Essential Linux Shell Commands for System Monitoring and Maintenance

System Monitoring Commands

1. Delete zero‑byte files:

find -type f -size 0 -exec rm -rf {} \;

2. List processes sorted by memory usage (largest first):

ps -e -o "%C : %p : %z : %a" | sort -k5 -nr

3. List processes sorted by CPU utilization (largest first):

ps -e -o "%C : %p : %z : %a" | sort -nr

4. Print URLs cached in the image cache:

grep -r -a jpg /data/cache/* | strings | grep "http:" | awk -F'http:' '{print "http:"$2}'

5. Show concurrent HTTP requests and their TCP states:

netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'

6. Replace "no" with "yes" in the

Root

line of

/etc/ssh/sshd_config

:

sed -i '/Root/s/no/yes/' /etc/ssh/sshd_config

7. Kill MySQL processes:

ps aux | grep mysql | grep -v grep | awk '{print $2}' | xargs kill -9

killall -TERM mysqld

8. Show services started at run‑level 3:

ls /etc/rc3.d/S* | cut -c 15-

9. Display multiple messages in a shell script using a heredoc:

cat << EOF
+--------------------------------------------------------------+
|       === Welcome to Tunoff services ===                |
+--------------------------------------------------------------+
EOF

10. Use a

for

loop to create symbolic links for MySQL binaries:

cd /usr/local/mysql/bin
for i in *
do ln /usr/local/mysql/bin/$i /usr/bin/$i
done

11. Retrieve the IP address of

eth0

:

ifconfig eth0 | grep "inet addr:" | awk '{print $2}' | cut -c 6-

12. Show total memory (in MB):

free -m | grep "Mem" | awk '{print $2}'

13. List established connections on port 80:

netstat -an -t | grep ":80" | grep ESTABLISHED | awk '{printf "%s %s
",$5,$6}' | sort

14. Count CPU cores (including hyper‑threaded cores):

cat /proc/cpuinfo | grep -c processor

15. Show CPU load average and compare with logical CPU count:

cat /proc/loadavg

16. Detailed CPU statistics:

mpstat 1 1

17. Memory usage:

free

18. Swap usage and activity:

vmstat 1 5

19. Disk space usage:

df -h

20. Find top‑consuming files/directories in a partition:

du -cks * | sort -rn | head -n 10

21. Disk I/O load:

iostat -x 1 2

22. Network load (throughput):

sar -n DEV

23. Network errors:

netstat -i

24. Number of network connections:

netstat -an | grep -E "^(tcp)" | cut -c 68- | sort | uniq -c | sort -n

25. Total number of processes:

ps aux | wc -l

26. Number of runnable processes:

vmstat 1 5

27. Top processes (by CPU usage):

top -id 1

28. Check DNS, gateway, and general network connectivity.

29. Number of logged‑in users:

who | wc -l

30. Search system logs for errors or failures:

grep -i error /var/log/messages

grep -i fail /var/log/messages

31. Kernel messages:

dmesg

32. System date and time:

date

33. Open file descriptors count:

lsof | wc -l

34. Generate a daily log report with Logwatch:

# logwatch --print

35. Kill processes listening on port 80:

lsof -i :80 | grep -v "ID" | awk '{print "kill -9",$2}' | sh

36. Remove zombie processes:

ps -eal | awk '{ if ($2 == "Z") {print $4}}' | kill -9

37. Capture packets on port 80 with tcpdump:

tcpdump -c 10000 -i eth0 -n dst port 80 > /root/pkts

38. Analyze captured packets for duplicate IPs:

less pkts | awk '{printf $3"
"}' | cut -d. -f 1-4 | sort | uniq -c | awk '{printf $1" "$2"
"}' | sort -n -t\ +0

39. Count active php‑cgi processes:

netstat -anp | grep php-cgi | grep ^tcp | wc -l

40. List services enabled at boot:

chkconfig --list | awk '{if ($5=="3:on") print $1}'

41. Show network card model with kudzu:

kudzu --probe --class=network

Common Regular Expressions

1. Match Chinese characters:

[\u4e00-\u9fa5]

2. Match double‑byte characters (including Chinese):

[^\x00-\xff]

3. Match blank lines:

\s*\r

4. Match HTML tags (simple version):

<(\S*?)[^>]*>.*?</\1>|<.*? />

5. Trim leading and trailing whitespace:

^\s*|\s*$

6. Match email addresses:

\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*

7. Match URLs:

[a-zA-Z]+://[^\s]*

8. Validate usernames (letter start, 5‑16 characters, letters/digits/underscore):

^[a-zA-Z][a-zA-Z0-9_]{4,15}$

9. Match Chinese phone numbers:

\d{3}-\d{8}|\d{4}-\d{7}

10. Match Tencent QQ numbers (starting from 10000):

[1-9][0-9]{4,}

11. Match Chinese postal codes (6 digits):

[1-9]\d{5}(?!\d)

12. Match Chinese ID numbers (15 or 18 digits):

\d{15}|\d{18}

13. Match IPv4 addresses:

\d+\.\d+\.\d+\.\d+

14. Match various numeric formats (integers, floats, positive/negative, zero):

^[1-9]\d*$   // positive integer
^-[1-9]\d*$   // negative integer
^-?[1-9]\d*$   // any integer
^[1-9]\d*|0$   // non‑negative integer
^-[1-9]\d*|0$   // non‑positive integer
^[1-9]\d*\.\d*|0\.\d*[1-9]\d*$   // positive float
^-([1-9]\d*\.\d*|0\.\d*[1-9]\d*)$   // negative float
^-?([1-9]\d*\.\d*|0\.\d*[1-9]\d*|0?\.0+|0)$   // any float

15. Match alphabetic strings and alphanumeric strings:

^[A-Za-z]+$   // letters only
^[A-Z]+$   // uppercase letters only
^[a-z]+$   // lowercase letters only
^[A-Za-z0-9]+$   // letters and digits
^\w+$   // letters, digits, underscore