Essential Linux Shell Commands for System Monitoring and Maintenance

System Monitoring Commands

1. Delete zero‑byte files: find -type f -size 0 -exec rm -rf {} \; 2. List processes sorted by memory usage (largest first): ps -e -o "%C : %p : %z : %a" | sort -k5 -nr 3. List processes sorted by CPU utilization (largest first): ps -e -o "%C : %p : %z : %a" | sort -nr 4. Print URLs cached in the image cache:

grep -r -a jpg /data/cache/* | strings | grep "http:" | awk -F'http:' '{print "http:"$2}'

5. Show concurrent HTTP requests and their TCP states:

netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'

6. Replace "no" with "yes" in the Root line of /etc/ssh/sshd_config: sed -i '/Root/s/no/yes/' /etc/ssh/sshd_config 7. Kill MySQL processes:

ps aux | grep mysql | grep -v grep | awk '{print $2}' | xargs kill -9

killall -TERM mysqld

8. Show services started at run‑level 3: ls /etc/rc3.d/S* | cut -c 15- 9. Display multiple messages in a shell script using a heredoc:

cat << EOF
+--------------------------------------------------------------+
|       === Welcome to Tunoff services ===                |
+--------------------------------------------------------------+
EOF

10. Use a for loop to create symbolic links for MySQL binaries:

cd /usr/local/mysql/bin
for i in *
do ln /usr/local/mysql/bin/$i /usr/bin/$i
done

11. Retrieve the IP address of eth0:

ifconfig eth0 | grep "inet addr:" | awk '{print $2}' | cut -c 6-

12. Show total memory (in MB): free -m | grep "Mem" | awk '{print $2}' 13. List established connections on port 80:

netstat -an -t | grep ":80" | grep ESTABLISHED | awk '{printf "%s %s
",$5,$6}' | sort

14. Count CPU cores (including hyper‑threaded cores): cat /proc/cpuinfo | grep -c processor 15. Show CPU load average and compare with logical CPU count: cat /proc/loadavg 16. Detailed CPU statistics: mpstat 1 1 17. Memory usage: free 18. Swap usage and activity: vmstat 1 5 19. Disk space usage: df -h 20. Find top‑consuming files/directories in a partition: du -cks * | sort -rn | head -n 10 21. Disk I/O load: iostat -x 1 2 22. Network load (throughput): sar -n DEV 23. Network errors: netstat -i 24. Number of network connections:

netstat -an | grep -E "^(tcp)" | cut -c 68- | sort | uniq -c | sort -n

25. Total number of processes: ps aux | wc -l 26. Number of runnable processes: vmstat 1 5 27. Top processes (by CPU usage): top -id 1 28. Check DNS, gateway, and general network connectivity.

29. Number of logged‑in users: who | wc -l 30. Search system logs for errors or failures:

grep -i error /var/log/messages

grep -i fail /var/log/messages

31. Kernel messages: dmesg 32. System date and time: date 33. Open file descriptors count: lsof | wc -l 34. Generate a daily log report with Logwatch: # logwatch --print 35. Kill processes listening on port 80: lsof -i :80 | grep -v "ID" | awk '{print "kill -9",$2}' | sh 36. Remove zombie processes: ps -eal | awk '{ if ($2 == "Z") {print $4}}' | kill -9 37. Capture packets on port 80 with tcpdump: tcpdump -c 10000 -i eth0 -n dst port 80 > /root/pkts 38. Analyze captured packets for duplicate IPs:

less pkts | awk '{printf $3"
"}' | cut -d. -f 1-4 | sort | uniq -c | awk '{printf $1" "$2"
"}' | sort -n -t\ +0

39. Count active php‑cgi processes: netstat -anp | grep php-cgi | grep ^tcp | wc -l 40. List services enabled at boot: chkconfig --list | awk '{if ($5=="3:on") print $1}' 41. Show network card model with kudzu:

kudzu --probe --class=network

Common Regular Expressions

1. Match Chinese characters: [\u4e00-\u9fa5] 2. Match double‑byte characters (including Chinese): [^\x00-\xff] 3. Match blank lines: \n\s*\r 4. Match HTML tags (simple version): <(\S*?)[^>]*>.*?</\1>|<.*? /> 5. Trim leading and trailing whitespace: ^\s*|\s*$ 6. Match email addresses: \w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)* 7. Match URLs: [a-zA-Z]+://[^\s]* 8. Validate usernames (letter start, 5‑16 characters, letters/digits/underscore): ^[a-zA-Z][a-zA-Z0-9_]{4,15}$ 9. Match Chinese phone numbers: \d{3}-\d{8}|\d{4}-\d{7} 10. Match Tencent QQ numbers (starting from 10000): [1-9][0-9]{4,} 11. Match Chinese postal codes (6 digits): [1-9]\d{5}(?!\d) 12. Match Chinese ID numbers (15 or 18 digits): \d{15}|\d{18} 13. Match IPv4 addresses: \d+\.\d+\.\d+\.\d+ 14. Match various numeric formats (integers, floats, positive/negative, zero):

^[1-9]\d*$   // positive integer
^-[1-9]\d*$   // negative integer
^-?[1-9]\d*$   // any integer
^[1-9]\d*|0$   // non‑negative integer
^-[1-9]\d*|0$   // non‑positive integer
^[1-9]\d*\.\d*|0\.\d*[1-9]\d*$   // positive float
^-([1-9]\d*\.\d*|0\.\d*[1-9]\d*)$   // negative float
^-?([1-9]\d*\.\d*|0\.\d*[1-9]\d*|0?\.0+|0)$   // any float

15. Match alphabetic strings and alphanumeric strings:

^[A-Za-z]+$   // letters only
^[A-Z]+$   // uppercase letters only
^[a-z]+$   // lowercase letters only
^[A-Za-z0-9]+$   // letters and digits
^\w+$   // letters, digits, underscore