Basic Linux Discovery (mostly Ubuntu)

My background is in the Windows ecosystem.  But occasionally (and increasingly) I am needing to do things here are there with Linux.  So, I’ve started to make some efforts to develop practical knowledge beyond just occasionally just dabbling.

Let’s say we’ve a a server dropped in our lap and need to assess what it does and review how it’s configured….

I. What’s installed?

In Ubuntu, we can see what packages are installed by running:

apt list --installed

This returns a massive list. It gives the version numbers of the package, so if its running some horribly old version of MySQL, you can find out.

Of course, you can grep if you’re looking for a single package. For example, we could find Apache with:

apt list --installed | grep "apache"

The RedHat/CentOS/Amazon Linux analog to this is:

rpm -qa

rpm -qa | grep "apache"

And while we’re on the topic…here’s a good cheat sheet for rpm.

II. What services are running?

In Ubuntu(16.04), to see which services are running:

service --status-all

For a particular service (for example, postfix):

service status postfix

III. What does performance currently look like?

In Ubuntu(16.04), running top will give you the following output:


A good explanation of these values can be found here.

IV. What does storage look like?

There a number of ways to look at mounted volumes…here’s the output of df


mount , lsblk , and fdisk -l can be useful depending on what you’re looking for.

In the event that it’s a physical server, SMART status for each drive can be reviewed with a package called smartmontools.  An iDrac/iLO would be much preferred to this to reviewing hardware.

V. Logs

If you’re inclined to review logs, /var/log is a good directory to start in with Ubuntu.  Sometimes it can be difficult to locate the proper log location, The cmd below will tell you where the files are located for a given package.

dpkg-query -L <package name>

VI. Patch Status

We you connect via SSH, the MOTD will often tell you that there are X patches available, Y of which are security related or something to that effect.

To list all patches:

On Ubuntu:

apt list upgradable

On RHEL/Centos/Amazon Linux:

yum updateinfo list

Checking just for security patches:

On Ubuntu:

apt list upgradable | grep -e "-security"

On RHEL/Centos/Amazon Linux:

yum updateinfo list sec

VII. Final Thoughts

I imagine I’ll be periodically coming back to this post and continuing to fill it out. For now, I think there’s enough info above to get a basic idea of what’s going on a Ubuntu server when encountering for the first time.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s