Server Monitoring Tools

Here you will find a comlete list of each and every server monitoring tool. This article helps you to find the correct server monitoring tool for your specific needs.

Command-Line Tools

1) Top

Top is a tiny application that is pre-installed on numerous UNIX systems. Whenever you want to see all the running threads and processes, Top is the ideal tool. It also allows you to order processes based on several criteria, with the CPU being the default.

2) Htop

Htop is an improved version of Top and makes it easier to sort processes. The “h” in front of “Htop” stands for Hisham, which is the name of its developer. Htop is very easy to work with and comes with inbuilt commands for the things you typically want to do. Htop is fully interactive.

When using Htop, you might notice that the meters change colors from time to time when the graph bars are full. Note that this is its expected behavior and is not a bug. Also, note that the number displayed by the memory meter is the total memory used by those processes. The extra memory is utilized by the Linux kernel for the disk cache and buffering, meaning that the kernel uses the entire memory. The number shown by Htop is more accurate than other tools concerning utilized resources.

Htop users may also realize that it doesn’t have a SWAP column similar to the one on Top. Htop claims that it is impossible to know the actual size of utilized swap space. According to Htop, Top fakes these stats. This is why Htop does not have a swap column because there is no dependable way to collect the data.

3) Atop

Similar to Htop and Top, Atop monitors all processes. The difference is that Atop logs all the processes on a daily basis so that there is enough information for long-term analysis. Atop also displays resource consumption by every process, and identifies the ones that have reached a critical load.

There are several benefits in using Atop over other performance monitoring tools. First, Atop displays resource use by all the processes. Second, Atop shows how all the relevant resources such as swap/memory, disk input/output, and CPU are used. Third, Atop permanently logs resource utilization data for long-term analysis. It compresses the raw counters before writing them to disk to use minimum disk space. Atop also gives you a scalable window width and it automatically adds and removes items from the window as you resize it. Atop shows how individual threads are using resources and give you the option to either watch activities or deviations alone. It can also show you the accumulated processes per user or per program as well as the network activity per process.

4) Apachetop

Apachetop is based on Mytop and monitors the entire performance of the Apache server. Some of the information it displays include the number of reads, writes as well as the number of processed requests.

Apachetop runs from the console, meaning that it does not have a graphical user interface. It also monitors individual threads as well as the overall performance of the Apache web server. It only runs on UNIX systems with Perl, Term::ReadKey and LWP installed.

5) Ftptop

Ftptop displays all the necessary information regarding every current FTP connection to the server. For example, it shows the total number of sessions, which ones are uploading or downloading and the client’s identity.

6) mytop

Mytop is instrumental in monitoring MySQL’s performance and threads. The tool gives you a real-time display into the database as well as the queries that it is currently processing.

Mytop does not have a graphical user interface and only runs on the console. Not only does it monitor the threads, but also the entire performance of MySQL server. It runs on a majority of UNIX systems including Mac OS X, so long as they have DBI, Term::ReadKey and Perl installed. If you install Term::ANSIColor, it gives you colored output. If you install Time::HiRes, Mytop will give you real-time queries and statistics on the magnitude of seconds. Mytop’s version 0.7 can even run on Windows.

7) powertop

Powertop is ideal for diagnosing issues connected to power consumption and management. The tool can also help network administrators to experiment with power management settings, hence finding the perfect settings for the server. The tab key is used to switch tabs.

You can also build Powertop for Android. At the moment, Powertop has a tool known as Bugzilla, which helps it track bugs.

8) iotop

Iotop monitors the input/output use and displays the information through a top-like interface. It shows read and write columns, and every row represents a process. Iotop also shows the time proportion that each process used swapping in and waiting for input/output.

Iotop is written in Python with a user interface that shows the input and output processes that are going on. For Iotop to run, it needs Python 2.7 and above and a Linux kernel higher than 2.6.20.

Desktop Monitoring

1) ntopng

Ntopng stands for “ntop next generation,” and is an improvement of ntop. It uses a browser-based graphical user interface that helps network administrators to monitor the server. Some of the things that ntopng can do include: getting network traffic, geolocating hosts, showing and analyzing the distribution of IP traffic.

Ntopng is based on libpcap and is written in a portable way so that it can run on every UNIX platform, Windows and Mac OS X. Moreover, ntopng has an intuitive and encrypted web interface that helps in the analysis of both real-time and historical traffic. You can also discover application protocols such as YouTube, Facebook, and BitTorrent among others by leveraging the ntop Deep Packet Inspection (nDPI). You can also analyze IP traffic and sort it based on its source or destination. It’s also possible to produce network traffic statistics for HTML5 and AJAX. Ntop supports ElasticSearch, MySQL, LogStash, IPv6, and Ipv4. It features an alerts engine capable of capturing any suspicious and anomalous hosts. Ntop can use the characterization services offered by HTTP Blacklist and Google to characterize HTTP traffic. It also features GTP/GRE detunnelling and interactive exploration of the data exported to MySQL.

Ntopng can run on UNIX (Linux, BSD, and Mac OS X), Windows x64 and ARM.

Ntop comes in three offerings. The community, professional and enterprise version. The enterprise version has all the features. The community and professional versions have fewer features, with the community version having the least features.

2) iftop

Iftop and Top are very similar, the difference being that iftop monitors CPU usage and listens to network traffic on specific network interfaces. Iftop also displays a table of current usage. If you want to know why your internet connection is slow, then iftop is the answer.

To use Iftop, you first need to have libpcap and libcurses installed. The current stable version is 0.17, but if you would like to use previous versions, you can get them from the download repository. Source code for Iftop is maintained in git.

3) jnettop

Jnettop displays network traffic like iftop. However, jnettop goes a notch further and supports customizable text output. It also has a machine-friendly mode that is useful for doing further analysis.

The traffic that jnettop captures come via the host, it’s running on and shows the streams of data based on the utilized bandwidth. It produces a list of the communication on the network categorized by the host and port. It also shows the number of bytes that passed through it and the bandwidth that it consumes.

Jnettop follows the usual GNU command line syntax where the long options start with a pair of dashes. To configure jnettop, please note that the program looks for settings in the file referred to by the parameter –f. The configuration file is usually an ordinary text file containing keywords and their arguments. Arguments always have to be enclosed in double quotes.

4) bandwidthd

BandwidthD monitors the use of the TCP/IP subnet networks and displays them through a browser-based user interface in which it generates graphs in PNG format. BandwidthD also has a database-driven system that supports filtering, searching and multiple sensors. Besides, you can produce custom reports.

By default, the bandwidth use is displayed over a two day, eight-day, forty day and four hundred day intervals. You can, however, configure the tool so that the utilization of each IP address is logged at an interval of 3.3, 10, 60 or 720 minutes.

BandwidthD runs on a majority of platforms including Windows. To run on UNIX, however, the only required files are libgl, libpcap and libpng. BandwidthD displays items in two ways. The first is as an individual application that generates PNG and static HTML at 200-second intervals. Secondly, BandwidthD can work as a sensor which transmits information to a database in the backend, and this can then be used to create reports by dynamic PHP pages. While both outputs are similar, the database system allows you to search and filter multiple sensors and create custom reports.

You can try BandwidthD’s filtering demo for free and then decide whether or not it works for you.

5) EtherApe

EtherApe gives a graphical representation of network traffic. It is inspired by etherman. It has a link layer, TCP, and IP modes. It can also display graphs of network traffic. EtherApe’s protocol displays are color-coded. It supports Ethernet, Token Ring, PPP, WLAN, FDDI, ISDN, SLIP as well as several encapsulation formats. EtherApe allows you to export its Node statistics.

The busier your network, the larger the node. EtherApe can capture real-time traffic or read it from a tcpdump. You can then refine the display using a web filter with pcap syntax.

EtherApe has prebuilt rpms for Mageia 5, Fedora (21, 22, 23, 24), OpenSUSE (13.2, Leap 42.1/42.2 and Tumbleweed/Factory), Arch Linux, CentOS (6 and 7) and ScientificLinux 6 and 7.

6) ethtool

Ethtool is instrumental in the display and monitoring of network interface controller parameters. It can also help diagnose and collect statistics from Ethernet devices.

Ethtool gives you diagnostic and identification information as well as extended device statistics. It also gives you control over the speed, auto-negotiation, and Ethernet device flow control. You can also control the checksum offload and offload characteristics of other hardware devices. You also can control the ring sizes of DMA and moderate interruptions. With Ethtool, it is possible to upgrade the firmware in flash memory. For multi-queue devices, you can also control queue selection. Also, note that majority of the Ethtool’s features depend on whether the particular driver supports them.

7) NetHogs

NetHogs groups bandwidth based on process. This is unlike other tools that break down traffic based on protocol or subnet. NetHogs doesn’t need special kernel modules to load. In case you get lots of traffic on the network, you can instantly start NetHogs to find out what the problem is. This makes it easy to identify the programs that suddenly start consuming a lot of bandwidth.

The fact that NetHogs mainly relies on /proc means that most of the features are available on Linux. You can use NetHogs on Mac OS X and FreeDSD. However, it will only display the connections and not the processes. When upgrading or downgrading NetHogs, you can just install the new version over the old one.

NetHogs displays network traffic based on either the subnet or protocol. Then it groups the items based on the process. In case there is a sharp increase in network traffic, the network administrator can start NetHogs and identify the process causing the surge.

8) Iptraf

Iptraf collects several metrics and displays them. These parameters include TCP connection packets, its byte count, activity indicators and interface statistics. It also shows a breakdown of TCP/UDP traffic, its byte counts, and station packets.

