linux swap usage

Run top then press 'O' (capital letter o) followed by 'p' then 'enter'. Now processes should be sorted by their usage.

start up script

#!/bin/bash
#
# /etc/init.d/swatch
# init script for Swatch.
#
#
CONFIG="/etc/swatch/swatch.conf"
PID="/var/run/swatch.pid"
LOGFILE="/var/log/secure"
PIDS="/tmp/pids.txt"
RETVAL=0

swatch_start() {
if [ -f $PID ]
then
echo "Swatch is already running"
cat $PID
else
echo "Starting Swatch"
/usr/bin/swatch --config-file=$CONFIG --tail-file=$LOGFILE --pid-file=$PID > /dev/null 2>&1 &
RETVAL=$?
fi
}


swatch_stop() {
if [ -f $PID ]
then
echo "Stopping Swatch"
PARENT="$(< "$PID")"
INIT_PID=`ps -o ppid $PARENT |awk ' /[0-9]+/ { print $1 } '`
CPID1=`ps --ppid $PARENT |awk ' /[0-9]+/ { print $1 } '`
kill -9 $INIT_PID $PARENT $CPID1
rm -f $PID $PIDS
RETVAL=$?
else
echo "Swatch is not running!"
fi
}

swatch_status() {
if [ -f $PID ]
then
echo "Swatch is running"
PARENT="$(< "$PID")"
INIT_PID=`ps -o ppid $PARENT |awk ' /[0-9]+/ { print $1 } '`
ps -o pid -o command --pid $INIT_PID --pid $PARENT --ppid $PARENT
else
echo "Swatch is not running"
RETVAL=$?
fi
}


case "$1" in
start)
swatch_start
;;
stop)
swatch_stop
;;
restart)
swatch_stop
swatch_start
;;
status)
swatch_status
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
esac


exit $RETVAL

/usr/local/bin/syslog-mail.pl

#!/usr/bin/perl -n
# thanks to Brian Dowling for an example with security in mind.

$TO = 'email@dot.com';
$FROM = xSolaris;

s/^<\d{1,2}>//;

open(MAIL, "|/usr/sbin/sendmail -t");

print MAIL <<"EOT";
To: $TO
From: $FROM
Subject: Log Alert: $_

$_

EOT

close(MAIL);

syslog-ng config file --> mail alert for failed login

####
# ------------------>
# Syslog-ng Configuration file.
# edited: -> bukidparuparu 072309
# <------------------
#
##############################################################
source src { sun-streams("/dev/log" door("/etc/.syslog_door")); internal(); };
###############################################################
# set destinations
#
destination authlog { file("/var/log/auth.log"); };
destination cron { file("/var/log/cron.log"); };
destination daemon { file("/var/log/daemon.log"); };
destination kern { file("/var/log/kern.log"); };
destination user { file("/var/log/user.log"); };
destination uucp { file("/var/log/uucp.log"); };

destination mail { file("/var/log/mail.log"); };
destination maillog { file("/var/log/maillog"); };
destination mailinfo { file("/var/log/mail.info"); };
destination mailwarn { file("/var/log/mail.warn"); };
destination mailerr { file("/var/log/mail.err"); };

destination debug { file("/var/log/debug"); };
destination messages { file("/var/log/messages"); };

# The root's console.
destination console { usertty("root"); };

#
# scripts that accept syslog messages and mail them out
#
destination mail-alert { program("/usr/local/bin/syslog-mail.pl"); };
destination mail-alert-perl { program("/usr/local/bin/syslog-mail.pl"); };

##########################################
# Filter Logs
#
filter f_su_failed {
match("(Failed|failed)");
};

filter f_cron { facility(cron); };
filter f_daemon { facility(daemon); };
filter f_kern { facility(kern); };
filter f_mail { facility(mail); };
filter f_user { facility(user); };
filter f_uucp { facility(cron); };
filter f_auth { facility(auth); };

filter f_emergency { level(emerg); };
filter f_info { level(info); };
filter f_notice { level(notice); };
filter f_warn { level(warn); };
filter f_crit { level(crit); };
filter f_err { level(err); };

