Information about services/processes & PID
The compiled commands listed below utilizes a few tools: ps, ss, lsof & pgrep. More details about these tools can be found in the individual pages above.
** TO CONTEMPLATE ABOUT THE COMMANDS WHICH REQUIRES SUDO
Find processes by service name
pgrep flags usage:
-l: List the process name as well as the process ID
$ pgrep -l <service-name>
# eg. To find PID (Process ID) associated with SSHD (SSH Daesmon)
$ pgrep -l sshdRetrieve information about a specific PID
ps flags usage:
-p: To select by PID
$ ps -p <PID>
$ ps -p <PID> -o pid, cmd # To only display relevant informationIdentify the port number related to a PID or service name
Method 1: Using ss
ss flags usage:
-p: Show processes using sockets
Note: In the example below, the command grep -P ':\d{1,}'essentially uses the Perl regex syntax matching to look for all values with the format of :<1 or more digits> such as :4000, :8000, etc.
$ sudo ss -p | grep <PID> | grep -P ':\d{1,}'
# eg.
$ sudo ss -p | grep 1400 | grep -P ':\d{1,}'
tcp ESTAB 0 0
xxxx.xxx.xxx.xxx:4000 xxx.xxx.xxx.xxx:... ....,pid=1400,...
Method 2: Using lsof
lsof flags usage:
-i: To only list the addresses associated with an internet address (prevent overload of information that are not relevant)
-P: Prevent conversion of port numbers to port names. For example, listing would appear as :53 instead of :domain
-n: Prevent conversion of network numbers to host names. For example, listing would appear as 127.0.0.1 instead of localhost
Direct method to look for port numbers relating to a service
$ sudo lsof -i -P -n | grep <service-name>Look for listening sockets related to a PID or service name
The first portion of the command retrieves all listening sockets.
$ sudo lsof -i -P -n | grep LISTENWhile the second portion narrows the output down to only the specified PID or service name.
$ ... | grep <PID>
$ ... | grep <service-name>Final command
$ sudo lsof -i -P -n | grep LISTEN | grep <PID>
$ sudo lsof -i -P -n | grep LISTEN | grep <service-name>Last updated