Dstat, NetHogs, and nload

Charly's Column – Traffic Monitors

Article from Issue 233/2020
Author(s):

Every sys admin has a few favorite tools that they always carry with them, if only because they do not want to be without these often overlooked treasures. The gems dangling from Charly's key ring include Dstat, NetHogs, and nload.

On my laptop there is a list of topics I want to write about in the near or distant future. There are tools, tricks, and hacks that I often and gladly use, but which I cannot convert into enough text for a whole column. This explains why three small utilities share this column today.

Dstat

Let's start with Dstat [1]. Last issue, I described how to get details about the installed hardware (especially RAM) from Linux. I was promptly asked how to detect "hogs" as quickly and easily as possible – processes that grab resources (such as CPU, RAM, etc.) without so much as a by your leave. I will keep this short, because I have already written about this topic [2]. My secret weapon looks like this:

# dstat -cdn -D sda -N enp2s0 -C total --top-cpu --top-io --top-mem -f 5

Every second, this displays which processes are generating the highest CPU, memory, and I/O load (Figure 1). This command has saved me from working late dozens of times.

Figure 1: Dstat frequently saves Charly from working late.

NetHogs

Unfortunately, Dstat does not show you which process is generating the most network traffic at the moment. NetHogs [3] fills this gap. On machines with multiple interfaces, it only needs the name of the desired network interface as a parameter. If not specified, it grabs the first interface that is not called localhost.

A list of all processes that send or receive network packets appears (Figure 2). I use the R and S keys to tell Dstat to sort this by incoming and outgoing traffic respectively. NetHogs has a nice graphical add-on, HogWatch [4], that visualizes the data. Unfortunately, HogWatch is no longer actively maintained.

Figure 2: NetHogs adds the traffic information that Dstat lacks.

nload

If you want to see a meaningful net load curve, but don't want to use a graphical tool, nload [5] will do the job. The following command draws the current net load level with cursors on the console:

# nload -t 1000 -o 10000

The -t 1000 parameter specifies the update interval in milliseconds (default: 500ms). -o 10000 tells the tool to cap the graph at 10Mbps, because nload scales it to the interface's maximum speed (Figure 3). If you have a gigabit or faster interface, but a low load, you simply will not see it.

Figure 3: nload provides a meaningful network load graph.

Infos

  1. Dstat: https://github.com/dagwieers/dstat
  2. "The sys admin's daily grind: Dstat" by Charly Kühnast, Linux Magazine, issue 150, May 2013, p. 65
  3. NetHogs: https://github.com/raboof/nethogs
  4. HogWatch: https://github.com/akshayKMR/hogwatch
  5. nload: https://github.com/rolandriegel/nload

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Charly's Column

    Network monitors are a dime a dozen, but Nload, which separates incoming and outgoing traffic and draws graphs on the console without X, is unique.

    more »
  • Charly’s Column – Dstat

    Occasional worries about the system status are part of the sys admin’s daily life, and admins usually keep a fat toolbox of top and stat tools to alleviate them. Charly says he can manage with just one multitool – for the time being, at least.

    more »
  • Nethogs

    Nethogs knows which programs and users are monopolizing the system's network connection.

    more »
  • System Diagnosis Tools

    To check on the health of a Linux system, administrators can turn to vmstat, iostat, netstat, and ifstat. Or, you can just use the versatile dstat, which combines the features of several tools in a single package.

    more »
  • Stat-like Tools for Admins

    ASCII tools can be life savers when they provide the only access you have to a misbehaving server. However, once you're on the node what do you do? In this article, we look at stat-like tools: vmstat, dstat, and mpstat.

    more »
comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News

Tag Cloud

Administration Community Events Hardware Linux Linux Pro Magazine Mobile Programming Security Software Ubuntu Web Development Windows free software open source