We pick the top ten Top tools
7: Ptop
Two database tools appear in the top 10. At seventh place is Ptop [6] (see Figure 4). Any administrator who has worked with PostgreSQL will be interested in this tool because Ptop provides an overview of all your database processes, at the same time displaying information such as the SQL statements currently being processed. But that's not all: Ptop also gives you details of locks and statistics for individual tables and indices (Figure 5).
To launch Ptop, enter pg_top -d database -U database_user -W password. The command takes the user to an interactive shell, where a number of shortcuts are available (Table 1).
Ptop is available for Linux, BSD, and Mac OS. For more screenshots and details, go to the website [7].
6: Dnstop
Dnstop [8] uses the Pcap library to filter all the DNS queries on a computer's network interface and list them neatly. The dnstop network_device -t -s command gives you a list of DNS queries in a Top-style, configurable view. Table 2 shows some Dnstop shortcuts.
When you enter a question mark, ?, Dnstop displays the integrated online help. At the same time, Dnstop offers two combined views that give users several pieces of information at a glance. The @ entry lets you display the source of the query along with the second-level domain target-side, along with the volume and percentage of all DNS traffic. The # option gives you the same results, but with a complete third-level domain name (Figure 6).
If you use Dnstop on a router, you can also detect undesirable DNS tunnels. A client on a local network that exchanges a large volume of data via a DNS server will be exposed quickly.
5: Iftop
Snapshots and a traffic overview for all active network connections are Iftop's [9] specialty. Just like Top, it sorts connections by activity and offers a jam-packed action set while doing so (see Figure 7).
Administrators can press H to view online help and configure the view. Throughput is not only displayed as a figure, but also by a bar chart. Iftop adjusts the scale at the top of the screen to reflect the amount of bandwidth used.
Various options allow users to disable DNS name resolution, hide sources and targets, and sort on various columns. At the bottom edge of the display, you can see the average and accumulated values and sums for the Ethernet device sorted by input and output.
The comprehensive filtering options are really exciting for network administrators and can be entered either in interactive mode (after entering iftop -f options) or by pressing the F key. For example, -f icmp displays ICMP packages only. The familiar Tcpdump style can be inverted by making a selection – for example: not port ssh.
The -F option tells Iftop to automatically filter out individual hosts, or complete networks, leaving only those that match the selected network mask: iftop -F 192.168.0.0/24 is an example for a local network. For more information on the numerous options, see the man pages online [10].
« Previous 1 2 3 4 Next »
Buy this article as PDF
(incl. VAT)