5 Useful Terminal Tools to Better Manage Processes in Linux


Linux offers a number of tools for examining your running processes. With the applications shown below, you can find out which applications are eating all your memory and which files are attached to those rogue programs. Or you can just get a global view of how your system is performing.

Regardless of your specific level of interest, this tutorial will offer you a starting point on that journey.

1. top

Perhaps the most well-known service/process manager in the Linux toolkit is top. Its name is an acronym for “Table Of Processes.” The Linux version (others have been written for Unix, Solaris, etc.) is hosted with the procps package, a collection of utilities that you can grab at the link above.


You can see in this screenshot that top provides a lot of information at once. At the top of the screen you can see how long the computer has been running, its current CPU usage, and current memory usage. These values pertain to the entire system – not just the individual programs displayed below that text.

In contrast, you can see individual CPU and memory use for various running processes in the bulk of the screen. The screenshot here only shows the services the “root” user is running, and “systemd” comes in first as the consumer of the most memory use at just 0.3 percent.

You can run top in the command line with just top to enter an interactive readout of all running processes for all users. Running top U user will enter that same type of environment, but it will show the processes for that specific user.

You can also single out a running process by first running pidof process to enter that output into top with top -p pid. For instance, pid firefox on this machine returns “2886,” so running top -p 2886 shows only that process’s information on its screen.

2. iotop

Some utilities try to pare down what top offers. One such program, iotop, does exactly that. Its output, as you can see here, is much simpler than top’s deluge.


Iotop reveals the input/output of a running process. At the top of its screen it shows the disk read and disk write, in bytes, before revealing the ID of each process and the individual read, write, and I/O they are consuming.

You can, as with top, select iotop’s output by specifying parameters such as iotop -p pid to monitor a single process or iotop -u user to monitor a single user’s running processes.

3. Monit

From the outset, Monit tries to be more specific but still easy to use. It runs as a daemon and will follow processes and services that you specify in its configuration file.

Starting the deamon from the command line doesn’t look like much.


To make the most of Monit’s capabilities, it’s a good practice to enable Monit to run from startup. Using systemd, the systemctl enable monit command will complete that task.

You can then edit Monit’s configuration file (located at “/etc/monitrc”) to follow and modify specific processes from the second they begin running. Check out this option in the config file below.

Monit config file

Although the lines are commented out, you can see that this series of commands would follow the Apache process, start or stop it if necessary, and create alerts when something goes wrong. The config file is meant to be easy to read and edit; it uses keywords such as “start,” “if,” “then,” and “within” to complete tasks.

4. lsof

If you’re curious as to which files a process has opened when it’s running, use lsof. Running the lsof command will, by default, list every file opened by every process running on the system. Therefore, it can be useful to be more specific with your query.

You can dig into the specific name of a running process, such as Firefox, by piping lsof’s output into grep, which will search for a string you specify.

So if you want to find out if Firefox is running a FLAC audio library, a command like the following would be useful:

lsof | grep firefox | grep -i libflac

It reduces the output from thousands of lines to approximately twenty.

A version of that command produces the following.


What you can replicate here is first running lsof, then searching for “firefox” as a string in lsof’s output, then searching through those lines with “firefox” in them for the string “libflac.” Grep uses the -i flag in that last command to ignore uppercases and lowercases in its search.

The final command grep -i gdbus is used here to provide a single-line example. It arbitrarily picks out the one line of output that shows “gdbus” as the task command lsof identified.

Lsof displays the command associated with a running process, its process ID, the task command associated with the file the process runs, and the name of the file attached to the running process, in addition to some other data.

5. ps_mem

The simplest application in this list, ps_mem, lists the memory usage of running processes on a system. A dry run of ps_mem in the command line will reveal a list of all running processes and their individual memory consumption.

To investigate a specific process, you can list its ID – remember to use pidof process to get that information – in the ps_mem -p process command. Check out this output for reference:


Ps_mem is useful if you have a program you think is using too much memory. You can use it as a standalone tool or in tandem with others to verify their findings.


Don’t let the applications on your computer run astray. