nixCraft Linux Forum

nixCraft

Linux Tech Support Forum

Server monitoring (samba,NFS,telnet,ssh,ftp)

This is a discussion on Server monitoring (samba,NFS,telnet,ssh,ftp) within the Linux software forums, part of the Linux Getting Started category; I have here lots of question How can I monitor the status of my server? How can I know who ...


Go Back   nixCraft Linux Forum > Linux Getting Started > Linux software

Register FAQ Members List Calendar Forgotten your password? Mark Forums Read
  #1 (permalink)  
Old 06-13-2006, 10:54 PM
Member
User
 
Join Date: Jun 2005
Posts: 45
Rep Power: 0
warren
Default Server monitoring (samba,NFS,telnet,ssh,ftp)

I have here lots of question
How can I monitor the status of my server? How can I know who are logged on in telnet,ssh etc and what resources are they using?

Samba (connected users, what resources are used)
-----smbstatus, ok.

NFS (IP add of the connected client, what resources are used)
-----netstat can see the IP but I have no idea how to get the resources that he is using.

ftp, telnet, ssh (username or IP, resources used)
-----netstat can get the IP. how to get the username or resources used?

I have seen a NAS that was able to do this. there's a section in their gui that you can view all the current status.
Maybe someone can help me out how to do this
thanks in advance for any help.

warren
Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 06-13-2006, 11:27 PM
sweta's Avatar
Contributors
User
 
Join Date: Feb 2005
Location: New Delhi
My distro: Suse, RHEL, Vista
Posts: 154
Rep Power: 4
sweta will become famous soon enough
Default

Quote:
How can I monitor the status of my server? How can I know who are logged on in telnet,ssh etc and what resources are they using?
Use w, who, last, lastcomm command. See url: http://www.cyberciti.biz/faqs/2006/0...-logged-in.php
Quote:
Samba (connected users, what resources are used)
-----smbstatus, ok.
Yup use smbstatus command.

I have no idea about other stuff may be someone will help out
__________________
Friends - v-nessa - missyAdmin - LinuxChix
Reply With Quote
  #3 (permalink)  
Old 06-14-2006, 11:52 AM
Member
User
 
Join Date: Jun 2005
Posts: 45
Rep Power: 0
warren
Default

ok thanks sweta.
I tried w, who, last.
yes it shows who is logged on and the IP add but its hard to tell if its ssh or telnet.
see output below.
-bash-3.00# w
13:24:02 up 21:40, 4 users, load average: 0.00, 0.00, 0.00
USER TTY LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 09:54 0.00s 0.06s 0.00s w
admin pts/1 12:14 1:09m 0.00s 0.00s -bash
user2 pts/2 12:17 1:06m 0.02s 0.02s -bash
user1 pts/3 12:19 1:04m 0.00s 0.00s -bash

-bash-3.00# who
root pts/0 Jun 14 09:54 (192.168.100.170)
admin pts/1 Jun 14 12:14 (192.168.100.170)
user2 pts/2 Jun 14 12:17 (192.168.100.170)
user1 pts/3 Jun 14 12:19 (192.168.100.170)

-bash-3.00# netstat -t -u
Active Internet connections (w/o server
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 192.168.100.163:ssh 192.168.100.170:1795 ESTABLISHED
tcp 0 0 192.168.100.163:telnet 192.168.100.170:1818 ESTABLISHED
tcp 0 0 192.168.100.163:telnet 192.168.100.170:1823 ESTABLISHED
tcp 0 0 192.168.100.163:ssh 192.168.100.170:1095 ESTABLISHED

with netstat results, I have the client IP add and the service used. two ssh and two telnet but the problem is, which users are using telnet or ssh?

thanks,
warren
Reply With Quote
  #4 (permalink)  
Old 06-14-2006, 01:14 PM
Member
User
 
Join Date: Jun 2005
Posts: 45
Rep Power: 0
warren
Default

ok, netstat -t -u -p (-p is available in netstat from net-tool I am using BusyBox netstat
[root@wbeldadFC4 ~]# netstat -t -u -p
tcp 0 0 ::ffff:192.168.100.162:ssh ::ffff:192.168.10spserver ESTABLISHED 3021/sshd: user1 [p

[root@wbeldadFC4 ~]# who -a
user1 + pts/5 2006-06-14 13:59 00:16 3021 (192.168.100.170)

I have now the username, client IP and PID. maybe i can filter the PID in ps to get more info.
looks like this is ok for telnet, ssh, ftp. There's a tool "nu" for Netatalk.
whats left is NFS.
how do I know what resources NFS users are using?

thanks,
warren
Reply With Quote
  #5 (permalink)  
Old 06-14-2006, 04:54 PM
tom tom is offline
Contributors
User
 
Join Date: Jun 2005
Location: London, UK
Posts: 213
Rep Power: 4
tom is on a distinguished road
Default

The nfsstat command can be used to display statistics related to NFS activity
Reply With Quote
  #6 (permalink)  
Old 06-14-2006, 05:37 PM
rockdalinux's Avatar
Contributors
User
 
Join Date: May 2005
Location: Bangalore
My distro: RHEL, HP-UX, Solaris, FreeBSD, Ubuntu
Posts: 581
Rep Power: 7
rockdalinux is a jewel in the rough rockdalinux is a jewel in the rough rockdalinux is a jewel in the rough rockdalinux is a jewel in the rough
Default

May be try out NFSwatch http://nfswatch.sourceforge.net/ for nfs.

For user monitor you need to use special tool called whowatch

Whowatch is an console, interactive users and process monitoring tool. It displays information about the users currently logged on to the machine, in real-time. Besides standard informations (login name, tty, host, user's
proces, the type of the connection (ie. telnet or ssh) is shown. Display of users command line can be switch to tty idle time.

To install whowatch use command (if you are using debian):
Code:
apt-get install whowatch
Fedora user can use
Code:
yum install whowatch
See output:
http://www.cyberciti.biz/tips/wp-con...h-output-1.png
__________________
Rocky Jr.
You may have my body & soul, but you will never touch my pride!

If you have knowledge, let others light their candles at it.

Certified to work on HP-UX / Sun Solaris / RedHat
Reply With Quote
  #7 (permalink)  
Old 06-15-2006, 06:04 PM
Member
User
 
Join Date: Jun 2005
Posts: 45
Rep Power: 0
warren
Default

I tried nfswatch, its good but the information is more on monitoring packets and NFS read/write....
nfsstat is also on rpc,nfs statistics. whowatch looks good but its a complete application w/ menus.
I am looking only for, who logon and what share did he connect.
maybe in the log files, where can I find the log files for NFS?
Reply With Quote
  #8 (permalink)  
Old 06-16-2006, 10:24 PM
tom tom is offline
Contributors
User
 
Join Date: Jun 2005
Location: London, UK
Posts: 213
Rep Power: 4
tom is on a distinguished road
Default

NFS is a stateless protocol. This means that the file server stores no per-client information, and there are no NFS "connections". For example, NFS has no operation to open a file, since this would require the server to store state information (that a file is open; what its file descriptor is; the next byte to read; etc).

So you cannot get all the clients details.
Reply With Quote
  #9 (permalink)  
Old 06-19-2006, 11:09 AM
Member
User
 
Join Date: Jun 2005
Posts: 45
Rep Power: 0
warren
Default

back to work...
thanks for the good info tom. so, the point is we cannot know who open/deleted the files.
I'm just wondering how the other NAS get the info about the IP address of the client and the resource connected.
Maybe in the system log because there an info like,

Jun 19 12:10:13 localhost rpc.mountd: authenticated mount request from 192.168.100.162:720 for /mnt/NAS/public (/mnt/NAS/public)

client IP = 192.168.100.162
resource connected = /mnt/NAS/public
but its hard to get a string in a log file.

on NFS server.
showmount -a "List both the client hostname and mounted directory in host:dir format."
-bash-3.00# showmount -a
All mount points on NAS163:
*:/mnt/NAS/public
*:/mnt/NAS/share1/share1
192.168.100.162:*
192.168.100.164:*
192.168.100.171:*
---the client is there but how can I know which share is being mounted.
Reply With Quote
  #10 (permalink)  
Old 06-19-2006, 06:37 PM
monk's Avatar
Senior Member
User
 
Join Date: Jan 2005
Location: Tibet
My distro: Debian GNU/Linux
Posts: 482
Rep Power: 5
monk will become famous soon enough monk will become famous soon enough
Default

warren,

you can grep information:

Code:
grep  -i 'authenticated mount request' /var/log/message
Then you can use awk to separate information. If you see above information in your log file you can you can write a shell script to create report.

Let me know if this helps out or not
Reply With Quote
Reply

Bookmarks


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads

Thread Thread Starter Forum Replies Last Post
Samba Server not working vaibhav.kanchan Getting started tutorials 2 01-08-2008 07:14 PM
fail to telnet localhost 106 satimis Mail Servers 8 12-18-2007 06:16 AM
Telnet Problem kasimani Databases servers 3 03-05-2007 08:02 PM
HP Unix Samba to Windows server lmoodley HP-UX 0 01-23-2007 05:31 PM
remote server monitoring for Solaris pliu0606 Solaris/OpenSolaris 4 10-15-2005 03:49 PM


All times are GMT +5.5. The time now is 12:45 AM.


Powered by vBulletin® Version 3.7.4 - Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.2.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36