CompTIA Linux+ XK0-005 – Unit 08 – System Maintenance Part 5

  • By
  • August 9, 2023
0 Comment

39. The uptime Command

Another command that a lot of people like is the uptime command. The uptime just lets you know how long this thing’s been running the system itself since the last reboot or power on. Now, some of you may be encouraged to find these sites. We used to see them all the time with our Cisco routers and our Novell servers that would say, look at my uptime. It’s been up for 13 years. Five days. Okay, if you are hoping to see your uptime in the months and years to brag about how stable your system is, I’m going to tell you you’re doing something wrong. Uptime just lets you know how long it’s been up since the last boot. It also tells you how many users are logged in and the average load, the average load being how busy the thing is. Now, here’s what I’m going at with the uptime.

Everything running software needs to be patched, needs to be updated. There’s nothing wrong with rebooting a system. If I saw a system bragging about having an uptime of 13 years, I realize that you’re 13 years behind the times in updating any of the problems that you had in your operating system, and you’re just waiting for a hacker to use the oldest known tool in the book to break into your system as though there was no security whatsoever. All right, updates. The fixes that we would call them in Windows, those are important. They’re crucial. You need to not go as a goal of 13 years. Uptime, I think I made some sense. But beyond that, and I’ll get off that security so box, how many people are logged in load, all of those are great things to also see included in that command.

40. The free Command

The Free command is designed to tell you about how much memory and swap space is available for use. Again, if this number becomes very low, that tells me that I’m running out of memory, that I have too many applications running. At some point if I add more applications as active running processes, I’m probably going to have very slow performance because I don’t have enough memory. And if I’m running out of swap space, then it gets even worse. It’s nice that we can put in gigabyte after gigabyte of memory and that we can create a large swap file. That’s great. But at some point if you run enough programs, you are going to run out. And so this is another way of looking to see if you’re over taxing your system.

Now, one of the things we talk about when we are talking about the design of a server is that servers are purchased to solve a specific problem. They’re going to run some service, whether it’s email for us or web capabilities or databases for us. But we generally don’t buy the server to do all of those things.But some of you will do that. Some of you will say well look, I can run this database program and I can run my email server and I can be a web server all at the same time. I should have enough memory. Maybe you have enough processors, maybe that’s a good choice for your company.

But it’s all about the planning. And so using commands like Free can help verify the plan that you had for the deployment of your server to see if it’s compatible, if you have the right amount of memory, the right amount of swap space. Now, one of the things I just got through telling you in that little side journey that I took was that when you install the app operating system and you put this and load it onto a server and this is just like a home PC that you’re using for fun, servers in the enterprise should be planned for. It should be something that you scoped out, hardware specs, operating system choices, things I talked about in other units. So that when you are putting it together, it was designed for your needs.

41. The top Command

Again, the top command was designed to help put order to the chaos of a large report. So if you are interested in who is utilizing the most of the CPU, you don’t want to be going through the list looking for the largest number, whereas the top command can just automatically order it in descending order for you by whatever value you want. If you want the top CPU percentage user, you could say that in the top command so that it puts it in that order. Otherwise you might just get it ordered by process IDs or an order by user names and that might not be useful whatsoever when you’re trying to find certain bits of information. So the top command is just a sort and it’s in a descending order, putting the most of whatever it is at the top and going down from there.

42. The vmstat Command

And again, the virtual memory stat command was designed to let you know how the swap file is in. The swap space is being utilized for the same reasons that I just talked about memory. We’re trying to find out if what we have is sufficient. If we’re running out, if maybe I misplanned which services too many applications running. Whatever the case is, it’s a part of our analysis.

43. Demo – Using the Memory Statistics Utilities

We’re going to do some other commands to monitor our system. One of the ones we’ll look at is this thing called Uptime. Now, I did talk about how important it is that you don’t try to go for years and years with Uptime. It is nice to know, though, how long it’s been up and how many people have been in there. The average load, another one is free. Free gives you an idea of how much memory is used, how much is free, the buffers, the cache. Again, trying to get an idea to really encourage you to keep up on the server, its performance and everything else. VM Stat was designed to talk about my swap use, right? Virtual memory. And on that one, of course, if I had a lot to choose from, I could use the Top command to take a look at processes and all that other kind of cool stuff that’s happening.

