Need generic command to get complete running process details


Login or Register for Dates, Times and to Reply

 
Thread Tools Search this Thread
# 1  
Hammer & Screwdriver Need generic command to get complete running process details

I am on SunOS and Linux

I need generic command to get complete process details from which i will eventually extract socket details (listen address and port)

Code:
ps -ef | ggrep -i server | ggrep -i mydomain

does not yield a process that should have both the grep entries along with the listen address and port.

I need a command generic in Solaris and Linux which also prints the socket details.

If generic is not possible i will appreciate individual ps command for linux and SunOS that gives me the detailed ps output including the socket details.

Can you please help ?

Last edited by mohtashims; 04-03-2017 at 04:55 PM..
# 2  
What does the command line you are searching for look like in linux and SunOS?

I'm guessing that ggrep is a GNU grep you have installed on SunOS.

Have you considered using netstat to find listening processes, eg: netstat -pln | grep -i server | grep -i mydomain
# 3  
Hi,

Unfortunately, this may be far less straightforward for Solaris than you might be hoping. As Chubler_XL has pointed out, on Linux you can use a variant of netstat -lnp or netstat -anp to easily see which processes are responsible for which network connections. So on Linux, this is easy.

For Solaris, however, it all depends on what version you're running. If you're lucky, and you're running 11.2 or later, then the netstat command was extended in 11.2 to include this kind of functionality, which up until then it had entirely lacked. Try netstat -aun for approximately similar output that will let you see the PID attached to each network connection.

If you're running pre-11.2...well. It gets messy, I'm afraid. Basically, what you have to do is use the pfiles command to list the files open for each process ID on the system, and grep for AF_INET in the output. If any lines are returned, then you can on a per-process basis extract the sockets that PID is responsible for that way.

If anyone knows of a better way on pre-11.2 to do this I'm sure they'll chime in (and I'd love to know myself), but to the best of my knowledge those are your options for Solaris.

Hope this helps, somewhat !
This User Gave Thanks to drysdalk For This Post:
# 4  
Quote:
Originally Posted by drysdalk
Hi,

Unfortunately, this may be far less straightforward for Solaris than you might be hoping. As Chubler_XL has pointed out, on Linux you can use a variant of netstat -lnp or netstat -anp to easily see which processes are responsible for which network connections. So on Linux, this is easy.

For Solaris, however, it all depends on what version you're running. If you're lucky, and you're running 11.2 or later, then the netstat command was extended in 11.2 to include this kind of functionality, which up until then it had entirely lacked. Try netstat -aun for approximately similar output that will let you see the PID attached to each network connection.

If you're running pre-11.2...well. It gets messy, I'm afraid. Basically, what you have to do is use the pfiles command to list the files open for each process ID on the system, and grep for AF_INET in the output. If any lines are returned, then you can on a per-process basis extract the sockets that PID is responsible for that way.

If anyone knows of a better way on pre-11.2 to do this I'm sure they'll chime in (and I'd love to know myself), but to the best of my knowledge those are your options for Solaris.

Hope this helps, somewhat !
None of the suggestions worked Smilie

Code:
netstat -pln | ggrep -i server | ggrep -i mydomain
netstat: illegal option -- l
usage: netstat [-anv] [-f address_family]
       netstat [-n] [-f address_family] [-P protocol] [-g | -p | -s [interval [count]]]
       netstat -m [-v] [interval [count]]
       netstat -i [-I interface] [-an] [-f address_family] [interval [count]]
       netstat -r [-anv] [-f address_family|filter]
       netstat -M [-ns] [-f address_family]
       netstat -D [-I interface] [-f address_family]
bash-3.2$ cat
^C
bash-3.2$ netstat -aun  | ggrep -i server | ggrep -i mydomain
netstat: illegal option -- u
usage: netstat [-anv] [-f address_family]
       netstat [-n] [-f address_family] [-P protocol] [-g | -p | -s [interval [count]]]
       netstat -m [-v] [interval [count]]
       netstat -i [-I interface] [-an] [-f address_family] [interval [count]]
       netstat -r [-anv] [-f address_family|filter]
       netstat -M [-ns] [-f address_family]
       netstat -D [-I interface] [-f address_family]

Code:
 uname -a
SunOS mymac 5.10 Generic_150400-40 sun4v sparc sun4v

By the way before i can use pfiles how can i get the PID becoz the ps command in the OP does not yield extensive output so ggrep fails to yield any output.
# 5  
Hi,

You're on Solaris 10 (SunOS 5.10 in that uname output), so it makes sense that netstat can't do what you need here.

If you manually look at the output of ps -ef yourself, do you see the process you're looking for ? If not, then you won't be able to grep for it. If you don't see the process you're looking for, do you see the full range of normal processes you'd expect to see on a Solaris system, or do you only see a handful of processes at all ?

Lastly, do you know if this Solaris system has been set up to use zones ? If it has, are you running your ps command either inside the same zone as the process you're looking for or from within the global zone ? You'd have to be doing one of those two things to see it if your process is running inside a zone - you wouldn't see it from a different non-global zone, for example.
# 6  
Quote:
Originally Posted by drysdalk
Hi,

You're on Solaris 10 (SunOS 5.10 in that uname output), so it makes sense that netstat can't do what you need here.

If you manually look at the output of ps -ef yourself, do you see the process you're looking for ? If not, then you won't be able to grep for it. If you don't see the process you're looking for, do you see the full range of normal processes you'd expect to see on a Solaris system, or do you only see a handful of processes at all ?

Lastly, do you know if this Solaris system has been set up to use zones ? If it has, are you running your ps command either inside the same zone as the process you're looking for or from within the global zone ? You'd have to be doing one of those two things to see it if your process is running inside a zone - you wouldn't see it from a different non-global zone, for example.

I was able to get the pid using fuserand from the pid i get the listen address and port using pfiles on SunOS. But i do not know if both the fuser and pfiles will work on Linux.

Last edited by mohtashims; 04-04-2017 at 10:41 AM..
# 7  
Hi,

The basic idea is to step through every PID on the system, run pfiles against it, and if any of the output lines contain AF_INET then those are the sockets that PID has open.

Here's a quick example script I've written. Caveats: this was tested on Tribblix, an illumos distribution, rather than "proper" Solaris, so to speak (since that's what I'm running on my current workstation). But it worked for me, and should work on Solaris 10 as well.

Code:
#!/bin/bash
for pid in `/usr/bin/ps -aef -o pid`
do
        if /usr/bin/pfiles $pid 2>/dev/null | /usr/bin/grep AF_INET 2>/dev/null
        then
                echo Above sockets belong to PID $pid
                echo -----
        fi
done

Run this and you'll get the idea. Hope this helps.
Login or Register for Dates, Times and to Reply

Previous Thread | Next Thread
Thread Tools Search this Thread
Search this Thread:
Advanced Search

Test Your Knowledge in Computers #988
Difficulty: Medium
OpenBSD developers were instrumental in the creation and development of OpenSSH.
True or False?

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Generic script to load file details(ls -ltr) in to a database.

All, I am trying to create a report on the duration of an ETL load from the file arrival to the final dump in to a database for SLA's. Does anyone have any guidance or ideas on how metadata can be extracted; information of a file: like file name, created timestamp, count of records and load... (1 Reply)
Discussion started by: pradeepp
1 Replies

2. Shell Programming and Scripting

Check if process is running if not then use command

Hello, Could someone do the following bash ubuntu script for me? I have 5 screen processes of bot: SCREEN -dmS Xbot_instance_1 php core.php -i 1 SCREEN -dmS Xbot_instance_2 php core.php -i 2 SCREEN -dmS Xbot_instance_3 php core.php -i 3 SCREEN -dmS Xbot_instance_4 php core.php -i 4 ... (2 Replies)
Discussion started by: kotch
2 Replies

3. Shell Programming and Scripting

Command to get exact tomcat process I am running ignoring other java process

Team, I have multiple batchjobs running in VM, if I do ps -ef |grep java or tomcat I am getting multiple process list. How do I get my exact tomcat process running and that is unique? via shell script? (4 Replies)
Discussion started by: Ghanshyam Ratho
4 Replies

4. Shell Programming and Scripting

Command to know all the Current running process and how to kill

All, 1.What is the unix comand used for all current running process (Including All current running processes Parent ->child->subchild process) 2.If child and subchild processes are running then what is the unix command to kill parent and its all child subchild processes in UNIX. Kindly... (7 Replies)
Discussion started by: skp
7 Replies

5. Shell Programming and Scripting

Show running process command > 60 chars

Hi. I use this command to get list of running process: ps -ef|grep ICP|grep -v grep But how do I set the terminal to show full command? It seems that it always truncated to 60 chars no matter what options I put. e.g output oracle9 25011 24998 0 03:00:05 ? 0:00 /usr/bin/sh... (14 Replies)
Discussion started by: aimy
14 Replies

6. Solaris

Process holding /tmp space, need to know the process details

Hi , In a server /tmp has almost reached 75% and i can see the File system utilization is 48Mb only , so i believe some process is using the /tmp space. I would like to know which process is using /tmp space. # df -h /tmp Filesystem size used avail capacity Mounted on swap ... (9 Replies)
Discussion started by: chidori
9 Replies

7. Shell Programming and Scripting

command to see process running at background

Hi , I want to see all the background process that are running in unix box machine...please guide me is there any specific command for that..since I am executing some scripts at background..!!:confused: (1 Reply)
Discussion started by: nks342
1 Replies

8. Shell Programming and Scripting

Running a command in a new process?

Hello I'm using GNU screen for an application that I'm making. I will try to explain: This application opens 2 screen session, A and B. Screen session A has a script running in teh first window. I want to be able to switch from screen session A to screen session B, from the script running in... (1 Reply)
Discussion started by: jondecker76
1 Replies

9. UNIX for Dummies Questions & Answers

Command to check if a particular process is running

Hi What is the best command to check if a particular process is running in a linux server or not To check any java process, I use the below command. ps -ef |grep jvm When I execute the above command, it lists me all the processess . The above command should ideally return only the... (6 Replies)
Discussion started by: vr3w3c9
6 Replies

10. UNIX for Dummies Questions & Answers

How to find the details of the previously running process with PID

OS: Unix or Linux I (only) know the pid of the process which was running earlier (say 5 hrs back) but it is not running now. Is there a way I could find the details of that process? (atleast the name of the process). Please let me know. (2 Replies)
Discussion started by: vijay.d
2 Replies

Featured Tech Videos