The following line was in the Ubuntu crontab:
*/2 * * * * echo -e "'date'\n\n'free' \n\n'vmstat'\n" >> /home/hacker/free_vmstat_output.txt
Extract from the free_vmstat_output.txt file two times that I'm interested in analyzing:
-e Mon Apr 10 08:12:01 -03 2017
total used free shared buffers cached
Mem: 1271608 143388 1128220 4884 15052 53916
-/+ buffers/cache: 74420 1197188
Swap: 496636 0 496636
procs -----------memory---------- ---swap-- -----io---- -system-- ------cpu-----
r b swpd free buff cache si so bi bo in cs us sy id wa st
0 0 0 1128220 15052 53916 0 0 38 23 53 87 1 0 99 0 0
-e Mon Apr 10 09:51:01 -03 2017
total used free shared buffers cached
Mem: 1271608 340384 931224 8980 34348 212528
-/+ buffers/cache: 93508 1178100
Swap: 496636 0 496636
procs -----------memory---------- ---swap-- -----io---- -system-- ------cpu-----
r b swpd free buff cache si so bi bo in cs us sy id wa st
0 0 0 930248 34348 212528 0 0 23 108 1635 685 1 6 93 0 0
I searched but could not understand the CPU part. What are the acronyms and ids that appear in the CPU part?
How to compare CPU and memory usage at these two different times? One of the moments is before one attack and the other during a denial of service attack.