We’ve seen this already, so I’m not going to take you through too many options. You have h for the help, hit any key to break out of there. Z to start doing some highlighting. Now that’s something you might not have seen. A to lowercase, Z to turn on colors, turn them off, and that’s pretty exciting. Anyway, just options that you have. I can change the delay with something like the command s hit escape, Oops hit Q anyway to try to quit out of there and Q, there we go, to quit. So again, learning and working with Top is probably something that’s pretty cool for you to get a good idea about how those things work. And now we’re going to go ahead and just close this thing down.

Look at our applications real quick. And under applications we’ll go to System Tools. System Monitor. We’ve kind of been through this before. We can look at the processes tab so we can see again things that are running kind of like we saw in the Top command, only graphically. I can click on these columns to see how things are performing in that aspect. I can select certain particular processes, I can end them if I want to. I can right click and kill it, changes priorities, open the files that might be associated with that particular. Damon those are nice little add ons that you get by going through the Gui’s and playing with those as well.

So it gives you, again, like I said, just the chance to work with understanding how things are running, what you can expect, how you can manipulate those and resources. Kind of gives you that quick little history of how things have been running over the past 60 seconds. And it’s a little more often that it’s going to give me these intervals than I was getting with my SAR command. But again, I could have done something similar with SAR if I just had put it in there for every 1 second and show me 60. So it’s again. Nice little tool. Give you an idea of how things are running and help you hopefully alleviate any bottlenecks or any slowdowns that you might have.

44. Load Average

Now the load average is something we just saw with the uptime command. But what it does is it gives you a realtime average of the CPU processes. It does them in 1 minute, five minute and ten minute intervals. So you get an idea over time how busy the processor has been. Now the idea is that by having these intervals that we’re not going to see that one little ten second spike of percent and then panic that our processors overloaded. It’s going to be overtime. That’s why it’s an average. Now if you have a larger number than you have of the CPUs capability that’s telling you that your system is potentially overloaded. So it’s another way of, again going back to planning and the planning says am I running too many applications, am I running too many services on this server.

Either because of the hardware’s needs or whatever the case is, we need to make sure that we have a good plan to get the best performance out of our server. And I know I’m really focusing on enterprise. As a home user. I’m not as concerned what you’re doing at home, you have fun with Linux, run your programs. But a lot of us are using these in enterprises because web services with Apache very popular. MySQL well very popular programs. So we want to look at these load averages and make sure that we haven’t overwhelmed the actual hardware of the server with too many apps. So that’s what we’re looking at. And load average is a great way of starting to make those types of decisions and realizations of how busy is it?

45. Demo – Viewing the Load Average for Your Computer

All right, I’m going to open up a terminal screen. I’m going to type command Top, look at the values that we have there, and basically start asking you questions about the load average. Remember, these are the 110 and 15 minutes time periods that basically tell me how busy well, in this case, how busy my system has not been. Because, again, the nice thing about a lab is you aren’t seeing real numbers of a protection server or even a protection machine.

Anyway, when you look at those values again, don’t forget you have all sorts of other information that’s going to show up. And when you’re done, you type in Q and you’re done looking at some of the other information. In this particular case, you would have used the values to perhaps look to see if your CPU was overloaded. In this particular case, of course, you saw that we were running just fine and we’re done with that terminal window.

46. Topic D: Logging

Now finally we’re going to talk about logging. Now let me say something about this. It’s a proactive approach if you want it to be. By looking at the logs and seeing that things are running well, it can also be a postmortem event where it’s dead, it’s broken. You look at the logs and see what happened. I kind of like the proactive, the five nines of uptime, very important. Now the emphasis in our course is going to be logging, logging things on the Linux server itself. Let me slightly get again on my little security soapbox and tell you that I am firmly a believer that logging files should be stored off the system. There should be at most minimum a syslog server sitting there gathering this information. The reason I say it is twofold.