The current Iptraf release is 3.0.0 and was released on September 19, 2005.

9) ngrep

Ngrep stands for “network grep,” meaning that it is grep for the network layer. Ngrep is pcap-aware and allows the system administrator to either choose hexadecimal expressions or regularly extended to match against the packets.

Ngrep tries to offer most of the standard features found in GNU grep, using them on the network layer. At the moment, it recognizes TCP, ICMPv4/6, Raw across Ethernet, SLIP, Token Ring, IPv4/6, UDP, IGMP, PPP, null interfaces and FDDI. It also similarly understands BPF filter logic to other packet sniffing tools like snoop and tcpdump.

In the past, ngrep was used for debugging interactions between plaintext protocols like SMTP, FTP, and HTTP to analyze and identify communications within the network like those that lie between viruses, worms, and zombies. It can also read, store, and reprocess pcap dump files, and identify specific data patterns. Also, it can be used in HTTP Basic Authentication, FTP, and POP3 authentication. A powerful tool, ngrep can be utilized for both good and bad.

10) MRTG

At the outset, MRTG was developed to check router traffic. Today, however, MRTG can check other network related metrics. It collects data every five minutes and then creates an HTML page to display the data. You can also configure it to send warning emails whenever it spots a problem.

For example, if you have a router and want to understand what it has been doing all day, MRTG can be of great help. It monitors SNMP network devices and draws beautiful pictures that show the amount of traffic that passes through each interface.

Other than routers, MRTG can also be used in graphing the activities of the network devices. MRTG is developed using Perl and works on Netware, Windows, and UNIX. It is an open source tool.

11) Bmon

Bmon is a debugging and monitoring tool. It has some output methods including an interactive curses UI as well as well as a programmable text output that can be used for scripting. Various guides can help you install Bmon on Debian/Ubuntu, CentOS, and OSX.

Bmon not only monitors but also helps you to debug your network. It collects statistics related to the network and displays it in a user-friendly manner. It is also possible to interact with Bmon either through scripts or curses.

12) Traceroute

Traceroute is usually inbuilt on Linux systems. It displays the route and also measures packet delay within the network.

13) IPTState

IPTState stands for “IP Tables State.” It has a top-like interface. IPTState allows you to monitor and sort the output based on different criteria interactively. You can also limit the view using various criteria. The only requirement is that you should have the curses library, typically ncurses. Currently, IPTState is supported on Red Hat, Mandrake, FloppyFW, Debian, Fedora Core, and Gentoo among others.

IPTState helps you monitor the destination of traffic crossing your iptables. You can then classify this information using some criteria. You can also use IPTState to delete states from the iptable.

14) darkstat

Apart from capturing network traffic, Darkstat also computes usage statistics. It serves its reports through a simple HTTP server and uses a beautiful GUI to display the charts.

Darkstat supports IPv6 and has asynchronous reverse DNS resolution through a child process. It creates reports, generates traffic graphs and displays the ports for each host. Darkstat has an embedded web server with deflate compression. Above all, Darkstat is small, single-threaded, efficient and portable.

Darkstat is supported on FreeBSD, OpenBSD, NetBSD, AIX, Mac OSX, Solaris and Linux (Debian, Gentoo, Ubuntu, Archlinux, Fedora, and OpenSUSE).

15) vnStat

vnStat monitors the network traffic. It collects statistics from the kernel, and this ensures that it uses system resources lightly. The collected statistics are persistent, meaning that they are not affected by system reboots. In case you are an artistic system administrator, you will appreciate the color options that vnStat offers.

vnStat is a network traffic monitor for BSD and Linux that is console-based. It logs network traffic for selected interfaces. It utilizes statistics of the network interface offered by the kernel as its information source. As such, vnStat will not sniff any traffic, ensuring that system resources are used lightly. It is an open source program that can be installed as the root or as a single user.

vnStat is easy to install and get running. You can also monitor several interfaces at the same time. It has several output options. You can get an hourly, daily, weekly, monthly or even a top-ten day summary. You can optionally choose a PNG image as the output. You may also configure the months so that they follow the billing period. vnStat is very light and uses minimum resources as a result. Even when there is a lot of traffic, vnStat still uses minimal CPU resources. You can use vnStat even without root permissions. You can also produce user-friendly output using its online color configuration tool.

16) netstat

Netstat comes inbuilt. Some of the information that it displays includes routing tables, TCP network connections, and several other network interfaces. Netstat helps in finding problems within the system.

17) ss

Unless you have a perfect reason to use netstat, you are advised to use ss instead. This is because ss shows more information and is faster than netstat. For example, if you want to see a summary of network statistics, just use the command “ss-s.”

18) nmap

Nmap stands for “Network Mapper” and is an open source software that helps in network discovery and security auditing. The majority of the network and systems administrators use Nmap for system inventory, managing service upgrades as well as server uptime and host monitoring. Nmap utilizes raw packets in a way that determines the available hosts on the network, the services, operating systems as well as the types of firewalls and packet filters being used.

Its designers made the tool in such a way that it can rapidly scan large networks. However, it can also work on a single host. Nmap is supported by every one of the primary OS, and binary packages exist for Windows, Linux and OS X. Other than the console-based Nmap executable, you have the option of using its complex GUI. It also features seamless data transfer, a redirecting and debugging tool. Nmap has a function for comparing the scan results as well as a response analysis and packet generation tool.

Nmap enables you to scan your server with the aim of identifying the open ports and displaying the operating system being used. However, you can also use Nmap for network discovery and to identify vulnerabilities that may be exploited using SQL injections. Nmap also has other tools that are useful for pen testing.

Other advantages of Nmap include the fact that it is flexible, powerful, portable, is easy to use, free, well-documented, widely supported and accessible.

19) MTR

MTR is a network diagnostic tool that is a combination of a ping tool and Traceroute’s functionality. MTR will typically constrain the number of hops that individual packets travel, at the same, time noting when they expire. MTR does this every second.

When MTR launches, it monitors the network connection. After determining each network hop’s address between the devices, MTR transmits several ICMP ECHO requests to each address so as to determine the quality and strength of the link going to every machine. While monitoring, MTR prints running statistics about each machine.

MTR’s distribution is done under the GNU license. At the moment, MTR is maintained in a git repository at GitHub. MTR uses Autoconf, which allows compatibility with very many operating systems. MTR is also live on the web. Its developers have set up a web-front for running MTR from at least six places around the world.

This is instrumental when you want to understand if the server is down or just unreachable from different parts of the world. If all servers can reach your location, it doesn’t mean that it is reachable from everywhere.

20) tcpdump

Tcpdump is a robust console-based packet analysis tool that uses libpcap, which is a portable C/C++ library designed to capture traffic on the network. As an open source tool, anyone can use Tcpdump and make contributions. It's full documentation is offered with the packages of origin in its man pages. Windows users should check the Windows PCAP page to get references to WinDUMP.

Tcpdump displays a description of the packet contents that it has captured. The information matches the expression that you gave it in the command. If you would like to analyze this data further, you can save it.

21) Justniffer

Justniffer analyzes network protocols and captures traffic. It then generates customized logs. Justniffer enables you to study TCP traffic from live systems or capture file that were previously saved. The capture files are stored in the libpcap format, the same format that tcpdump uses.

Justniffer was created to help analyze performance problems in complex networks in cases where it becomes unreasonable to scrutinize network captures just using low-level sniffing software such as Wireshark. It’s deployed as a network protocol that uses TCP/IP. Many times, the logging level as well as monitoring system fails to notify system administrators in case of severe performance problems like the duration it takes to respond to each network request, and Justniffer is instrumental in such situations.

In other cases, it’s better to gather web services logs that are used in various devices such as servers (web and application) and Python implementations among others. Justniffer captures traffic in promiscuous mode so that it’s installed on independent and dedicated stations inside one network.

Justniffer can not only rebuild but also save HTTP data on files using its multipurpose sniffer. It is extensible through external scripts.

Justniffer is a tool that sniffs TCP packets. You can specify whether you would like to gather low-level or high-level data. It can retrieve the precise flow of TCP/IP traffic including TCP retransmission, fragmentation of IP and re-ordering among others. It utilized parts of the Linux kernel source code to handle everything related to TCP/IP. It also uses a modified version of the libnids library. Justniffer also lets you generate customizable logs. For instance, you can mimic the Apache access log.

Infrastructure Monitoring

A) Open Source Server Monitoring Software

1) Munin

Munin is free and open source server and network monitoring application. It raises alerts in case anything is wrong with switches, servers, services or applications. Not only does Munin alert the user when something goes wrong, it also alerts them when the issues have been resolved. Perl is the language used to write Munin. It also uses the RRDTool to create graphs. Munin’s interface is provided through a web interface. Munin is very easy to use because of its plug and play capabilities. Presently, Munin contains around 500 monitoring plugins.

Munin implements a master/nodes architecture whereby the master connects with every node at regular intervals and requests for data. This data is then stored in its RRD file, which can be then used to update the graphs. Among Munin’s greatest goals is to make it easy to create new plugins. Plugins are small applications used by Munin nodes to gather and report data. Plugins also determine how data presentation should be done. Munin has at least 300 plugins in its core repositories and over 180 plugins in its third-party repository. There is also an unknown number of plugins that are independently published.

