Josh Brade

RESUME
RESUME
Menu

Linux PS Command

The ps command serves as an essential security monitoring tool in Linux systems by providing detailed process visibility. It use can be leveraged to examine running processes, detect anomalies, and identify potential threats. The command reveals critical process attributes including user ownership, CPU/memory consumption, and process hierarchies – enabling rapid detection of privilege escalation attempts, concealed processes, or suspicious behavior patterns.

Give these ps commands a try and bookmark this page for future reference!

If you want to learn more, check out this GeeksForGeeks page that breaksdown the Linux PS command: https://www.geeksforgeeks.org/ps-command-in-linux-with-examples/

  • ps
    Display processes for the current terminal session
  • ps -e
    List all processes system-wide
  • ps -l
    Show a detailed listing including command line arguments
  • ps -ef
    Display detailed information about all processes
  • ps -u username
    List processes running under username
  • ps -p PID1,PID2
    Display processes with specific PIDs
  • ps -e –no-headers
    Display processes without headers
  • ps -eLf
    Show all threads for all processes
  • ps -T -p PID
    List all threads for a process PID
  • ps t pts/0
    Display processes created on specific terminal
  • ps -C nginx -o pid=
    Display PIDs of a specific command (executable) name
  • ps -e | grep “?”
    List processes that are not associated with any terminal
  • ps -eH
    Display all processes in hierarchical format (parent-child)
  • ps -fG root
    List processes associated with a certain group (e.g., root)
  • ps -eo pid,user,comm
    Display process info in a user-defined format
  • ps -eo pid,%cpu,%mem,comm
    Display resource usage of processes
  • ps -eo pid,comm,lstart,etime
    Display process start/elapsed time info
  • ps -eo pid,comm,psr
    Show processes along with their CPU affinity
  • ps aux –sort=-%mem | head
    List processes sorted by memory usage
  • ps aux –sort=-%cpu | head
    List processes sorted by CPU usage
  • ps aux | grep ‘Z’
    List all zombie processes
  • ps auxww
    Display full command line of processes without truncation
  • watch “ps aux –sort=-%cpu | head”
    Monitor CPU-hogging processes