###############################################################
# log statements actually send logs somewhere, to a file, across the network, etc
#

log { source(src); filter(f_daemon); destination(messages); };
log { source(src); filter(f_kern); destination(messages); };
log { source(src); filter(f_mail); destination(mail); };
log { source(src); filter(f_user); destination(messages); };
log { source(src); filter(f_auth); destination(authlog); };
log { source(src); filter(f_mail); destination(maillog); };
log { source(src); filter(f_mail); filter(f_info); destination(mailinfo); };
log { source(src); filter(f_mail); filter(f_warn); destination(mailwarn); };
log { source(src); filter(f_mail); filter(f_err); destination(mailerr); };
log { source(src); filter(f_emergency); destination(console); };

# find messages with "failed" in them, and send to the mail-alert script
log {
source(src);
filter(f_su_failed);
destination(mail-alert-perl);
};
#
# find messages reporting attempted ssh logins, and send to the mail-alert script
# set it up
destination std {
file("/var/log/HOSTS/$HOST/$YEAR/$MONTH/$DAY/$FACILITY_$HOST_$YEAR_$MONTH_$DAY"
owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes)
);
};

# log it
log {
source(src);
destination(std);
};
###############################################################

people will not remember "how you did it" but "how great you are"

people will not remember "how you did it" but "how great you are"

op - Open Ports on a System

This small shell script shows all the open ports on a system
as well as some information about the port.

##############################################################################
##############################################################################


#!/usr/bin/sh
#
# This utility is used to list all of the open ports on a Solaris UNIX
# based machine. It relies heavily on tools that are used to read through
# the /proc directory so it needs to be run as root or as a root equivalent.
#
# The pathname for all executables should reside in root's path statement
# for ldd to work correctly with this script
#
# Originally posted at: http://www.ilkda.com/op.htm
# Submitter: Alan Pae
#
# nmap is a great tool that will show you what is listening on each port
# of a given machine.
#
# nmap tries to give you some information about each port that it finds.
# It does not assume that any service is listening on any port number and
# it will tell you what is listening on the port if it is told to do so
# and it is able to do so.
#
# However, I felt that the information that was given to me via nmap still
# left a lot of research to do on each port so I threw a script together
# to tell you what process is listening on each port and to give you some
# more information about the process so you can tell at a glance what is
# happening on the system that you are responsible for.
#
# Enjoy the script.
#
#
# Sample output:
#
# -----------------------------------------------------
# Process ID #: 154
#
# Ports used:
# sockname: AF_INET 0.0.0.0 port: 68
# sockname: AF_INET6 :: port: 546
# sockname: AF_INET 127.0.0.1 port: 4999
# sockname: AF_INET 127.0.0.1 port: 4999
# sockname: AF_INET 10.0.0.64 port: 68
#
# COMMAND
# /sbin/dhcpagent
#
# Command Line #2: /sbin/dhcpagent
#
# Environment Variables: 154: /sbin/dhcpagent
# envp[0]: LANG=C
# envp[1]: LD_LIBRARY_PATH=/lib
# envp[2]: PATH=/usr/sbin:/usr/bin
# envp[3]: SMF_FMRI=svc:/network/physical:default
# envp[4]: SMF_METHOD=start
# envp[5]: SMF_RESTARTER=svc:/system/svc/restarter:default
# envp[6]: SMF_ZONENAME=global
# envp[7]: SUNW_NO_MPATHD=
# envp[8]: TZ=US/Pacific
# envp[9]: _INIT_NET_STRATEGY=none
#
# Libraries used: /sbin/dhcpagent
# libxnet.so.1 => /lib/libxnet.so.1
# libnvpair.so.1 => /lib/libnvpair.so.1
# libdhcpagent.so.1 => /lib/libdhcpagent.so.1
# libdhcputil.so.1 => /lib/libdhcputil.so.1
# libinetutil.so.1 => /lib/libinetutil.so.1
# libdevinfo.so.1 => /lib/libdevinfo.so.1
# libdlpi.so.1 => /lib/libdlpi.so.1
# libc.so.1 => /lib/libc.so.1
# libnsl.so.1 => /lib/libnsl.so.1
# libsocket.so.1 => /lib/libsocket.so.1
# libuuid.so.1 => /lib/libuuid.so.1
# libgen.so.1 => /lib/libgen.so.1
# libsec.so.1 => /lib/libsec.so.1
# libdladm.so.1 => /lib/libdladm.so.1
# libmp.so.2 => /lib/libmp.so.2
# libmd.so.1 => /lib/libmd.so.1
# libscf.so.1 => /lib/libscf.so.1
# libavl.so.1 => /lib/libavl.so.1
# librcm.so.1 => /lib/librcm.so.1
# libkstat.so.1 => /lib/libkstat.so.1
# libuutil.so.1 => /lib/libuutil.so.1
# libm.so.2 => /lib/libm.so.2
#
# Maximum number of file descriptors = unlimited file descriptors
#
# Effective Real Effective Real
# User User Group Group
#
# root root root root
#
# Current Working Directory: /
#
# elfsign: verification of /sbin/dhcpagent passed.
#
# -----------------------------------------------------
#
#
for i in `ls /proc`
do
openport=`pfiles $i 2> /dev/null |grep "port:"`
if [ ! -z "$openport" ]; then
echo "Process ID #: $i"
echo ""
echo "Ports used: \n $openport"
echo ""
commandline=`/usr/ucb/ps awwx $i | awk '{print $5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18,$19,$20,$21,$22,$23,$24,$25}'`
echo "$commandline"
echo ""
commandline2=`pargs -l $i`
echo "Command Line #2: $commandline2"
echo ""
eco=`pargs -e $i`
echo "Environment Variables: $eco"
echo ""
deps=`pldd $i`
echo "Libraries used: $deps"
echo ""
filedescriptors=`pfiles $i | grep rlimit | awk '{print $3,$4,$5}'`
echo "Maximum number of file descriptors = $filedescriptors"
echo ""
eu=`ps -o user -p $i`
ru=`ps -o ruser -p $i`
eg=`ps -o group -p $i`
rg=`ps -o rgroup -p $i`
effectiveuser=`echo $eu | awk '{print $2}'`
realuser=`echo $ru | awk '{print $2}'`
effectivegroup=`echo $eg | awk '{print $2}'`
realgroup=`echo $rg | awk '{print $2}'`
echo "Effective Real Effective Real"
echo "User User Group Group"
echo ""
echo "$effectiveuser \t\t $realuser \t $effectivegroup \t\t $realgroup"
echo ""
current=`pwdx $i | awk '{print $2}'`
echo "Current Working Directory: $current"
echo ""
elves=`pldd $i | awk '{print $2}'`
elfsign verify -e $elves
echo ""
echo "-----------------------------------------------------"
fi
done




