Lsof options: Difference between revisions
(Created page with "= Lsof options = Just for personal use and taken directly from source: http://www.akadia.com/services/lsof_intro.html == Ripoff start == <quote> Overview LiSt Open Files is a...") |
No edit summary |
||
(One intermediate revision by the same user not shown) | |||
Line 3: | Line 3: | ||
Just for personal use and taken directly from source: http://www.akadia.com/services/lsof_intro.html |
Just for personal use and taken directly from source: http://www.akadia.com/services/lsof_intro.html |
||
[[Category:Linux]] |
|||
== Find top 10 open files programs == |
|||
<pre> |
|||
lsof -n | awk '{printf("%s (%s)\n", $1, $2)}' | sort | uniq -c | sort -rn | head |
|||
866 java (3019) |
|||
49 sshd (7290) |
|||
48 sshd (2084) |
|||
45 sshd (7049) |
|||
36 avahi-dae (1609) |
|||
35 lighttpd (1622) |
|||
31 ntpd (1328) |
|||
30 sshd (1304) |
|||
29 exim4 (1635) |
|||
25 rpc.idmap (917) |
|||
</pre> |
|||
== Ripoff start == |
== Ripoff start == |
||
Line 66: | Line 83: | ||
lsof provides many more options and could be an unvaluable foresinc tool if your system get compromised or as daily basis check tool. |
lsof provides many more options and could be an unvaluable foresinc tool if your system get compromised or as daily basis check tool. |
||
<quote> |
<quote> |
||
== Ripoff End == |
== Ripoff End == |
Latest revision as of 06:10, 26 October 2012
Lsof options
Just for personal use and taken directly from source: http://www.akadia.com/services/lsof_intro.html
Find top 10 open files programs
lsof -n | awk '{printf("%s (%s)\n", $1, $2)}' | sort | uniq -c | sort -rn | head 866 java (3019) 49 sshd (7290) 48 sshd (2084) 45 sshd (7049) 36 avahi-dae (1609) 35 lighttpd (1622) 31 ntpd (1328) 30 sshd (1304) 29 exim4 (1635) 25 rpc.idmap (917)
Ripoff start
<quote> Overview
LiSt Open Files is a useful and powerful tool that will show you opened files. In Unix everything is a file: pipes are files, IP sockets are files, unix sockets are files, directories are files, devices are files, inodes are files...
Useful Examples
So in this tangle of files lsof listst files opened by processes running on your system.
When lsof is called without parameters, it will show all the files opened by any processes.
lsof | nl
Let us know who is using the apache executable file, /etc/passwd, what files are opened on device /dev/hda6 or who's accessing /dev/cdrom:
lsof `which apache2` lsof /etc/passwd lsof /dev/hda6 lsof /dev/cdrom
Now show us what process IDs are using the apache binary, and only the PID:
lsof -t `which apache2`
Show us what files are opened by processes whose names starts by "k" (klogd, kswapd...) and bash. Show us what files are opened by init:
lsof -c k lsof -c bash lsof -c init
Show us what files are opened by processes whose names starts by "courier", but exclude those whose owner is the user "zahn":
lsof -c courier -u ^zahn
Show us the processes opened by user apache and user zahn:
lsof -u apache,zahn
Show us what files are using the process whose PID is 30297:
lsof +p 30297
Search for all opened instances of directory /tmp and all the files and directories it contains:
lsof +D /tmp
List all opened internet sockets and sockets related to port 80:
lsof -i lsof -i :80
List all opened Internet and UNIX domain files:
lsof -i -U
Show us what process(es) has an UDP connection opened to or from the host www.akadia.com at port 123 (ntp):
lsof -iUDP@www.akadia.com:123
lsof provides many more options and could be an unvaluable foresinc tool if your system get compromised or as daily basis check tool. <quote>