You can write plugins in any scripting language, and the only thing you should remember is to print key-value pairs that are separated by a space in your standard output. Creating customized plugins in Munin is very easy. Munin produces graphs for almost all aspects of your server, including memory usage, MySQL throughput, load average, eth0 traffic and CPU usage. In fact, you don’t need many configurations for Munin to check these services. In addition, if services like Postfix, Apache, and MySQL are not available, Munin will try to restart them. As a result, Munin gives you comprehensive monitoring, allowing you to identify the current and upcoming problems.

2) Nagios Core

Founded in 1999, Nagios is one of the leaders in the industry when it comes to the provision of monitoring software that caters to the needs of small to medium-sized enterprises. Nagios can monitor every component on the system from operating systems, services, system metrics, servers, middleware, and websites. At Nagios foundation is a Core 4 monitoring engine that offers a high-performance level, while using the minimum server resources. You can integrate Nagios with any third-party software through a plugin. Moreover, there is a substantial probability that someone has already built the plugin you are looking for. In fact, if you are using Middleware, leverage Nagios to monitor WebSphere, WebLogic, Tomcat, JBoss, Nginx, and Apache among others.

Nagios is a widely used server and network performance monitoring tool. For many developers, Nagios is a customizable and cost-effective tool. Nagios has features such as event handling, alerting and reporting. The fact that it is open source means that you can get support from the people already using it. So as to use Nagios, however, you will have to go through the setup phase, which is usually challenging because of the tool’s complexity. When you are through with the setup, Nagios gives you access to tools for monitoring the performance of the server, correct errors and report any issues. You have the option of either using Nagios Core, which is free but is limited in its monitoring capacity. Nagios Core is at the application’s foundation and features a primary web user interface. With Nagios Core, you can implement plugins that help you monitor services, metrics, and applications. You can also include extensions for load distribution, data visualization, and MySQL database among others. The alternative is the commercial Nagios XI that possesses more features. In case you have the time and interest to configure your custom dashboards and would like to master everything that Nagios offers, you will find that it is one of the best options.

In case you would like to try Nagios without first installing and configuring it, you can get Nagios XI’s free version. This is because Nagios XI is already configured Nagios Core at its foundation. Moreover, Nagios XI is developed by a corporation that offers not only offers support but also extra features like advanced reporting as well as other extensions.

The cost-free Nagios XI is ideal for smaller networks and has the capability to monitor as many as seven nodes. After installing and setting up Nagios, open its web user interface and start setting up service and host groups. Then, give it some time to monitor the tools as well as running services. This gives you a clear picture regarding your system’s health.

Nagios gives you a centralized view of all the infrastructure that is being monitored. It also supports multi-user access. Nagios has a user community of at least one million people. It has selective access that allows clients only to view the infrastructure that concerns them. Finally, the tool has an extendable architecture.

3) Ganglia

Ganglia is open source and is mainly designed for high-performance systems. Ganglia possesses a distributed architecture and is scalable. The distributed architecture means that the tool uses a hierarchical design intended to work with cluster federations. Ganglia implement technologies such as XML and XDR for data representation and data transport respectively. Ganglia developers use algorithms and data structures to ensure maximum efficiency. The problem with this approach is that it results in overheads for every node. Ganglia is robust and supports most processors and operating systems. Ganglia is widely used around the world, particularly in university settings. This is expected because Ganglia began its life as a project at the University of California at Berkeley.

Ganglia lets you create grids and clusters for enhanced organization. Clusters refer to groups of servers. As such, you can create a network made up of all the remote machines and then group the devices into smaller sets subject to other criteria.

Ganglia has a web interface that is optimized for mobile devices. You can also use this interface to export data in either JSON or CSV format. Some well-known companies that are inside and outside the IT world use Ganglia because of its ease of use, beautiful charts and statistics.

4) CollectD

CollectD gathers basic statistics on the performance of the system. The collected data is stored in a variety of formats like RRD, which Cacti can use in graphing the data. CollectD was developed using C++ and works with a variety of operating systems. CollectD also supports plugins for various other monitoring tools that you can connect with to extend the collected data beyond the basic system metrics. This can allow you to monitor memory as well as the CPU. Why would you want to use CollectD? Simply, CollectD will help you identify performance bottlenecks as well as allow you to monitor and predict system load as time passes. You can then use this information to create custom alerts.

One of the primary purposes of CollectD is in DevOps projects, where it acts as an industry standard open source collection agent. CollectD contains graphing tools such as Cacti, Graphite, and Grafana.

CollectD is modular and portable. Everything except the parsing of the config file works through plugins. As such, the central daemon lacks external dependencies enabling it to run on nearly anything that has POSIX. It works on Solaris, Linux, AIX, Mac OSX, NetBSD, FreeBSD, and OpenBSD. It is also supported on other UNIX flavors. Support for Microsoft Windows is through SSC Serv.

CollectD has high-resolution statistics. Compared to other alternative software, CollectD is written in C to ensure performance and portability. It is not a script. It is a daemon and, as such, stays in memory. This means that there isn’t any need to initialize a massive interpreter each time you need to log new values, giving CollectD a ten-second default resolution. The daemon runs on tiny WLAN routers that have minimal CPU effect. The outcome is a high-resolution graphics.

CollectD supports custom extensions, giving you enough choices when you want to extend its functionality. You can install C plugins, Java plugins, UNIX domain socket and Java MBean. It also supports Perl plugins, Python plugins and can execute binaries or scripts.

CollectD is built to scale, meaning that it can handle anything from a single host to several thousand hosts. This is accomplished by using resources as efficiently as possible, like merging the largest possible number of values to form a single network packet. Also, its multi-threaded layout lets you to simultaneously query plugins.

CollectD supports SNMP, which is widely used by various network equipment such as routers, switches, rack monitoring systems, UPSes and thermometers among others. Because the devices that are regularly queried via SNMP usually are embedded and use very minimal computing power, it is possible to specify the interval of data collection for each individual host. Moreover, because some time could elapse before a timeout occurs or for the device to respond to a request, CollectD queries hosts using many parallel threads.

CollectD can be integrated with other monitoring tools. This means that it is possible to notify the daemon, allowing for a basic check of the threshold. Remember, that CollectD isn’t a complete monitoring tool. It is possible to integrate CollectD to Nagios, a popular monitoring tool, and this enables you to monitor if particular values have been gathered and whether they are within the correct range.

Finally, CollectD comes with reasonable defaults. Its configuration is very simple. Other than specifying which modules to be loaded, you don’t have to configure any other thing. If you want to, you can customize CollectD to suit your preferences.

5) Microsoft Network Monitor

The Microsoft Network Monitor analyzes packets that give you the capability to analyze the traffic on the network. It is very adept when it comes to troubleshooting applications and problems on the network. One of the benefits of using this tool is that it has support for at least 300 proprietary protocols from Microsoft. It can also identify promiscuous mode traffic and can capture sessions simultaneously. After installing and opening the Microsoft Network Monitor, you should select the adapter that it should bind to and then select “New Capture” to start a new capture process. Inside that tab, you can go to “Capture Settings” if you intend to alter the adapter settings, filter options or global settings. When satisfied with the way things are set up, you should hit “Start” to initiate the packet capturing session. The Microsoft Network Monitor is handy, despite the fact that Microsoft has archived it and replaced it with the Message Analyzer. Network Monitor 3 was a result of a complete revolution of Network Monitor 2. In the beginning, Network Monitor versions were made available through other Microsoft products like the System Management Server. However, Microsoft decided to offer it as a fully functional product with public parsers as an open source.

Some of the important features of the Network Monitor include grouping based on network conversation, capture sessions that are simultaneous, real-time capture and display of frames, sniffing of promiscuous traffic and API that helps in capture and parsing. Also, you can use the tool to read lipscap capture files and reassemble fragmented data. The device also supports at least 300 Microsoft proprietary protocols.

6) OpenNMS

This is an open source tool that gives you the opportunity to automate the discovery of events and get the necessary notifications. It also measures the performance and has service assurance features. Another benefit of using OpenNMS is that there is a client app that you can install on your iPad, iPhone, and iPod for access on-the-go. This gives you the ability to view all alarms, nodes, and outages. After logging into the web interface, you can use the dashboard to see all the alerts, notifications and outages. If you want to, you can view more details using the status drop down menu. In the Reports section, you have the opportunity to create reports that you can either download in PDF or share via email.

With OpenNMS, you can create a network monitoring solution for any IT infrastructure. Besides, you can collect system metrics using WMI, NRPE, HTTP, XML, JSON, JDBC, XML HTTP, SNMP, and JMX.

OpenNMS is also great because it helps you discover topologies in the second layer of your network. Since it is built on an event-driven architecture, OpenNMS supports Grafana. OpenNMS is built with reporting in mind, and this means that you can view the report using a chart and a beautiful dashboard. OpenNMS can also be installed in Docker. Some of the key features of the platform include monitoring device temperature, power supply, and support for Solaris, Windows, and OSX despite being created for Linux. You can customize OpenNMS’s admin panel, and you can even get event notifications through XMPP, email, SMS and a few others. It includes support for IPv6 and IPv4. Its graphical node maps can show you the services and nodes that are experiencing outages using Google Maps, Open Street Map and Mapquest.

7) Zenoss Core

Zenoss is a robust monitoring tool that assesses servers, applications, networking, storage as well as virtualization. Zenoss is based on the Zope application and has a web interface that enables system administrators to observe the configuration, availability, and performance of the system. Zenoss Core is developed by Zenoss Inc., which also builds hybrid monitoring and analytics software. Zenoss is offered in either of three packages. You can either choose the free open source Zenoss Core, the proprietary Zenoss platform or the SaaS offering also referred to as Zenoss as a Service (ZaaS). It also shows you the server’s performance statistics. Not only does it have a complex notification system, but also a robust event handling system. After logging into Zenoss for the first time, you see a two-step wizard. You are required to create a user account and add the hosts and devices that you would like to monitor. You then go to the dashboard tab. Here, you can use the events and reports settings on the panel to configure Zenoss and receive reports on the activities that require your attention. Zenoss has a huge user base that mainly consists of financial institutions, government agencies, IT companies and retail companies. Zenoss Core is a combination of some open source projects as well as original programming. These technologies are combined in a way that integrates data collection and storage through a browser-based user interface. Examples of the open source platforms on which Zenoss is built on include Python, RRDtool, Twisted, Docker, Lucene, MySQL, Net-SMNP and Zope.

You can use Zenoss to monitor network services, host resources, network device availability and also time-series performance. Zenoss also has event management tools that help annotate system alerts. It can also be used to extend monitoring on Microsoft Windows using open source extensions and WS-Management. Different Zenoss versions support a variety of operating systems ranging from CentOS, Red Hat Enterprise Linux and Ubuntu.

You can use ZenPacks to get access to various plugins, which can help you extend the functionality of Zenoss. However, it is up to the plugin authors to specify how the want their ZenPacks licensed. Usually, ZenPacks are encapsulated in Python eggs through which they offer the necessary instrumentation for each component. At the moment, there are at least four hundred ZenPacks created for the various Zenoss versions.

8) Icinga 2

The Icinga monitoring framework lets you monitor all the systems currently on your network and alerts you if something goes wrong. Icinga also has a database that it uses for SLA reporting. In its early days in 2009, Icinga began as Nagios Fork. Later on, it was freed from the constraints of just being a fork and replaced by Icinga 2, which is easy to scale, configure and is a lot faster. Icinga 2 is an open source server monitoring tool that is based on Linux. It checks the availability of network resources and alerts the users whenever something important happens. Apart from business intelligence data that you can use for detailed analysis, Icinga 2 has a powerful command line interface. After installing and launching Icinga’s web user interface, it asks you for credentials. After you are authenticated, you can use the navigation menu towards the left to among other things, configure hosts, view reports, the dashboard and see an events history. With Icinga 2, you can monitor host and network services as well as server components. It also supports event handlers and notifications. Icinga also supports a variety of operating systems. It also allows you to select between two user interfaces: the Icinga web user interface or the classic user interface.

9) Zabbix

Zabbix is one of the best open source enterprise software created to monitor everything. It can tell you whether a server is available or not, and if the server is available, it shows you how it is performing. It also monitors databases, web applications and network equipment. Thousands of companies use Zabbix around the world, and notable examples are Salesforce, Dell, Orange, and ICANN. Zabbix uses a server agent system. Typically, you install Zabbix agent on the server, and this allows the server to be monitored by the Zabbix server. Nonetheless, it is not a must that you install an agent for services such as HTTP, FTP, SSH and DNS among others.

Moreover, you can install Zabbix on AIX, Mac OSX, OpenBSD, FreeBSD, Solaris, and Linux. Besides, this tool supports SNMP, and this ensures that you get improved reporting. Zabbix allows you to monitor Java application servers directly using JMX. Zabbix’s front end self-protects the tool from brute force attacks. Zabbix also integrates with other tools such as cfengine, bcfg2, Puppet, and Chef. You can tailor your checks using scripts developed in some languages such as Python, PHP, shell, Ruby, and Java. Moreover, it allows you to monitor your virtual machines such as vSpehere, VMWare, and vCenter.

10) Cacti

Cacti is a network monitoring tool that can be either installed on the Windows and Linux operating system. Cacti is linked to the RRDTool, allowing you to generate graphs based on data from your network. Cacti uses SNMP and displays the network statistics using charts that are easy to understand. Please note that to work, Cacti requires Apache, MySQL or any IIS that supports PHP. With Cacti, you get unlimited graph items that you can use for each graph using the data derived from Cacti or CDEF. Cacti also supports the Round-Robin Database files which have more than a single source of data. You also can use an RRD file stored on the local machine. The tools also automatically pad graphs and offer user-based management and security. Finally, you can add custom scripts that help you gather data. Also, you can manipulate graph data through CDEF arithmetic functions that are within the RRDTool. Cacti also have data collection capability that gives users the opportunity to create their scripts for data gathering. Each script may have arguments that are specific for each source of data that uses the script. Data retrieval can be done using SNMP or any other script with an index.

Cacti has chart templates that enable you to group simple graphs. You can template every field for an exemplary graph for each graph. With data source models, you can group common data source types. In displaying the figures, you can choose between a tree view, which lets you create graph hierarchies placing graphs on the tree. This is important because it helps you manage many graphs. You can also use the list view, where graph titles are listed on a large list which the user can click to open a chart.

Another great feature that Cacti has is when it comes to user management. This allows system administrators to give different authorizations through Cacti. You could state which user has the authorization to view which graph and this makes Cacti ideal for cases where people with different permissions are in various locations. Moreover, each user can specify their settings for how they prefer their graphs displayed.


MONIT helps in the management as well as monitoring of programs, files, processes, filesystems, and directories. MONIT is more than a server-monitoring tool. It will try to resolve any issues as they arise by following a pre-defined course of action for specific situations. For example, if MONIT notices that Apache is using so many resources, it will try to restart the HTTP daemon to handle the issue. MONIT can also start processes that should be running but aren’t and can even stop operations if they use a lot of resources. MONIT is managed by control file that is easily configured, based on a syntax that is token-oriented and free-format. MONIT can either log to its log files or Syslog and can notify you of any errors. You can customize these alerts. Also, you can use this tool to perform some protocol checks, network checks. You can even use SSL when conducting these tests. You can access the MONIT program through a web browser interface. You can quickly deploy MONIT, and even its official site says that you can have the tool running in as little as fifteen minutes, which is true. Moreover, MONIT does not just monitor services. It can also be configured to monitor directories, file systems, and files. MONIT helps you monitor daemon processes on the localhost and is very good at monitoring processes started at boot time such as sshd, Sendmail, MySQL, and Apache. MONIT can also monitor network connections to several servers that are either remote or on the localhost. It supports UDP, TCP and Unix Domain Sockets. You can perform system tests at the protocol level, and you will be happy to learn that MONIT has inbuilt tests for the popular protocols such as SMTP and HTTP. If a protocol you are using is not supported, it is possible to check the server still because MONIT can be configured to send any form of data and see what the server’s response will be.

You can also use MONIT to test scripts and programs at particular times. You can also check a program’s exit value. In case the exit value indicates an error, then you can use the tool to perform a particular action. In other words, you can use MONIT to carry out any check that you can write a script. You can also use MONIT to check how resources such as memory, CPU usage, and system load are being used on the system.

12) Prometheus

Prometheus is an open source server monitoring tool that has some important features. First, it gives you access to a powerful query language. This allows you to study in detail the collected time series data. With this data, you can then create tables, graphs, and alerts.

Another one of Prometheus’s key features is efficient storage. Prometheus stores data in the form of time series within memory as well as the local disk in an effective format. Its storage capacity is also scaled through federation and sharing.

With Prometheus, you receive precise alerts, which are based on the tool’s powerful query language. It also supports dimensional information and its alert manager helps control silencing and notification. The tool supports many integrations that give it access to third-party data. For example, you may install StatsD, Docker, JMX, and HAProxy. The data model used by Prometheus is incredibly dimensional, and it identifies time series using a metric name as well as key-value pairs. Data can be displayed using visualizations as Prometheus features an inbuilt Grafana integration, expression browser as well as a console template language. Prometheus also monitors each server independently to ensure reliability and only depends on local storage. Prometheus is written in Go, meaning that every binary is linked statically and is easy to deploy.

Prometheus also supports at least ten languages and allows you to create a custom library that is easy to implement. These libraries allow for an easy instrumentation of the services. While Borgmon is internally used in Google, people can now get access to time series data to generate alerts by using Prometheus.

Finally, Prometheus has a large user community and some of the big companies that use it include Sound Cloud, Argus, Show Max, Digital Ocean, Core OS, Weave Works, Kumina, Giant Swarm and Maven Securities among others.

13) Centreon

Centreon decreases IT service disruptions through automation. This ensures that IT services are always running and that businesses using this tool never have any downtime. Centreon reduces costs and losses caused by IT outages. With a better quality of services, it ensures that there is improved user experience and productivity because the business is always operational. Centreon simplifies the communication that takes place between the business and IT. For example, it gives all the respective parties access to real-time monitoring. It also consolidates data for analysis, which forms the basis for improvement. Centreon helps IT teams to be more proactive by reducing response times to problems, which may lead to service degradations. It also gives very informative alerts that help in troubleshooting server problems and applying corrective actions.

Centreon is trusted by many large enterprises notable of which include Airbus, Euler Hermes, La Poste, Alliance Healthcare, Addax Petroleum, Zeiss and Stadefrance among others.

Centreon comes in three options. You can either use the open source Centreon open source monitoring tool, the Centreon IMP that is proprietary and requires an online subscription or the Centreon EMS which is a comprehensive modular monitoring solution that supports several sites.

Centreon has a vast and vibrant community of more than 20,000 active members on its forum and GitHub. It also has at least 200,000 users, and this number is always rising. At the moment, there are at least 30,000 instances of Centreon already running. Centreon also appeals to open source enthusiasts to join its community and push its capabilities even further.

14) Selenium

Traditional server load testing tools like JMeter and Load Runner use a basic design pattern that recreates huge volumes of web traffic. A multi-threaded program opens TCP sockets and places HTTP requests on them. This makes it possible to simulate the required HTTP traffic without having to run web browsers. It is possible to simulate approximately 500 virtual users using a single Pentium 4 computer with 1GB RAM. If you were to execute real browsers in parallel on the same tools, you could only simulate around six browsers. This is what has made the process of recreating HTTP traffic through multi-threaded processes popular for the last two decades.

While the HTTP approach is popular today, other alternative methods help stimulate large amounts of traffic. This process involves running several headless browsers in parallel so as to recreate the necessary web browser traffic to load test the server.

What does a headless browser mean? A headless browser is a browser that is fully-functional, and that has the necessary APIs that help it communicate with the web server. However, these browsers lack the user interface. There are several headless browsers such as PhantomJS and HTMLUNIT. These browsers can be driven programmatically to interact with the server in a similar way that an actual browser would. Even without the user interface, these browsers are very useful because they send requests to the web server so as to determine the results for screen capture, page automation, and network monitoring.

Selenium is an automatic testing tool capable of stimulating the actions of the user through web browsers like Internet Explorer and Firefox. You can also use Selenium to simulate actions against HTMLUNIT. The CPU and memory usage of HTMLUNIT is far less compared to traditional browsers, meaning that you could have several threads of HTMLUNIT browsers driven by Selenium on one computer, which helps in load testing a server. A 1GB RAM Pentium 4 computer can drive around 25 headless browsers. By just using 25 such computers, you can simulate 500 virtual users. This is what makes this technique viable for most load testing projects.

You need a multi-threaded Java framework to run several instances of Selenium. In this case, you can either use The Grinder or Jmeter, which are both open source frameworks meant for load testing. It is important to mention that the headless browser approach is not sufficient for simulating large traffic volumes. You should consider using the headless browser technique in case you find it difficult to recreate traffic through HTTP drivers. However, the headless browser method is ideal when dealing with web pages that use URL-rewriting to handle sessions or in cases where accurate traffic simulation is needed. Moreover, the headless browser technique will help you recreate network traffic that is close to the actual browser traffic.

15) Dot Net Nuke

Dot Net Nuke (DNN), is an online application framework that comes with its CMS. It is open source and developed by Microsoft and is written using VB.NET and ASP.NET. Moreover, you can customize the content management system based on your requirements. DNN is usually employed in the creation, distribution as well as management of websites. It can also help in the administration of intranets and extranets and can be modified through skins and modules.

Features of DNN

DNN’s installation is straightforward and you can do it very quickly as long as you have downloaded it. Some hosting service providers offer DNN pre-installed on the hosting package.

DNN’s designed with ease of use in mind. Its user interface makes it easier for designers, administrators and web developers to manage things that at times can be extremely difficult.

DNN gives you the power to manage numerous websites at the same time as soon as you have installed it. You will never experience any problem maintaining many websites at the same time.

Out of the box, DNN has excellent tools which allow you to manage things effectively. These tools give you the power to administer the web design, site hosting, content, and security.

Also, DNN has multi-lingual support, allowing people to translate the websites into their preferred languages.

DNN users are advantaged because they get to utilize technologies like Windows Server, ASP.NET, SQL Server, IIS, and Visual Studio.

How to Install DNN on a Windows Dedicated Server

The first step is to download the MSI installer for DNN from the official site and onto the Windows Dedicated Server. Then, make an MSSQL Database and ensures that it has a name and a password. This will be simpler if you already have a Plesk CPanel on the Windows Dedicated Server. Next, upload the DNN folder into the HTTP docs folder. This should be in the domain name where you would like to install DNN. Remember to first extract the compressed file on your computer. Then, set up the HTTP docs folder so that “Modify Permissions” is enabled. Also, ensure that IUSR_ & IWAM_ users have “Modify Permissions” enabled. You can do this using the File Manager in Plesk’s CPanel, in case you have it.

DNN can also be installed in the subfolder of your domain name, and this will require you to specify that it is an Application Directory. You need to open Web Directories inside Plesk and create a new Virtual Directory Option. On successfully accomplishing these steps, visit Then, initialize the DNN installation wizard.

The DNN Installation Wizard

The Welcome Page

This page displays the welcome message as soon as you login into DNN’s installation wizard. When prompted to choose the installation method, choose “custom.” You can also choose the language. In our case, select English.

File Permissions

DNN has many capabilities for uploading skins, modules and other forms of content. It is important to note that you should set customized security settings for each of these features. This is because the application should be set up in such a way that it can create and delete files on the website. You need to check the existing file permissions to ensure that the features work as required.

Configuring the Database Connection

The next step is setting the database that DNN will use. If you are using the SQL Server 2005, you have two options. The use of database files is supported by SQL Server 2005. As such, go for the database choice. Remember that in case you are using SQL Server 2005 Express Edition, you’ll have to select the File option. Next, choose either SQL Server 2000 or SQL Server 2005. Then, enter the correct database credentials and uncheck the Integrated Security option.

Configuring the Host User

Next, you should provide either the superuser account or host details. Please ensure that your username and password for this user are secure. Remember that the superuser has the authority to access every portal on the site. Your username and password must be difficult to crack.

Installing Optional Modules

DNN is very extensible and allows you to install modules if you need to.

Establishing Authentication Services

Here, you have the opportunity to select the system that you want to install. Note that DNN supports several services so long as they are authenticated.

Installing Optional Skins and Containers

DNN has a great skinning capacity, and at this point, you can select your containers and skins of choice.

Installing Language Packs

DNN supports several languages and gives you the option to choose your preferred language.

The Portal’s Title

This is where you configure the portal. You should create an administrator user account at this point. The administrator can access every portal and use them as he/she sees fit. This is why you should provide a secure username and password to protect it against unauthorized users.

You have now successfully installed DNN.

16. SNMP

A great server monitoring system sounds an alarm when there is a problem and also offers the analytical tools that help you realize your goals. There are several standard protocols used for monitoring purposes. These include ICMP, SNMP, and WMI. The most commonly used protocol is SNMP. It uses a standard community string to assess devices. In case the string is matched, you receive useful information about the health of your server and other devices in the network.


SNMP stands for Simple Network Management Protocol. It is a standard protocol used in monitoring servers within an IP network. SNTP services apply to other devices including routers, printers, switches, and others. SNTP is widely used for network management. The tool monitors every device attached to the system and notifies the administrator if there is anything that requires their attention. Some of the standard features of SNMP include an application layer protocol, schema and a set of data objects for proper management of the entire network.

How SNMP Works

On a managed system (which is the system configuration), control data is represented as variables. After exposure, the management data gets queried and sometimes is set by the managing applications. Typically, the central computers, which may be more than one, allows managers to monitor several devices on the network. Each management system runs a software component known as an agent at all times. This agent is responsible for transmitting critical information to the network manager via SNMP.

Why You Should Use SNMP for Server Monitoring

SNMP is a great tool for server monitoring. For starters, SNMP sends information that is easy to understand to the network administrator. This helps ensure the proper management of several devices using network management tools. A single interface is sufficient for device management using SNMP. The protocol has an optimal and efficient device management system, which ensures that there is seamless communication between management stations and agents developed by different vendors.

SNMP has a comprehensive network analyzer. This is an important tool that SNMP uses to monitor the system and deliver timely reports. The analyzer has the task of viewing and managing statistics from devices that are SNMP compliant. SNMP also does network interface mapping, checks the RAM space and provides a backend support system. SNMP does an extensive and all-inclusive set of server controls. The protocol continuously monitors and displays the status of various devices. This ensures that you get the best performance from your server by making sure that it runs smoothly.

SNMP server monitoring uses several tools to give you perfect information regarding network bottlenecks. The whole tracking system is based on performance reports from devices, meaning that you can always depend on SNMP to work when it comes to server monitoring.

17) Server Density

Server Density has a browser-based user interface that lets you set alerts and see charts for just about every network and system metric. Server Density also allows you to monitor whether servers are up or down. This tool lets you set permissions for your users, allowing you to expand the monitoring capability through its API and plugins. Currently, Server Density supports Nagios plugins.

Server Density believes that server monitoring tools should not be reactive. As such, it increases uptime by identifying negative trends in the data. It also helps system administrators in the creation and customization of several reports with different layouts, widgets, and metrics. Server Density offers you a complete view of your infrastructure through a dashboard that gives you full control over every parameter. You can also create graphs for every default and custom device.

Out-of-the-box, Server Density supports Linux, Mac OSX, and FreeBSD. It has over fifty integrations to tools such as Nginx, Jenkins, MongoDB, and Haproxy among others.

18) SysUsage

SysUsage continuously monitors the system through system commands such as “Sar.” It also allows you to get notification alarms whenever a threshold is reached. You can run SysUsage from a central location where all the gathered statistics are stored. You can use the tool’s browser-based user interface to see all the stats.

SysUsage grabs all system activities using Sar and system commands and lets you keep track of your server or computer activities. It is perfect when it comes to performance analysis as well as resource management. By default, SysUsage monitors everything one needs to know on the server. Since it is written in Perl, it works on every UNIX-like platform. SysUsage does not require any database system like PostreSQL or MySQL. Another benefit is that you can embed your plugins regardless of the programming language used to write them. The tool is designed with simplicity in mind.

19) Brainypdm

In addition to being a monitoring tool, Brainypdm is also a data management tool. You can use Brainypdm to collect data from Nagios or other generic sources, which it uses to generate graphs. Brainypdm supports custom charts, has a web user interface and is cross-platform.

Brainypdm is web based, can support several database management systems, can generate custom charts and has a plugin that helps in the analysis of the collected performance data. Besides, it is cross platform and can automatically generate graphs.

20) PCP

PCP stands for “Performance Co-Pilot.” It is distributed, meaning that it can gather metrics from several hosts as well as several operating systems. Moreover, PCP already includes everything you need to use for in the major distributions such as Debian, Fedora, RHEL, Gentoo, and Ubuntu. PCP analyzes the system’s performance in real-time or using historical data. It also allows you to compare the performance metrics at different intervals and between the various hosts. It then looks at the trends and identifies any abnormalities. PCP is extensible, meaning that you can quickly increase the metrics it collects. PCP also contains other libraries and APIs that extract data and use performance metrics from their applications.

PCP is very efficient when it comes to gathering metrics from several hosts. Through its plugin framework, you can configure PCP so that it collects specific metrics that are important to you. You can also access graph data through its graphical user interface or its web interface. PCP is ideal for monitoring large systems.

21) KDE System Guard

The KDE System Guard is also known as KSysGuard or KDE System Monitor. It is designed to make the control of simple processes available to a user without the need for any advanced setup. In most cases, the default settings usually suffice. KDE System Guard has two worksheets: one is the System Load Page, and the other is the process table. The System Load page shows Memory, CPU History, Network History and Swap History. The Process Table lists all running processes in alphabetical order. You can make any column the sort column by clicking on the column header.

In addition to being a system monitor, KDE System Guard is also a task manager. It allows you to view server metrics from many machines using a worksheet. If you identify a process that you want to be started or killed, you can easily accomplish that using this tool.

22) Nmon

Nmon collects and outputs system data on the monitor. If you wish, you can configure it to save the data to a comma-separated file. Some of the information you can display include memory, CPU, top processes, filesystems as well as the network. You can also save the data to an RRD database.

Nmon exists as a binary for every operating system be it SUSE, Fedora, Red Hat, Ubuntu or OpenSUSE. It is also a single binary for each platform, be it Mainframe, Power, ARM, x86_64 or x86. Installing Nmon is very easy, and what you need to do is just start the correct executable. If you are using Nmon from the terminal, you can see its performance data directly on the screen as it is updated every second.

After saving Nmon’s data, you have several options for analyzing and graphing the statistics. You can either use nmonchart or the nmon Analyzer for Excel spreadsheets.

23) Conky

Conky is a free light-weight monitoring tool that shows any information on the desktop. It comes inbuilt on Linux with Cairo and Imlib2 bindings, which helps in the arbitrary drawing with Lua. Conky can either display information as text, using simple progress bars and graph widgets. It also supports different fonts and colors.

Conky monitors a wide variety of operating system statistics such as uname, CPU usage, disk usage, uptime, memory usage, Top-like process statistics and network monitoring among others. Moreover, it supports POP3 and IMAP. It also supports a majority of the popular music players including Audacious, MPD, BMPx and XMMS2. Technically skilled individuals can extend Conky using their programs or scripts using Lua.

24) Glances

Glances was designed to be a Top/Htop alternative. It is cross-platform and can run on GNU/Linux, FreeBSD, Windows, Mac OS X, and Android. You can dynamically adapt the displayed information based on the size of the user interface. It also allows you to export stats to files or other external time/value databases. Glances is written in Python and uses libraries to collect information from the system. It is open source, hence allows developers to add new plugins and export modules.

Glances is designed to offer you the most information possible, using the least possible space. Glances can work in a client/server mode, or it can remotely monitor the system. Glances has a web interface and curses interface.

25) Saidar

Saidar is an application based on curses that displays system statistics. Some of the information it shows include processes, CPU, memory, load, network input/output, swap, and disk information (disk input/output and free space). Saidar uses the libstatgrab library.

Saidar is a very little application that gives basic information on system resources. Typically, it shows a full screen of the standard resources on the system. From the beginning, Saidar was designed to be as simple as possible to use.

26) RRDtool

RRDtool is open source and is an industry standard. It logs high-performance data and can be easily integrated into Perl, shell scripts, Ruby, Python, Lua and Tcl applications. RRdtool compiles on several UNIX and Linux platforms as well as Microsoft Windows.

RRDtool is an application developed to handle round-robin databases, which is abbreviated RRD. Round-robin databases are ideal for handling time-series data such as CPU temperature and load. What RRDtool does is that it provides a way to extract RRD data and display it graphically.

27) Linux Process Explorer

The Linux Process Explorer is a graphical process explorer designed for Linux. Some of the information it displays includes a process tree, TCP IP connections as well as graphical performance numbers for processes. This tool is designed to help advanced system administrators who want to analyze, at the process level, what is happening on a server. It also helps software developers to analyze the throughput of their processes regarding memory leaks, TCP throughput, and memory usage. The most complex feature of this tool is its monitoring of TCP/IP traffic figures. You can use the right mouse button in the process tree to monitor process details.

The Linux Process Explorer is similar to the Activity Monitor in OS X and the Microsoft Windows Task Manager. The objective of creating the Linux Process Explorer was to make it more usable than ps and Top. The Linux Process Explorer shows you each process as well as the amount of CPU and memory it uses. It displays a hierarchical process tree that shows the processes that are created and destroyed. You can quickly kill processes using a popup menu.

28) df

Df stands for “disk free.” It comes pre-installed on all UNIX systems. Its purpose is to show the amount of available disk space for filesystems that users can access.

29) Discus

Discus works similarly to df. Nonetheless, Discus is more beautiful than df because it supports graphs, colors as well as smart number formatting.

30) xosview

Xosview is a perfect monitoring tool. It is supported on IRIX, BSD, HP-UX, GNU, and Solaris. What it does is it gives you a simple overview of all parts, such as IRQ. You can customize its display. Xosview started its life as a fork. The most recent release was in December 2016, but you can also download previous versions. The authors believe that xosview is a mature platform and they only maintain it lightly.

31) Dstat

Dstat was created to replace iostat, vmstat, ifstat and netstat. It overcomes some of the limitations of its alternatives. It also has additional features, greater flexibility, and counters. Dstat is ideal for network monitoring systems especially when performance-tuning tests, troubleshoots and benchmarks are underway.

It gives you detailed information arranged in columns and shows the magnitudes and units of the displayed output. It thus helps reduce the confusion caused by so much data, meaning that the mistakes you would have made are also reduced. Dstat also makes it easy to write custom plugins for collecting your counters. Moreover, Dstat’s output is designed in such a way that humans can interpret it. You can also export the data to CSV files, which you can later import to Excel or Gnumeric to generate graphs.

It lets you view every system resource in real-time. For example, you can compare disk usage with interrupts from your IDE controller. You can also compare network bandwidth statistics with the disk throughput directly. You can export the data it collects into a CSV file. Also, Dstat lets you install plugins so that you can extend its functionality.

32) Net-SNMP

SNMP is an abbreviation for “simple network management protocol.” Net-SNMP helps you gather accurate server information. It is a command-line application that helps in the retrieval of information from SNMP-enabled devices either through single or multiple requests. It also allows for the manipulation of configuration information on SNMP devices as well as the conversion between textual and numerical forms of MIB OIDs. It has a MIB browser and a daemon application that receives SNMP notifications. It also has an agent that responds to SNMP queries. Net-SNMP contains a library that you can use to develop new SNMP programs using Perl and C APIs. Net-SNMP exists on many UNIX and UNIX-like OS as well as Windows. It’s important to note that the functionality varies based on the operating system.

33) Incron

Using Incron, you can monitor a directory tree and then make the necessary changes. For example, Incron can let you specify that you want to copy files to directory “B” as soon as new files appear on directory “A.”

34) Monitorix

Monitorix is a very simple monitoring tool. It is a lightweight and open source tool designed to monitor as many services and system resources as possible. It is written for use on UNIX and Linux servers. However, its simplicity means that it can also be used in embedded devices. It consists of two main parts: a collector known as Monitorix and a CGI script referred to as Monitorix CGI. Even though it was designed for Fedora, CentOS and Red Hat systems, today it runs on other Linux distributions as well as UNIX systems such as OpenBSD, NetBSD, and FreeBSD. Monitorix is currently being developed and new features added with the aim of creating a great tool that system administrators can use on a daily basis. You can even use Monitorix on one machine. Monitorix gives you a lot of information. It has an inbuilt HTTP server that lets you view charts. Monitorix also has a reporting mechanism for every metric.

35) Vmstat

The word vmstat stands for “virtual memory statistics.” Vmstat is a tiny inbuilt tool that monitors and shows a summary of the machine memory.

36) Uptime

Uptime is a small command that shows you the length of time that a machine has been running. It also informs you about the number of users who are logged on as well as the load average on the system for the past one minute, five minutes and fifteen minutes.

37) Mpstat

As an inbuilt tool, Mpstat monitors CPU utilization. One of the most common commands when using Mpstat is “mpstat –P ALL.” This shows you how all the cores are being used. You can also configure Mpstat so that it gives you an update of how the CPU is being used after a particular interval.

38) pmap

Pmap is also an inbuilt tool that reports a process’s memory map. Pmap is very useful in discovering the causes of bottlenecks in the memory.

39) ps

When you run the “ps” command, you will receive an overview of every current process. If you want to select all the processes, you can simply use the “ps –A” command.

40) sar

Sar is a member of the sysstat package. Sar helps you gather, report and save a variety of system metrics. Sar has different commands that tell it to give you the detailed usage of memory, CPU and input/output. It presents data on input/output and statistics on transfer rates, virtual memory, per-task memory, process creation activity, interrupt statistics, fiber channel traffic statistics, software-based network processing, NFS server and client activity, socket statistics, system and Linux task switching, TTY device operation, USB devices connected to the system, statistical data on power management, tape drives statistics as well as the utilization of filesystems. You can configure the amount of data history that you want to be stored. It also has smart color output to make the reading of statistics easier.

41) Collectl

Collectl is similar to sar in that it gathers performance metrics for the machine. It displays network, disk and CPU statistics by default. However, it is capable of a whole lot more. Collectl’s advantage over sar is that the former can handle times under one second. Collectl can be fed directly into a plotting tool. Besides, Collectl monitors processes more extensively.

Unlike other monitoring tools that concentrate on a small set of statistics and format their statistics using only one approach, Collectl tries to accomplish it all. You can configure it so that it monitors a broad set of subsystems including the CPU, inodes, lustre, the network, processes, slabs, TCP, sockets, quadrics, NFS, memory, InfiniBand, disk, and buddyinfo. You can display the information either briefly of in verbose. Collectl information can be saved in several log sets for later playback, or it can be displayed interactively in several formats. Your files can also be space-separated, and this helps in plotting with external packages such as GNU plot.

42) Iostat

Iostat is the other member of the sysstat package, and it is used for monitoring the input and output of the system. The reports generated by Iostat can be used to alter system configurations to achieve a better load balance between the hard drives of the machine.

43) Free

Free is an inbuilt command that tells you the total free space as well as the physically utilized memory on the device. Free also shows the buffers used by the kernel in real-time.

44) /Proc file system

The proc file system shows you most of the kernel statistics. These statistics can give you detailed information regarding the various hardware devices on the machine. The following is a list of the statistics you can get from the proc file system.

45) GKrellM

GKrellM is an application that has a graphical user interface. It monitors the state of hardware devices such as the main memory, the CPU, network interfaces and hard drives among other things. You can also set up GKrellM to monitor and initialize the mail reader of your choice.

46) Gnome System Monitor

This is a process viewer for GNOME that has a very user-friendly interface. It can conceal processes you do not want to see. It has the main features that are expected of a process viewer.

It’s a basic system monitoring software that evaluates process dependencies using a tree view. It generates charts based on all server metrics such as memory, CPU and Swap usage. Moreover, the Gnome System Monitor can kill and restart processes as required.

Log Monitoring Tools

1) GoAccess

GoAccess is a real-time analysis tool of weblogs. It analyzes the access log from Amazon Cloudfront, Nginx, and Apache. You can also output the data in CSV, HTML or JSON. GoAccess gives you general server statistics such as the number of 404 errors, top visitors, and geolocation among others.

GoAccess offers incremental log processing due to its data persistence feature and the use of the B+Tree database. GoAccess supports nearly every weblog format, with the predefined options being Nginx, Elastic Load Balancing, Apache, Amazon S3 and CloudFront among others. Since it is written in C, you only need ncurses as a dependency. It can monitor multiple virtual hosts, and can even show you which virtual host is consuming the most server resources. GoAccess also allows you to track an application’s response time, and this can be very useful when following pages that are slowing down your website. So as to use GoAccess, very minimal configuration is needed. For example, you can run the tool against your access log file, select the record format and allow the tool to parse the access log. You can also configure GoAccess to suit your color schemes. All these features give you a beautiful terminal dashboard and allow you to identify aggressive bots and hosts.

2) Logwatch

Logwatch is a customizable tool that helps in log analysis. Logwatch can parse through the logs to create a report that analyzes the areas you state. You can get daily reports with brief digests of the activities that occur on the machine.

3) Swatch

Swatch, just like Logwatch also monitors logs. It monitors the log files generated by the Syslog facility in UNIX. However, rather than giving reports, it watches for irregularities and then sends you an email when something goes wrong. Swatch is ideal for detecting intruders. Today, Swatch is referred to as Simple Log Watcher, and a Swiss watch manufacturer requested the name change.

4) MultiTail

The key feature of MultiTail is that it lets you check log files and command output through more than one window. You can also combine two or more such log files into one. Another great feature of MultiTail is that it displays colored log files, making them easier to read.

Multitail can also monitor wildcards, and if there is another file that matches the wildcard but is of a more recent date, it automatically switches to that file. This allows you to monitor a complete directory of records. Multitail has interactive menus that you can use to edit, delete and add windows. It is also possible to have windows with shell script output. When looking at the output of external software, Multitail can imitate the functionality of tools like “watch.” The development of Multitail was inspired by wtail, which was developed by Andre Mojorel.

Network Monitoring

1) psacct or acct

GNU Acct means “GNU Accounting” utilities. It offers login and process accounting capabilities for GNU/Linux as well as other systems. The accounting utilities provide system administrators with useful information about the use of system resources. It also gives information about users such as the total time they were connected, the executed programs, and their location among others. It supports some accounting file formats used on Linux.

Psacct and acct are the same software. The difference is in whether you use yum or apt-get to download and install it. Acct lets you monitor every command executed by a user within the system, such as memory time and CPU. After successfully installing Acct, you can use the “sa” command to get a summary.

2) Whowatch

Whowatch is a users’ and process monitoring tool that is based on ncurses. It is interactive and updates its information in real-time. It is written in the C programming language.

Whowatch works similarly to Acct. It monitors all the system users. It also lets you see the commands and processes that they are using in real time. Whowatch shows a tree structure for every process, showing you exactly what is happening.

3) Strace

Strace is a tool that helps in diagnosing, debugging and monitoring process interactions on Linux. It is mostly used to monitor and tamper with the interactions that take place between the Linux kernel and the processes running in the user space. Examples of userspace processes include signal deliveries, system calls, and changes in the state of individual processes. Strace’s functionality is possible because of ptrace, which is a kernel feature. Most network administrators use Strace to print all the system calls made by the application. This is important, especially when the program fails to behave as expected.

4) DTrace

DTrace means “Dynamic Tracing.” Think of DTrace as Strace’s big brother. It is a tool used for performance analysis and troubleshooting. It typically comes pre-installed in some operating systems such as FreeBSD, Solaris, and Mac OS X. Dtrace monitors all software, including databases, applications, and web servers. It also monitors device drivers and operating system kernels. It can dynamically patch every live instruction that is running using instrumentation code. As such, it is possible to perform an in-depth analysis as well as to troubleshoot. DTrace is best suited for the people who are passionate about learning because there is a 1,200-page book on the topic. DTrace provides a language known as D that you can use to write scripts for DTrace as well as one-liners. D resembles C and Awk and gives you a powerful way to filter and summarize kernel data before passing it to the user.

5) Webmin

Webmin is a system administration tool that is based on the internet. It eliminates the need for manual configuration of UNIX files and allows you to monitor the system remotely if possible. There are some monitoring modules that you can attach to Webmin. With any modern web browser, you can create user accounts, DNS, Apache and file sharing among others. With Webmin, you don’t need to modify configuration files for UNIX manually. Rather, it lets you manage the system remotely or through a console.

6) Stat

Stat is an inbuilt tool that helps display information stored in files and file systems. Some of the information it outputs is the files that were edited, and the time they were accessed and modified.

7) Ifconfig

Ifconfig is an inbuilt tool that helps configure network interfaces. Most network monitoring tools work behind the scenes and use ifconfig to monitor and capture promiscuous mode packets. If you wish, you can make the change using the command “ifconfig eth0 promisc”. Then, to return to the normal mode, use the “ifconfig eth0 –promisc”.

8) Ulimit

Ulimit stands for “user limits, ” and it limits the way resources are used across the system. It gives the system administrator control over the resources that are available on the shell as well as the processes that are initialized by it. The soft limit refers to the value enforced by the kernel for corresponding resources. The hard limit, on the other hand, refers to the ceiling of the elastic limit. Ulimit is inbuilt and checks system resources. It stores the boundaries of the different devices to ensure that none of them surpass their limits. You could, for example, make a fork bomb so long as you have correctly configured ulimit.

9) Cpulimit

Cpulimit is a small tool that checks and limits the CPU utilization by a process. Cpulimit is very handy when you want to prevent batch jobs from consuming too many CPU cycles.

10) Ishw

Ishw is a small inbuilt application that extracts detailed information concerning how the hardware of the machine is configured. It gives a lot of information, including the version of the CPU as well as the speed to mainboard configuration.

11) W

Some of the information that W can give you includes the users who are currently using the machines alongside their processes. W is an inbuilt tool, hence no need to download anything.

12) Isof

Like W and Ishw, Isof is an inbuilt tool. However, it gives you a list of every open file and network connection. You can then narrow this information to files opened by processes, filtering by the name of the process or specific users. With this information, you can kill the processes belonging to a certain user.

13) Observium

Observium is a network monitoring tool that implements auto-discovery. It also supports a broad range of operating systems and hardware platforms. What Observium tries to do with its user interface is to combine beauty and power with simplicity and intuitiveness.

14) Nload

Nload is a command line tool that checks the throughput of the network. What Nload is particularly good at is visualizing traffic that is incoming and outgoing, by displaying a pair of graphs as well as additional information, like the total amount of data that has been transferred. You can use the following commands to install Nload: “sudo apt-get install nload” or “yum install nload.”

15) SmokePing

SmokePing monitors the latencies of the network and displays them graphically. Many plugins measure latency specifically created for SmokePing. In case you’d like to use SmokePing through a graphical user interface, then you’ll be happy to know that its developers are working hard to make it available.

16) MobaXterm

In case you use the Windows environment on a regular basis, you may feel disadvantaged using the terminal offered by Windows. You will appreciate the fact that MobaXterm gives you access to majority of the terminal commands that are common to Linux. This will go a long way in addressing your monitoring needs.

17) Shinken monitoring

We can describe Shinken as a rewrite of Nagios in Python. It is a monitoring tool that aims to enhance the flexibility as well as the management of a robust environment. The best thing is that it gives you access to all configurations and plugins meant for Nagios.

Security Monitoring Tools

1) Anturis

Anturis is a software as a service (SaaS) monitoring tool that is based on the cloud. It can be used for either the external monitoring of web services as well as the internal assessment of IT devices, like applications and servers. Anturis is developed by experienced software engineers, who in the past have worked for top IT companies like Kaspersky Lab, Atempo, and Parallels. To use Anturis, you can either choose from its free plan or pay a monthly fee of $9.50 for additional features.

2) AppDynamics

AppDynamics delivers all that a new system administrator wants in a performance management and monitoring solution. AppDynamics makes it simple to manage complex, business-dependent applications. Some of the companies that use AppDynamics include AMICA Insurance, StubHub, Cornell University and Insight Technologies. You can test AppDynamics to see if it works for you by taking advantage of its 14-day free trial. If you like it, you will start paying $230 every month.

3) AppNeta

AppNeta gives you comprehensive monitoring of the end-user, application insights throughout the stack and an all-around network performance insight. This assures a first-class end-user experience as well a seamless offering of software that the business needs. AppNeta is currently serving thousands of clients globally, offering them an inexpensive, easy to use performance management service. In fact, AppNeta is one of the first few companies that is bridging the chasm between networks and applications with the businesses that manage them. AppNeta offers you a free plan. For more features, you can use their $79 a month option.

4) BigPanda

As a software as a service (SaaS) platform, BigPanda simplifies network troubleshooting, particularly in complex web environments. This tool can help you manage the likely overwhelming alerts and data. It also gives you a graphical presentation of complex dependencies. Whenever things go wrong, you can use BigPanda to identify the cause and take the necessary action. You can either use the free version of BigPanda or pay $1,500 per month to access more features.

5) Boundary

Boundary offers program aware performance monitoring infrastructure. It comes out-of-the-box with current defaults. Moreover, Boundary is multi-lingual and supports some infrastructures. Boundary can be installed on every virtual machine, where it can gather massive amounts of information and combine data from other sources and contextualize it. So as to use Boundary, you need to pay a monthly fee of $12.25. However, you can use its free trial for fourteen days.

6) CopperEgg

CopperEgg offers website and server monitoring for cloud infrastructure. CopperEgg outputs unified, simple and smart insight into websites, services, web applications and servers. It helps in troubleshooting issues related to performance optimization all on a single screen. The CopperEgg dashboard gets updated every couple of seconds and shows the details that reveal information that was previously concealed. CopperEgg helps you handle issues before they get out of control. CopperEgg gives you a free trial after which you can pay a monthly fee of $70.

7) Datadog

As a monitoring service, Datadog combines server metrics and events, applications, tools, services and databases. It shows all this information on a unified interface. As a SaaS-based data analytics platform, Datadog enables development and operations teams to work collaboratively on infrastructure, while preventing downtime. They can also correct performance problems to ensure that both development and deployment are complete on time. With Datadog, you have the option to use it free, but if you want additional features, you have to pay $15 per month.

8) Dynatrace

One of the leading innovators in the applications performance management is Dynatrace. Dynatrace gives you the only continuous performance management system in the industry. Dynatrace approaches its task proactively, meaning that problems are reduced by over 90%. This is very beneficial for companies that want to resolve performance issues. Another benefit of Dynatrace is that you can use its free trial for thirty days, before you are required to pay for it.

9) Gears5

Some of the things that Gears5 measures include the speed and load time of your website by actual users. As such, you can use the data collected from your users’ browsers to measure and improve your site’s performance. Gears5 offers both a free plan and a paid plan of $15.91 per month.

10) Instrumental

Instrumental measures performance metrics on a very high scale. In fact, it measures around 500,000 metrics every second. You can test out its power using the free trial that lasts thirty days. If you are impressed, you will have to pay $15 per month after the free trial expires.

11) LogicMonitor

LogicMonitor is a SaaS-based data center that monitors the virtual, physical and other infrastructure found in the cloud. Some of the information the software outputs includes historical trending, performance monitoring, email and reports. This helps to warn IT personnel of problems that could lead to business interruptions. You don’t need to configure much with LogicMonitor because it comes out-of-the-box preconfigured with defaults that work for most companies. These defaults are on routers, load balancers, applications, VoIP systems, switches, firewalls, servers, databases and storage. You can test LogicMonitor by using its free trial for fourteen days and if you are happy, can continue paying a monthly fee of $249.

12) New Relic

New Relic is a SaaS analytics platform that helps in the management of application performance and monitoring of real users. It monitors web applications that are implemented in Java, PHP, Ruby, .NET, Node.js and Python. This tool also offers a mobile monitoring solution for both Android and iOS applications. You can either use the free version of New Relic, or access extra features which you have to pay $149 per month for.

13) Oracle Application Performance Monitoring Cloud Service gives the operations and development teams the information required to identify system problems and solve them quickly. Every information that pertains to your end-user application performance is then collected and stored in Oracle’s big data platform. You can check out this tool’s functionality using its free trial and if happy, can start paying a monthly fee of $250.

14) Panopta

Panopta is revolutionizing the manner in which businesses monitor their networks, applications and servers. The emergence and growth of hybrid infrastructure places a lot of pressure on operations teams, increasing both costs and delays in diagnostics. Panopta centralizes public and private alerting, monitoring and reporting. It doesn’t matter whether you use a public or private cloud or infrastructure on your premises. Panopta shows you all the information at one place. You can use the free trial to check if Panopta works for you. If it does, then you will start paying $49 per month.

15) Scoutapp

Scoutapp displays flexible graphs that you can generate in at most five minutes. It supports at least 60 monitoring plugins. In order to use Scoutapp, you don’t need to memorize configuration syntax, because you can do everything through its web user interface. You can take advantage of Scoutapp’s 30 day free trial after which you will be required to pay $10 for each server.

16) Sematext

Sema offers performance monitoring, log management, analytics, search analytics as well as a number of other tools related to search. Not only are Sematext’s products modular, but also scalable and available in the cloud. You can also use some of Sematext’s on-premise tools. Sematext gives you two options: a free plan and a $25 a month price if you like the tool.

17) Solarwinds

Products from Solarwinds are used by at least a million system administrators to manage networks with as little as ten to as many as tens of thousands of devices. Solarwinds’ products can be classified into performance and fault management, compliance and configuration and engineering tools. The company’s products are used by organizations throughout the planet. Solarwinds is headquartered in Austin, Texas; but its sales, R&D offices are located all over the world. You can test Solarwinds for 30 days free of charge, and if you are impressed, can start paying at least $2,000 per month.

18) Stackify

Stackify gives an innovative cloud-based platform to developers, operations and support managers. The platform helps them monitor as well as troubleshoot applications on the cloud. Businesses can use Stackify to detect and resolve application issues to ensure that their customers are satisfied. Stackify combines errors, logs, metrics and monitoring tools all in a single platform. You can check out Stackify through its free trial and then pay $15 per month if satisfied.

19) WhatsUpGold

WhatsUpGold gives you information about the performance of your IT infrastructure. You can use its active and passive performance monitoring capabilities to check the availability and performance of your servers, network and applications. WhatsUpGold offers you a free 30 day trial. If you want to continue using it, you will have to pay a monthly fee of $1,595.

20) Manageengine Opmanager

As one of the leading developers of IT management software, ManageEngine Opmanager lives up to the company’s reputation. It offers a robust network management framework at reasonable prices to businesses around the world. Manageengine has at least 45,000 clients around the globe. Three in every five Fortune 500 companies uses Manageengine products. You can enjoy its free 30 day trial version and then pay at least $2,000 per month henceforth.

21) is a real-time, innovative mobile analytics application. It gathers data from cell phones and uses it to evaluate the use of mobile applications as well as the behavior of end users. also visualizes the data that it collects. In order to use, you have to pay $125 per month. If you aren’t sure whether or not to use this product, check out its free trial.

22) Bluestripe

What Bluestripe specializes in is transaction performance management. The company’s primary product known as FactFinder is the first ever management tool that monitors transactions and applications together with the infrastructure at its foundation. This is very important when identifying when transactions get stuck and the reason for them getting stuck. There is no indication of price on Bluestripe’s website, meaning that to know what you’ll pay, you have to contact them.

23) CA Technologies

CA Technologies designs, develops, markets, licenses, and supports IT management software that are compatible with several operating systems as well as hardware platforms. The company’s product suite addresses customer needs for distributed and mainframe environments. Also, the products help with IT security, governance and management. CA Technologies focuses on a number of areas such as the management of infrastructure, project, portfolio, security, application performance and service management. It also offers automation and virtualization capabilities for data centers. In order to find out their charges, contact the company.

24) Riverbed

Riverbed creates enterprise solutions to the underlying problems linked to the performance of information technology in wide area networks. To find out their prices, please contact their sales representatives. Riverbed is application-aware and this helps in hastening troubleshooting, proactively monitoring the system and ensuring an optimized system performance. Riverbed has one view for all components. It gives real-time information and time series data trends.