This is a repository for monitoring a Kali Linux VM. Monitoring is essential for maintaining system health, identifying performance bottlenecks, and ensuring optimal resource utilization. This guide covers various monitoring tools and commands to track system metrics, including CPU, memory, disk, network, and process usage.
-
CPU Load: Helps in understanding the processing power demands and if they are within the system's capacity.
-
Memory Usage: show real-time process memory consumption:
-
Disk Usage: Tracks how much storage is being used and available, critical for ensuring data storage does not reach full capacity unexpectedly.
-
Log Files: Contain detailed system, application, and security events. They are typically found in /var/log/ directory on Linux systems and are crucial for troubleshooting and monitoring system health.
-
User Activity: The last command can reveal who logged into the system, their activities, and log-off times, providing insights into user behavior and potential unauthorized access.
-
Accounting Utilities: Tools like acct, sar, and atop provide detailed insights into system resource utilization, user activity, and performance metrics.
acct
provides process accounting information. we need to install it withsudo apt install acct
and we can process the activities with the following:
lastcomm
shows the last commands executed by users.ac
- displays statistics about users' connect time.accton
- turns process accounting on or off.dump-acct
- prints the contents of the process accounting file.sa
- summarizes accounting information.dump-utmp
- prints the contents of the user accounting file.
-
System Health: System Health and Performance Metrics: Encompass CPU, memory, disk, and network utilization, along with load averages and process statistics to gauge overall system performance.
-
Uptime: The uptime command shows how long the system has been running since its last restart, indicating stability.
-
Network Traffic: Tools like iftop or nethogs offer insights into real-time network bandwidth usage and traffic patterns, essential for identifying network bottlenecks or suspicious activity.
-
Process Monitoring: Tools like ps and pstree help monitor running processes, their resource consumption, and relationships between them.
Tools like Glances, Sar, Vmstat, Monitorix, and NETHogs offer more advanced monitoring capabilities, providing detailed insights into system performance and resource utilization.
- is a powerful system monitoring tool that provides real-time data on CPU, memory, disk, network, and process activity.
- It offers a comprehensive overview of system health and performance, with interactive graphs and charts for easy visualization.
- We first install it with
sudo apt install glances
glances
to start itq
to quit
-
is a powerful command-line tool for monitoring system performance, collecting, displaying, and saving data for analysis.
-
It can monitor CPU, memory, disk, network, and process activity, providing insights into system health and performance.
-
We first install it with
sudo apt install sysstat
-
Then we need to make sure that the data collection is enabled by editing the
/etc/default/sysstat
file and settingENABLED="true"
-
we restart the service with
sudo systemctl restart sysstat
-
and enable it with
sudo systemctl enable sysstat
-
and then run it with
sar
. -
The data should be stored in
/var/log/sysstat/
directory.
- is another useful tool for monitoring system performance, providing real-time data on CPU, memory, disk, and network activity.
- It can help identify performance bottlenecks, track resource utilization, and optimize system performance.
- We first install it with
sudo apt install procps
- then run it with
vmstat
.
-
is a lightweight system monitoring tool that collects and visualizes system performance data in graphs and charts.
-
It can monitor CPU, memory, disk, network, and process activity, providing a comprehensive overview of system health and performance.
-
We first install it with
sudo apt install monitorix
-
we start the Monitorix service with
sudo systemctl start monitorix
-
we also enable it with the command
sudo systemctl enable monitorix
-
and then run it with
monitorix
. -
http://localhost:8080/monitorix
to access the Monitorix web interface.