Viewing system performance details with the top command

The Linux top command has been around since 1984, helping Linux admins gauge system performance and note which processes are using the most system resources. Since that time, a number of other “top” commands (e.g., atop and htop) have become available with their different takes on what sysadmins need to pay attention to. The top command, however, remains one of the most heavily used and easy to understand commands for viewing system performance.

The basic top command

The basic form of the top command — what you see when you simply type “top” — shows the most useful performance statistics you’re likely to find on a Unix system. The top command starts by supplying you with five lines that provide an important synopsis of what the system is doing: how long it’s been up, the current load average (displaying how busy it is), the number of processes being run, and memory and swap usage. Here’s an example:

$ top
top - 12:15:36 up 5 days,  3:01,  3 users,  load average: 0.07, 0.11, 0.06
Tasks: 244 total,   1 running, 243 sleeping,   0 stopped,   0 zombie
%Cpu(s):  2.8 us,  5.6 sy,  0.0 ni, 91.7 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
MiB Mem :   3784.7 total,    403.9 free,   1066.8 used,   2314.0 buff/cache
MiB Swap:   3784.0 total,   3756.0 free,     28.0 used.   2325.5 avail Mem

A few numbers to pay attention to when you use top are the three load averages in the upper right corner of the output. These describe the load average (how busy the system has been) over the last minute, the last five minutes, and the last 15 minutes. These numbers give you some idea about how heavily loaded the system is. Just keep in mind that they’re only looking at the last 15 minutes.

We can also see how many tasks are running overall, how many are running right now (i.e., using the CPU), along with how many are sleeping, topped or in a “zombie” state (i.e., completed execution but still having an entry in the process table). It also categorizes the CPU usage using these abbreviations:

us:         % CPU time spent in user space
sy:          % CPU time spent in kernel space
ni:          % CPU time spent on “nice” low priority processes
id:          % CPU time spent idle
wa:        % CPU time spent in wait (on disk)
hi:          % CPU time spent servicing/handling hardware interrupts
si:           % CPU time spent servicing/handling software interrupts
st:          % CPU time in involuntary wait by virtual CPU while hypervisor is servicing another processor (or) % CPU time stolen from a virtual machine

The remainder of the top command output displays data on various system processes – more than enough to fill your terminal window. Those using more of the system resources are shown first. Here’s an example – the top five lines in this section of the top output:

PID USER      PR  NI    VIRT    RES    SHR S  %CPU  %MEM     TIME+ COMMAND
 282329 shs       20   0  225268   3840   3072 R   0.7   0.1   0:00.04 top
    613 systemd+  20   0   15396   7424   6656 S   0.3   0.2  15:01.10 systemd-oomd
      1 root      20   0  230752  30504  10820 S   0.0   0.8   0:29.40 systemd
      2 root      20   0       0      0      0 S   0.0   0.0   0:00.27 kthreadd

The fields shown represent the following:

PID:       Shows the process IDs
USER:   Shows the userid of the person running each process
PR:         Shows the process priority
NI:         Shows the nice value of the process
VIRT:     Shows the amount of virtual memory used by the process
RES:      Shows the amount of resident memory used by the process
SHR:     Shows the amount of shared memory used by the process
S:           Shows the status of the process. (See the list below for the values this field can take)
%CPU: Shows the share of CPU time used by the process since the last update
%MEM: Shows the share of physical memory used
TIME+:  Shows the total CPU time used by the task in hundredths of a second
COMMAND: Shows the command name or command line (name + options)

The values in the “S” (process status) field represent these states:

‘D’ = uninterruptible sleep
‘R’ = running
‘S’ = sleeping
‘T’ = traced or stopped
‘Z’ = zombie

You can ask the system to tell you the version of the top command that you are using like this:

$ top -v
  procps-ng 3.3.17

While viewing the top command’s output, you can alter the presentation of the data by using the keys described below:

Press the Q key to quit.
Press the M key to sort the process list by memory usage. Those processes using the most memory will be shown first.
Press the P key to sort the process list by cpu usage.
Press the N key to sort the list by process id.
Press the T key to sort by the running time.
Press the R key to reverse the current sorting order.

Wrap-up

The top command is easy to use and understand. It’s a good idea to get used to its output before a problem arises, as this will help you become familiar with what “normal” looks like.

Source:: Network World