Useful ways to use the ps command in operations

2017.08.03

1 vote, average: 1.00 / 11
7,455
X Facebook Hatena Bookmark pocket
Linux command monitoring, operation and maintenance

Hello everyone.
I'm Okazaki from the System Solutions Department.
This time, I'll be writing about the ps command, which is often used in operations.

What is PS Command

The command to display the currently running processes is as follows:

ps [options]

This command allows you to specify the processes to display by specifying various options

Usage example

  • View the processes you are currently running
    • $ ps PID TTY TIME CMD 12558 pts/0 00:00:00 sudo 12559 pts/0 00:00:00 su 12560 pts/0 00:00:00 bash 12611 pts/0 00:00:00 ps
  • Show all processes running on the system
    • $ ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 1.4 0.2 19632 2492 ? Ss 11:53 0:00 /sbin/init root 2 0.0 0.0 0 0 ? S 11:53 0:00 [kthreadd] root 3 0.0 0.0 0 0 ? S 11:53 0:00 [ksoftirqd/0] root 4 0.0 0.0 0 0 ? S 11:53 0:00 [kworker/0:0] root 5 0.0 0.0 0 0 ? S< 11:53 0:00 [kworker/0:0H] root 6 0.0 0.0 0 0 ? S 11:53 0:00 [kworker/u30:0] root 7 0.0 0.0 0 0 ? S 11:53 0:00 [rcu_sched] root 8 0.0 0.0 0 0 ? S 11:53 0:00 [rcu_bh] root 9 0.0 0.0 0 0 ? S 11:53 0:00 [migration/0] root 10 0.0 0.0 0 0 ? S< 11:53 0:00 [lru-add-drain] root 11 0.0 0.0 0 0 ? 11:53 0:00 [kdevtmpfs] root 13 0.0 0.0 0 0 ? S< 11:53 0:00 [netns] root 14 0.0 0.0 0 0 ? S 11:53 0:00 [kworker/u30:1] root 16 0.0 0.0 0 0 ? S 11:53 0:00 [xenwatch] root 17 0.0 0.0 0 0 ? S 11:53 0:00 [kworker/u30:2] root 21 0.0 0.0 0 0 ? S 11:53 0:00 [xenbus]

    or

    $ ps -ef UID PID PPID C STIME TTY TIME CMD root 1 0 0 11:53 ? 00:00:00 /sbin/init root 2 0 0 11:53 ? 00:00:00 [kthreadd] root 3 2 0 11:53 ? 00:00:00 [ksoftirqd/0] root 4 2 0 11:53 ? 00:00:00 [kworker/0:0] root 5 2 0 11:53 ? 00:00:00 [kworker/0:0H] root 6 2 0 11:53 ? 00:00:00 [kworker/u30:0] root 7 2 0 11:53 ? 00:00:00 [rcu_sched] root 8 2 0 11:53 ? 00:00:00 [rcu_bh] root 9 2 0 11:53 ? 00:00:00 [migration/0] root 10 2 0 11:53 ? 00:00:00 [lru-add-drain] root 11 2 0 11:53 ? 00:00:00 [cpuhp/0] root 12 2 0 11:53 ? 00:00:00 [kdevtmpfs]

    Although the display may differ, you can output a list of processes currently running on the server.
    You can find out how many processes with the same name are currently running by using the following.

    $ ps -ef | grep [process you want to check] | wc -l or ps aux | grep [process you want to check] | wc -l 31
  • Display only the items specified by the ps command
    • $ ps -eo pid,user,rss,pcpu,pmem,args PID USER RSS %CPU %MEM COMMAND 1 root 2456 0.3 0.2 /sbin/init 2 root 0 0.0 0.0 [kthreadd] 3 root 0 0.0 0.0 [ksoftirqd/0] 4 root 0 0.0 0.0 [kworker/0:0] 5 root 0 0.0 0.0 [kworker/0:0H]

    In this example, the process ID, user, physical memory usage, CPU usage, memory usage, and process name are displayed.
    In this way, you can display only the specified items and output only the necessary information.
    There are quite a few items that can be specified, so we will introduce a few of them.

    pcpu (%cpu) - CPU usage of the process
    pmem (%mem) - Memory usage
    args (cmd, command) - Command with string arguments
    pid - Process ID
    ppid - Parent process ID
    uid (euid) - Executing user ID
    gid (egid) - Executing group ID
    user (euser, uname) - Executing user
    group (egroup) - Executing group
    rss (rssize, rsz) - Physical memory usage
    lstart - Process start time

  • Sort the output results by item
    • $ ps -eo pid,user,rss,args --sort rss PID USER RSS COMMAND 2667 ec2-user 2424 ps -eo pid,user,rss,args --sort rss 2232 root 2428 auditd 1 root 2464 /sbin/init 2544 root 2528 crond 1533 root 2572 /sbin/udevd -d 2253 root 2592 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 2480 root 2596 /usr/sbin/sshd 2314 rpcuser 3160 rpc.statd 2639 ec2-user 3416 -bash 2519 smmsp 3848 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue 2638 ec2-user 3988 sshd: ec2-user@pts/0 2510 root 4084 sendmail: accepting connections 2490 ntp 4332 ntpd -u ntp:ntp -p /var/run/ntpd.pid -g

    In the example, the RSS results are sorted.
    Please note that you cannot sort by item.
    Below is the result of sorting by the start time of the httpd process.

    $ ps -eo pid,lstart,args --sort lstart | grep httpd PID STARTED COMMAND 21544 Thu Aug 3 14:57:43 2017 /usr/sbin/httpd 21733 Thu Aug 3 14:58:42 2017 grep httpd 21734 Thu Aug 3 11:17:55 2017 /usr/sbin/httpd 38742 Thu Aug 3 12:10:51 2017 /usr/sbin/httpd 42259 Sun Jul 30 04:29:09 2017 /usr/sbin/httpd 64817 Thu Aug 3 13:32:34 2017 /usr/sbin/httpd

    You can see that the files are not sorted correctly by startup time, but by pid

    summary


    There are many opportunities to use the ps command
    to check which processes are running during operation There are many more options that can be specified, so it would be interesting to try using them in
    a different way than usual.

    If you found this article useful, please click [Like]!
    1
    Loading...
    1 vote, average: 1.00 / 11
    7,455
    X Facebook Hatena Bookmark pocket

    The person who wrote this article

    About the author

    Junichiro Okazaki

    Extensive experience in relocating and operating smartphone games

    I am currently working on multi-cloud operations, server construction, and relocation. As the number of projects increases, I am considering ways to improve the efficiency of my work. I often consider methods for relocating servers, taking into account the advantages of each cloud

    While carrying out migrations between clouds and from physical to cloud, the company won two consecutive championships in competitions held by the Japan MSP Association

    I want to use the old repository on AmazonLinux. Try turning on the competent settings in Visual Studio Code.