trax씨 홈의 http://blog.hanmir.com/sedere/231922 에서 보고 알게 됨..
아니 이렇게 끝내주는 툴이 있었다니..

————————-
원문:http://www.unixreview.com/documents/s=8989/ur0403h/

Tool of the Month: ApacheTop and iftop March 2004
by Joe “Zonker” Brockmeier

Some of the most important tools in a systems administrator’s toolbox are the programs that provide effective process and system monitoring. The standard *nix utilities like top, ps, pstree, free, and so on provide a wealth of information for admins looking to diagnose their systems’ health.

That’s not to say, however, that there isn’t room for a few more tools to assist in monitoring the health of a system. In that vein, there are two programs I’ll be covering this month: ApacheTop and iftop. As its name implies, ApacheTop is used to monitor Apache in real time and generate a top-like output. The other tool for this month, iftop, displays a table of current bandwidth usage in a top-like format.

ApacheTop

If you’ve ever used tail -f /var/log/httpd/access_log (or something similar) to monitor the traffic on your Web server, then you’ll definitely want to check out this little beauty of a program. ApacheTop is developed on FreeBSD, but compiles just fine on Linux and (according to the ApacheTop page) Solaris, Mac OS X, and OpenBSD. Head to the ApacheTop homepage and grab the tarball. Run ./configure —with-logfile=/path/to/logfile and make and make install. This puts apachetop in /usr/local/sbin. That should be all there is to it.

I compiled ApacheTop on SUSE 9 with no problems. One thing you will probably want to do when compiling ApacheTop is to specify the location of your access_log. For SUSE 9, using Apache 2, you’ll find the access_log in /var/log/apache2.

Once you have apachetop installed, you can fire it up to see just what your Apache server is doing. Run apachetop or apachetop -r n, with n being the time delay between a refresh of the information shown by apachetop. I believe the default is 5 seconds, but I prefer to use a delay of 1 or 2 seconds. Also, note that you’ll need to be root to run apachetop.

The top lines will give you the breakdown of how long apachetop has been running, when the last “hit” came in for your server, and how many requests have been processed (see Figure 1). The results also show how many hits returned a code in the 200’s, 300’s, and 400’s.

Figure 1: Apachetop
The rest of the display is devoted to the actual requests being processed by Apache, in something like real time. There’s a bit of a lag, actually, because apachetop has to wait for httpd to log a request to your access_log and then process the information — but it’s close enough to “real time” to be very useful. You can toggle the display to see referrer information, the requested URL, or the host making the requests. If you ever wonder why your server is slammed all of the sudden, you can use apachetop to see where all those requests are coming from, what they’re looking for, and who sent them.

Displaying bandwidth usage: iftop

While apachetop monitors the load on httpd, iftop monitors network traffic on a network interface. Again, for admins who have to maintain and troubleshoot servers, this tool is a must-have. Basically, iftop tracks packets that pass through a given interface as well as where those packets are headed.

To get started, grab the source tarball from the iftop homepage. As with apachetop, it’s a simple ./configure, make ; make install to build and install iftop. You’ll need to have libpcap and libcurses installed. I tested it on SUSE 9 with no problems.

After you’ve installed it, go ahead and run iftop. Again, you’ll need to be root to use iftop, because you need to be able to monitor all traffic on the interface. By default, iftop will go for the first interface (probably eth0), but you can specify a different interface with iftop -i ethn or whatever the interface happens to be.

Figure 2: iftop
After you fire up iftop, you’ll see all incoming and outbound traffic on that interface (see Figure 2). It will show the amount of traffic, and (by default) the name of the hosts that are sending/receiving traffic. You can toggle between different display modes while iftop is running using t. If you want to see which ports the traffic is headed to or coming from, use p to toggle port display on. If it is a “named” port (like ssh or http, for example), then iftop will display the name of the service rather than the port number. Overall, iftop’s interface is self-explanatory.

If you see something particularly interesting, you can pause the display by hitting P (that’s an uppercase “P”). If you regularly use a particular configuration , you can create a configuration file in ~/.iftoprc. That’s pretty much all there is to it. You might want to take a look at the man page to see all of the available options, but iftop is pretty simple to use right out of the box.

That’s all for this month. As always, feel free to drop me a note with suggestions for future Tool of the Month columns. I’m always happy to hear about new and interesting software!
————————-

ApacheTop : http://clueful.shagged.org/apachetop/
ifTop : http://www.ex-parrot.com/~pdw/iftop/