Number one, if somebody hacks your system and they own your box, the Linux machine, they can change your logs, they can delete their evidence. And number two you’re going to have to look at if it dies, can I retrieve the logs? Well if I can’t retrieve them, then what good is the history? Look at the logging server. It’s just another way of keeping at least if anything, a backup of what’s happening so that you can review it later. Now there are plenty of YouTube utilities that will read your logs and even help analyze and make you look like the best network administrator you’ve ever seen by helping you realize, oh look, here’s some potential problems. Here’s some issues you should maybe go and look at to make sure that everything is running well. Okay, off the security soapbox, let’s get on to logging.

47. Log Files

Now, there are many different types of log files, obviously for the different types of services and daemons that are running. For instance, there’s a boot log, which is your system boot up and your daemon startup information. Did everything start appropriately? Were there any errors? Did something not start the way it was supposed to, or it started just fine? All of those are in the boot log. The Cron log tells you the status of those jobs, those tasks that you’ve scheduled. Especially important if you’ve scheduled some backup tasks with a Cron, did it work? I mean, that’s important stuff to know, because if you’re depending on the backup and the backup failed to run for whatever reason, then if something dies, you don’t have to restore the dean message.

Is the hardware detection settings that we discover when we’re working with especially booting things up. Mail log for the email sent by the daemons. Last log would deal with the users and when they last logged in. Messages is a location to see your startup and system level messages. By the way, the Messages log is a very commonly seen Unix Linux type of a log file secure would be for your network access people coming in remotely. And then the xorg or the x free 86 would be your x window operations that would let me know about how the GUI is behaving or not behaving. Those are some of your typical log files. It doesn’t mean they’re the only log files that you have or that you can’t create your own.

48. Demo – Viewing Logs

All right, we’re going to need to move to the VAR log directory. We’ve had the chance to see this before, and with the LF piping it into, the more we’ll take a look at what information is being logged. Of course, not everything is a particular log, but especially if I see something like the dot log at the end, it kind of gives me an idea that there’s going to be information that might be helpful for me. And at this point, the log directory directory is not too huge. But if you were to compare this back with some of the texts that you would read about the different log files or what you can expect, you should be able to match them up with the types of logs you’re working with.In this case, if you’re looking for information from the kernel or from if I scroll up here a little bit from authentication logs.

All of it just kind of adds together and helping you see what’s been happening, hopefully in a proactive manner. Now you can also do a less command, and I’m doing it, of course, with the pseudo so I can make sure I can put in my information about my root account. And in this case, I’m going to look at the D message file to view the contents of my hardware detection, only I hit the S instead of the D. So there we go. And I’m going to hit enter, put in my password, and here we go. So again, this being the last command, I use the page up and down and this is showing me the information about what was discovered during the start up. So you can kind of see what it’s mapping, the memory locations.

And again, you could peruse through this file to look for any failures, anything that didn’t pass a test, that didn’t cause a complete system crash, address settings, PCI settings, latency timer of the devices, interrupts that are being assigned. And again, it’s just a very large compendium of information about the actual startup process. And you even get the idea of how long that took as you’re looking at the time information there on the left hand corner there from when it first got power to the time that it finished. So again, that’s another way of going through and gathering information about the performance of your system. I’ll type Q for quit. And those were different log files. Basically, I wanted you to know where they were in the bar directory and especially the D message file so you can look at the hardware information that was gathered at startup.

49. System Logging Daemon

Now, there are many different daemons that deal with system logging. We often just call it syslog. The older systems had one called the Syslog d or the syslog daemon. The current or newer distributions use the R syslog d for the syslog feature of the system logging. Now, you can configure what they log and how they log, and even where by configuring either the Syslog co NF file. So I’ll call that the Syslog config file or the rsyslog config file, both of which are located in the slash etsy folder.Now, the reason this is important is that you might, if you’re not careful, log too much.

If you log too many things, you’re going to slow your system down, because these are being written to a file on your hard drive, and your processor has to recognize all of these things that are getting logged and do a lot of extra work. So you do want to edit these, because there may be issues or events or levels, what we call severity levels that you don’t care about. But when you do care about them, like debug, then you can edit it, turn it on, watch your debug stuff, then get rid of it.

Comments
* The most recent comment are at the top

Interesting posts

The Growing Demand for IT Certifications in the Fintech Industry

The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »

CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared

In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »

The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?

If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »

SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification

As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »

CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?

The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »

Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?

The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »

img