##############################################################################
### This script is submitted to BigAdmin by a user of the BigAdmin community.
### Sun Microsystems, Inc. is not responsible for the
### contents or the code enclosed.
###
###
### Copyright Sun Microsystems, Inc. ALL RIGHTS RESERVED
### Use of this software is authorized pursuant to the
### terms of the license found at
### http://www.sun.com/bigadmin/common/berkeley_license.jsp
##############################################################################

runqueue.d

The minimal interval for which sar is able to collect statistics
is one second. If a system has many processes that take a couple
of milliseconds to run, sar will not know that they are in the
run queue.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

#!/usr/sbin/dtrace -s

#
# Used for automating checks of CPU, memory, I/O, and network TCP performance.
#
# This script is described and explained in the BigAdmin Tech Tip:
# Automating a System Performance Check Using the checkperf Utility
# http://www.sun.com/bigadmin/content/submitted/perf_check.jsp
#

#pragma D option quiet

profile-1000hz
/curthread->t_cpu->cpu_disp->disp_nrunnable/
{
@runq = sum(curthread->t_cpu->cpu_disp->disp_nrunnable);
}

profile:::tick-30sec
{
normalize(@runq, 3000);
printa("%@8d", @runq);
exit(0);
}


##############################################################################
### This script is submitted to BigAdmin by a user of the BigAdmin community.
### Sun Microsystems, Inc. is not responsible for the
### contents or the code enclosed.
###
###
### Copyright Sun Microsystems, Inc. ALL RIGHTS RESERVED
### Use of this software is authorized pursuant to the
### terms of the license found at
### http://www.sun.com/bigadmin/common/berkeley_license.jsp
##############################################################################