[root@ASDDB01 ~]# lsof -n -p 17951 | grep -i tcp
oracle 17951 oracle 18u IPv4 446443982 0t0 TCP 192.168.45.12:cctv-port->211.115.106.222:47382 (ESTABLISHED)
LSOF 는 List Open File 의 약자로 해당 System에서 구동되고 있는 프로세스들에 의해서 열려진 파일들을
확인 할수있는 툴입니다. 즉 프로세스의 파일핸들을 조사해 볼 수 있는 유용한 툴
특정 프로세스가 오픈한 파일 리스트 확인
lsof -p 포트번호
특정호스트에 대한 접속 확인
lsof -i@특정아이피
특정 사용자가 오픈한 프로세스 확인
lsof -u 유저명
특정 파일이 사용하는 프로세스 확인
lsof /etc/passwd
man
EXAMPLES For a more extensive set of examples, documented more fully, see the 00QUICKSTART file of the lsof distribution.
To list all open files, use:
lsof
To list all open Internet, x.25 (HP-UX), and UNIX domain files, use:
lsof -i -U
To list all open IPv4 network files in use by the process whose PID is 1234, use:
lsof -i 4 -a -p 1234
Presuming the UNIX dialect supports IPv6, to list only open IPv6 net- work files, use:
lsof -i 6
To list all files using any protocol on ports 513, 514, or 515 of host wonderland.cc.purdue.edu, use:
lsof -i @wonderland.cc.purdue.edu:513-515
To list all files using any protocol on any port of mace.cc.purdue.edu (cc.purdue.edu is the default domain), use:
lsof -i @mace
To list all open files for login name ``abe'', or user ID 1234, or process 456, or process 123, or process 789, use:
lsof -p 456,123,789 -u 1234,abe
To list all open files on device /dev/hd4, use:
lsof /dev/hd4
To find the process that has /u/abe/foo open, use:
lsof /u/abe/foo
To send a SIGHUP to the processes that have /u/abe/bar open, use:
kill -HUP `lsof -t /u/abe/bar`
To find any open file, including an open UNIX domain socket file, with the name /dev/log, use:
lsof /dev/log
To find processes with open files on the NFS file system named /nfs/mount/point whose server is inaccessible, and presuming your mount table supplies the device number for /nfs/mount/point, use:
lsof -b /nfs/mount/point
To do the preceding search with warning messages suppressed, use:
lsof -bw /nfs/mount/point
To ignore the device cache file, use:
lsof -Di
To obtain PID and command name field output for each process, file descriptor, file device number, and file inode number for each file of each process, use:
lsof -FpcfDi
To list the files at descriptors 1 and 3 of every process running the lsof command for login ID ``abe'' every 10 seconds, use:
lsof -c lsof -a -d 1 -d 3 -u abe -r10
To list the current working directory of processes running a command that is exactly four characters long and has an 'o' or 'O' in character three, use this regular expression form of the -c c option:
lsof -c /^..o.$/i -a -d cwd
To find an IP version 4 socket file by its associated numeric dot-form address, use:
lsof -i@128.210.15.17
To find an IP version 6 socket file (when the UNIX dialect supports IPv6) by its associated numeric colon-form address, use:
lsof -i@[0:1:2:3:4:5:6:7]
To find an IP version 6 socket file (when the UNIX dialect supports IPv6) by an associated numeric colon-form address that has a run of zeroes in it - e.g., the loop-back address - use:
lsof -i@[::1]
To obtain a repeat mode marker line that contains the current time, use:
lsof -rm====%T====
To add spaces to the previous marker line, use:
lsof -r "m==== %T ====" |
'OraclE' 카테고리의 다른 글
| append 힌트 재대로 사용하시나요? (0) | 2015.03.30 |
|---|---|
| object 변경시 dependency (0) | 2015.01.06 |
| logminor 로그마이너 (0) | 2014.09.05 |
| v$parameter (0) | 2014.08.05 |
| log_archive 파라미너 변경 (0) | 2014.08.05 |
