BestHub
search
Sign in
Operations 12 min read

Practical Linux Administration Tools for System Monitoring and Management

This article presents a curated list of useful Linux command‑line tools—including Nethogs, IOZone, IOTop, IPtraf, IFTop, HTop, NMON, MultiTail, Fail2ban, Tmux, Agedu, NMap and Httperf—along with installation commands and brief usage notes to help system administrators monitor performance, security and resources effectively.

DevOps Operations Practice
DevOps Operations Practice
DevOps Operations Practice
Practical Linux Administration Tools for System Monitoring and Management

This article introduces several practical Linux operation tools that are useful for system administrators to monitor performance, security, and resources.

1. Nethogs – View per‑process bandwidth usage

Nethogs is a terminal‑based network traffic monitor that shows bandwidth consumption per process.

[root@localhost ~]# yum -y install libpcap-devel ncurses-devel
[root@localhost ~]# tar zxvf nethogs-0.8.0.tar.gz
[root@localhost ~]# cd nethogs
[root@localhost nethogs]# make && make install
[root@localhost nethogs]# nethogs eth0

2. IOZone – Disk read/write performance testing

IOZone tests file system performance on Linux.

[root@localhost current]# tar xvf iozone3_420.tar
[root@localhost ~]# cd iozone3_420/src/current/
[root@localhost current]# make linux
[root@localhost current]# ./iozone -a -n 512m -g 16g -i 0 -i 1 -i 5 -f /mnt/iozone -Rb ./iozone.xls
-a uses automatic mode -n sets minimum file size (KB) -g sets maximum file size (KB) -i selects test -f specifies test file name -R outputs Excel -b outputs to a file

3. IOTop – Real‑time disk I/O monitoring

IOTop displays disk I/O similar to the top command.

[root@localhost ~]# yum -y install iotop

4. IPtraf – Simple network traffic analysis

IPtraf is a lightweight network status tool.

[root@localhost ~]# yum -y install iptraf

5. IFTop – Real‑time network traffic monitoring

IFTop provides a more visual interface than IPtraf.

[root@localhost ~]# tar zxvf iftop-0.17.tar.gz
[root@localhost ~]# cd iftop-0.17
[root@localhost iftop-0.17]# ./configure
[root@localhost iftop-0.17]# make && make install
[root@localhost iftop-0.17]# iftop
[root@localhost iftop-0.17]# iftop -i eth0

TX – transmitted traffic

RX – received traffic

TOTAL – total traffic

Cumm – cumulative traffic

peak – traffic peak

rates – average over 2s, 10s, 40s

6. HTop – Interactive process viewer

HTop replaces the default top command with a more user‑friendly interface.

[root@localhost ~]# rpm -ivh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
[root@localhost ~]# yum -y install htop

7. NMON – System resource monitoring

NMON is widely used on AIX and Linux for performance analysis.

[root@localhost ~]# chmod +x nmon_x86_64_rhel6
[root@localhost ~]# mv nmon_x86_64_rhel6 /usr/sbin/nmon
[root@localhost ~]# nmon

8. MultiTail – Monitor multiple log files

MultiTail opens several windows in the console to tail multiple logs simultaneously.

rpm -ivh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
[root@localhost ~]# yum -y install multitail
[root@localhost ~]# multitail -e "fail" /var/log/secure
[root@localhost ~]# multitail -l "ping baidu.com"
[root@localhost ~]# multitail -i /var/log/messages -i /var/log/secure

9. Fail2ban – SSH brute‑force protection

Fail2ban watches log files, matches patterns, and blocks offending IPs via iptables.

[root@localhost ~]# cd fail2ban-0.8.11
[root@localhost fail2ban-0.8.11]# python setup.py install
[root@localhost fail2ban-0.8.11]# cd files/
[root@localhost files]# cp ./redhat-initd /etc/init.d/fail2ban
[root@localhost files]# service fail2ban start
[root@localhost files]# chkconfig --add fail2ban
[root@localhost files]# chkconfig fail2ban on
# grep -v "^#" /etc/fail2ban/jail.conf | grep -v "^$" [DEFAULT]
ignoreip = 127.0.0.1/8
bantime  = 600
findtime = 600
maxretry = 3
backend = auto
usedns = warn [ssh-iptables]
enabled = true
action = iptables[name=SSH, port=ssh, protocol=tcp]
logpath = /var/log/sshd.log
# touch /var/log/sshd.log
# service fail2ban restart
# fail2ban-client status
# iptables -L

10. Tmux – Terminal multiplexing

Tmux allows persistent sessions over SSH connections.

rpm -ivh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm

11. Agedu – Visualize disk space usage

[root@localhost ~]# tar zxvf agedu-r9723.tar.gz
[root@localhost ~]# cd agedu-r9723
[root@localhost ~]# ./configure
[root@localhost ~]# make && make install
[root@localhost ~]# agedu -s /
[root@localhost ~]# agedu -w --address 192.168.0.10:80

12. NMap – Network scanning and probing

[root@localhost ~]# tar jxvf nmap-6.40.tar.bz2
[root@localhost nmap-6.40]# ./configure
[root@localhost nmap-6.40]# make && make install
[root@localhost ~]# nmap 192.168.0.10
[root@localhost ~]# nmap -O 192.168.0.10
[root@localhost ~]# nmap -A 192.168.0.10
[root@localhost ~]# nmap 192.168.0.0/24
-sS TCP SYN scan -sV service version detection

13. Httperf – Web stress testing

Httperf can generate high loads and measure web server performance.

[root@localhost ~]# tar zxvf httperf-0.9.0.tar.gz
[root@localhost ~]# cd httperf-0.9.0
[root@localhost httperf-0.9.0]# ./configure
[root@localhost httperf-0.9.0]# make && make install
[root@localhost ~]# httperf --hog --server=192.168.0.202 --uri=/index.html --num-conns=10000 --wsess=10,10,0.1

Parameters: --hog maximizes connections, --num-conns sets total connections, --wsess defines session and request patterns.

monitoringOperationsLinuxsystem administrationtools
DevOps Operations Practice
Written by

DevOps Operations Practice

We share professional insights on cloud-native, DevOps & operations, Kubernetes, observability & monitoring, and Linux systems.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment