | grep "http:" | awk -F'http:' '{print "http:"$2;}'

Print URLs cached under /data/cache.

netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'

Show concurrent HTTP requests and their TCP connection counts. sed -i '/Root/s/no/yes/' /etc/ssh/sshd_config Replace no with yes in the Root line of sshd_config.

ps aux | grep mysql | grep -v grep | awk '{print $2}' | xargs kill -9
killall -TERM mysqld
kill -9 `cat /usr/local/apache2/logs/httpd.pid`

Terminate MySQL processes. ls /etc/rc3.d/S* | cut -c 15- Show services started at runlevel 3.

cat << EOF
+--------------------------------------------------------------+
|       === Welcome to Tunoff services ===                |
+--------------------------------------------------------------+
EOF

Display a multi‑line banner using a heredoc.

cd /usr/local/mysql/bin
for i in *
do
  ln /usr/local/mysql/bin/$i /usr/bin/$i
done

Create symbolic links for all MySQL binaries.

ifconfig eth0 | grep "inet addr:" | awk '{print $2}' | cut -c 6-
# or
ifconfig | grep 'inet addr:' | grep -v '127.0.0.1' | cut -d: -f2 | awk '{print $1}'

Retrieve the server's IP address. free -m | grep "Mem" | awk '{print $2}' Show total memory size (in MB). cat /proc/cpuinfo | grep -c processor Count logical CPU cores. cat /proc/loadavg Display current CPU load averages. mpstat 1 1 Show detailed CPU statistics. free Show overall memory usage; alternatively cat /proc/meminfo. vmstat 1 5 Monitor swap usage and activity. df -h Check disk space usage. du -cks * | sort -rn | head -n 10 Find the ten largest files or directories. iostat -x 1 2 Inspect disk I/O load; verify that %util does not exceed 100%. sar -n DEV Monitor network traffic (rxbyt/s, txbyt/s). netstat -i Check for network errors; cat /proc/net/dev provides detailed stats.

netstat -an | grep -E "^(tcp)" | cut -c 68- | sort | uniq -c | sort -n

Count active network connections. ps aux | wc -l Show total number of processes (alert if >250). vmwtat 1 5 Display runnable processes (compare against 4× CPU count). top -id 1 Identify abnormal processes. who | wc -l Count logged‑in users (alert if >50).

# cat /var/log/rflogview/*errors
grep -i error /var/log/messages
grep -i fail /var/log/messages

Search system logs for errors or failures. dmesg View kernel logs for hardware or driver issues. date Check the current system time. lsof | wc -l Count open file descriptors.

lsof -i :80 | grep -v "ID" | awk '{print "kill -9",$2}' | sh

Kill processes listening on port 80.

ps -eal | awk '{ if ($2 == "Z") {print $4}}' | kill -9

Terminate zombie processes.

tcpdump -c 10000 -i eth0 -n dst port 80 > /root/pkts

Capture 10,000 packets targeting port 80 for analysis.

# less pkts | awk '{printf $3"
"}' | cut -d. -f1-4 | sort | uniq -c | awk '{printf $1" "$2"
"}' | sort -n -t+ 0

Sort duplicate IPs from the capture. netstat -anp | grep php-cgi | grep ^tcp | wc -l Count active php-cgi processes.

chkconfig --list | awk '{if ($5=="3:on") print $1}'

List services set to start automatically. kudzu --probe --class=network Detect network card model.

Common Regular Expressions

Useful patterns for validation and text processing.

[\u4e00-\u9fa5]               # Match Chinese characters
[^\x00-\xff]                 # Match double‑byte characters (including Chinese)

\s*\r                     # Match blank lines
<(\S*?)[^>]*>.*?</\1>|<.*? />   # Match HTML tags (limited)
^\s*|\s*$                   # Trim leading/trailing whitespace
\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*   # Match email addresses
[a-zA-Z]+://[^\s]*           # Match URLs
^[a-zA-Z][a-zA-Z0-9_]{4,15}$   # Valid username (5‑16 chars, starts with letter)
\d{3}-\d{8}|\d{4}-\d{7}   # Match Chinese telephone numbers
[1-9][0-9]{4,}               # Match Tencent QQ numbers
[1-9]\d{5}(?!\d)           # Match Chinese postal codes
\d{15}|\d{18}               # Match Chinese ID numbers
\d+\.\d+\.\d+\.\d+      # Match IPv4 addresses
^[A-Za-z]+$                  # Only letters
^[A-Z]+$                    # Only uppercase letters
^[a-z]+$                    # Only lowercase letters
^[A-Za-z0-9]+$               # Letters and numbers
^\w+$                      # Letters, numbers, underscore
Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

LinuxShellsystem-monitoringcommands
Efficient Ops
Written by

Efficient Ops

This public account is maintained by Xiaotianguo and friends, regularly publishing widely-read original technical articles. We focus on operations transformation and accompany you throughout your operations career, growing together happily.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment