We spend a large proportion of our lives debugging issues. Sometimes we just need an answer to a very simple question but getting that answer is a real struggle and can be time-consuming. On occassions I’ve seen a complicated 3rd party piece of technology thrown at the problem but often in these sorts of scenarios, linux already has you covered. Many of these command-line utilties either already come with a standard linux distribution or are one line away from an install from your specific distro’s preferred package manager. Here’s a list of command-line tools I think all developers should know how to use to answer simple questions.\n\n### **ps**\n\nFor answering the question:\n\n> What’s running on my machine and what process ID does it have?\n\nThere are many useful flags you can append to the command such as:\n\nps -ef\n\nTo list all processes in unix format OR:\n\nps -aux \n\nTo list all processes in BSD format.\n\nYou can then grep this list to find the PID of the desired application, for example trying to find the PID of a running tomcat:\n\nps -ef | grep tomcat\n\nHere’s some example output:\n\nandy@desktop:~$ ps -ef | grep tomcat \nandy 19822 1590 99 14:08 pts/1 00:00:06 /usr/lib/jvm/java-8-oracle/bin/java -Djava.util.logging.config.file=/home/andy/tomcat/apache-tomcat-7.0.56/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -XX:MaxPermSize=512m -Xmx2048m -Dcom.sun.management.jmxremote.port=9012 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Djava.endorsed.dirs=/home/andy/tomcat/apache-tomcat-7.0.56/endorsed -classpath /home/andy/tomcat/apache-tomcat-7.0.56/bin/bootstrap.jar:/home/andy/tomcat/apache-tomcat-7.0.56/bin/tomcat-juli.jar -Dcatalina.base=/home/andy/tomcat/apache-tomcat-7.0.56 -Dcatalina.home=/home/andy/tomcat/apache-tomcat-7.0.56 -Djava.io.tmpdir=/home/andy/tomcat/apache-tomcat-7.0.56/temp org.apache.catalina.startup.Bootstrap start \nandy 19848 7377 0 14:08 pts/1 00:00:00 grep --color=auto tomcat\n\nHere I can see a process running with a PID of `19822`\n\n_Note: You will also see your_ **_grep_** _in this output (the PID of_ `_19848_`_)._\n\n### **netstat**\n\nFor answering the question:\n\n> What’s running on my machine and on what port?\n\nIf I want to determine what’s listening on port **8000:**\n\nsudo netstat tulpn | grep 8000\n\nHere’s an explanation of what the different flags mean — more can be found with `netstat --help`:\n\n\\-t # tcp ports \n\\-u # udp ports \n\\-l # only listening ports \n\\-p # output PIDs \n\\-n # resolve hardware names\n\nAnd if I have something running on this port, I get something along the lines of the following output:\n\nandy@desktop:~$ netstat -tulpn | grep 8000 \ntcp 0 0 127.0.0.1:8000 0.0.0.0:\\* LISTEN 16740/node\n\nAllowing me to `kill <pid>` or inspect the process that’s running as necessary.\n\n### **tcpdump**\n\nFor answering the question:\n\n> What requests / packets are coming from and to my applications?\n\nIf I’m interested in the requests and packets coming from and to port 8080, I can get a full dump of the traffic, requests and message body with this command:\n\nsudo tcpdump -A -s 0 -i lo port 8080\n\n`-i` is the interface name. `lo` is the loopback interface and all traffic originating from your machine will go through this network interface.\n\n`-A` will debug and omit some strange characters.\n\n`-s 0` will print all packets since tcpdump doesn’t do this by default.\n\nHere’s some example output showing a simple POST request to an application which performs a simple authenticated redirect with a username and password combo:\n\n13:49:04.701180 IP6 (flowlabel 0x8a77f, hlim 64, next-header TCP (6) payload length: 817) ip6-localhost.52870 > ip6-localhost.http-alt: Flags \\[P.\\], cksum 0x0339 (incorrect -> 0x3fa7), seq 1861:2646, ack 2002, win 1373, options \\[nop,nop,TS val 4948070 ecr 4947571\\], length 785: HTTP, length: 785 \n POST /login/?sessionId=941b5ac4-5524-4b43-b4b1-b9e371a7f212 HTTP/1.1 \n Host: localhost:8080 \n Connection: keep-alive \n Content-Length: 49 \n Accept: \\*/\\* \n Origin: [http://localhost:8080](http://localhost:8080) \n X-Requested-With: XMLHttpRequest \n User-Agent: Mozilla/5.0 (X11; Linux x86\\_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.119 Safari/537.36 \n Content-Type: application/x-www-form-urlencoded; charset=UTF-8 \n Referer: [http://localhost:8080/login/?redirect=/myApp](http://localhost:8080/login/?redirect=/myApp) \n Accept-Encoding: gzip, deflate, br \n Accept-Language: en,en-GB;q=0.9 \n Cookie: sessionId=941b5ac4-5524-4b43-b4b1-b9e371a7f212; \n \n username=username&password=password\\[!http\\]\n\nThere are many other additional flags you can add to the command such as monitoring more than one port:\n\nsudo tcpdump -A -s 0 -i lo port 8080 or port 8000\n\nOr capturing packets only from a single host:\n\nsudo tcpdump -A -s 0 -i lo port 8080 and src host 126.96.36.199\n\n### **telnet**\n\nFor answering the question:\n\n> Is there a network issue preventing me from connecting to my resource?\n\ntelnet <host> <port>\n\nHere’s some example output — I have no active processes running and listening on port 8000 on my local machine so I can’t connect to them:\n\nandy@desktop:~$ telnet localhost 8000 \nTrying 127.0.0.1... \ntelnet: Unable to connect to remote host: Connection refused\n\nSay for example I’m trying to determine whether I can connect to a remote instance of postgres in my network, I already know the instance is up and there are no networking issues — I already know the hostname and know that postgres listens on `TCP 5432`:\n\nandy@desktop:~$ telnet myRDSinstance.eu-west-1.rds.amazonaws.com 5432 \nTrying 172.20.15.200... \nConnected to myRDSinstance.eu-west-1.rds.amazonaws.com. \nEscape character is '^\\]'.\n\nI will receive a message which shows I have made a TCP connection to my resource. Or if I fail to connect I will see something similar to the following message:\n\nandy@desktop:~$ telnet myRDSinstance.eu-west-1.rds.amazonaws.com 5432 \nTrying 172.20.15.200... \ntelnet: Unable to connect to remote host: Connection refused\n\nGiving me evidence to suggest network connectivity issues as the culprit for my particular issue.