Essential Linux Shell Commands for System Monitoring and Maintenance

1. Delete zero‑byte files find -type f -size 0 -exec rm -rf {} \; 2. List processes sorted by memory usage (largest first) PS -e -o "%C : %p : %z : %a" | sort -k5 -nr 3. List processes sorted by CPU utilization (largest first) ps -e -o "%C : %p : %z : %a" | sort -nr 4. Print URLs cached in the /data/cache directory

grep -r -a jpg /data/cache/* | strings | grep "http:" | awk -F'http:' '{print "http:"$2}'

5. Show HTTP concurrent request count and TCP connection states

netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'

6. Replace "no" with "yes" in the Root line of /etc/ssh/sshd_config sed -i '/Root/s/no/yes/' /etc/ssh/sshd_config 7. Kill MySQL processes

ps aux | grep mysql | grep -v grep | awk '{print $2}' | xargs kill -9

killall -TERM mysqld

kill -9 `cat /usr/local/apache2/logs/httpd.pid`

8. Show services enabled at runlevel 3 ls /etc/rc3.d/S* | cut -c 15- 9. Display multiple messages in a shell script using EOF

cat << EOF
+--------------------------------------------------------------+
|       === Welcome to Tunoff services ===                |
+--------------------------------------------------------------+
EOF

10. Use a for loop to create soft links for MySQL binaries

cd /usr/local/mysql/bin
for i in *
do
  ln /usr/local/mysql/bin/$i /usr/bin/$i
done

11. Retrieve IP address

ifconfig eth0 | grep "inet addr:" | awk '{print $2}' | cut -c 6-

ifconfig | grep 'inet addr:' | grep -v '127.0.0.1' | cut -d: -f2 | awk '{ print $1}'

12. Show memory size free -m | grep "Mem" | awk '{print $2}' 13. List established TCP connections on port 80

netstat -an -t | grep ":80" | grep ESTABLISHED | awk '{printf "%s %s
",$5,$6}' | sort

14. Show Apache concurrent request count and TCP states

netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'

15. Calculate total size of all JPG files on the server

find / -name *.jpg -exec wc -c {} \; | awk '{print $1}' | awk '{a+=$1} END {print a}'

16. Show number of logical CPUs cat /proc/cpuinfo | grep -c processor 17. Display CPU load averages cat /proc/loadavg 18. Show memory usage free 19. Check swap usage free 20. Monitor disk space usage df -h Identify partitions with high usage (e.g., >90%) and find top consuming files or directories: du -cks * | sort -rn | head -n 10 21. Check disk I/O load iostat -x 1 2 Verify I/O utilization (%util) does not exceed 100%.

22. Monitor network traffic sar -n DEV Observe rxbyt/s and txbyt/s values.

23. Detect network errors netstat -i Check for drops, FIFO, collisions, carrier errors; alternatively view /proc/net/dev.

24. Count active network connections

netstat -an | grep -E "^(tcp)" | cut -c 68- | sort | uniq -c | sort -n

25. Total number of processes ps aux | wc -l Ensure the count is within normal range (e.g., not exceeding 250).

26. Number of runnable processes vmstat 1 5 Check that runnable processes do not exceed four times the logical CPU count.

27. Inspect top processes top -id 1 Look for abnormal processes.

28. Verify network status (DNS, gateway, etc.)

29. Count logged‑in users who | wc -l Ensure user count is reasonable (e.g., not over 50); you can also use uptime.

30. Scan system logs for errors

# cat /var/log/rflogview/*errors

grep -i error /var/log/messages

grep -i fail /var/log/messages

31. View kernel messages dmesg 32. Show system date and time date 33. Count open files lsof | wc -l 34. Generate logwatch report # logwatch –print Configure /etc/log.d/logwatch.conf to set Mailto, enable mail service, and customize range/detail options.

35. Kill processes listening on port 80

lsof -i :80 | grep -v "ID" | awk '{print "kill -9",$2}' | sh

36. Remove zombie processes

ps -eal | awk '{ if ($2 == "Z") {print $4}}' | kill -9

37. Capture packets on port 80 with tcpdump

tcpdump -c 10000 -i eth0 -n dst port 80 > /root/pkts

Sort captured IPs and count occurrences:

less pkts | awk '{printf $3"
"}' | cut -d. -f 1-4 | sort | uniq -c | awk '{printf $1" "$2"
"}' | sort -n -t+0

39. Count active php‑cgi processes netstat -anp | grep php-cgi | grep ^tcp | wc -l 40. List services set to start at boot (runlevel 3)

chkconfig --list | awk '{if ($5=="3:on") print $1}'

41. Probe network card model with kudzu

kudzu --probe --class=network

Common Regular Expressions

1. Match Chinese characters: [\u4e00-\u9fa5] 2. Match double‑byte characters (including Chinese): [^\x00-\xff] 3. Match blank lines: \n\s*\r 4. Match HTML tags (basic): <(\S*?)[^>]*>.*?</\1>|<.*? /> 5. Trim leading/trailing whitespace: ^\s*|\s*$ 6. Match email addresses: \w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)* 7. Match URLs: [a-zA-Z]+://[^\s]* 8. Validate usernames (letter start, 5‑16 chars, letters/numbers/underscore): ^[a-zA-Z][a-zA-Z0-9_]{4,15}$ 9. Match Chinese phone numbers: \d{3}-\d{8}|\d{4}-\d{7} 10. Match Tencent QQ numbers: [1-9][0-9]{4,} 11. Match Chinese postal codes (6 digits): [1-9]\d{5}(?!\d) 12. Match Chinese ID numbers (15 or 18 digits): \d{15}|\d{18} 13. Match IP addresses: \d+\.\d+\.\d+\.\d+ 14. Match integers, floats, and related numeric patterns (examples omitted for brevity).

15. Match alphabetic strings and alphanumeric strings:

^[A-Za-z]+$

^[A-Z]+$

^[a-z]+$

^[A-Za-z0-9]+$

^\w+$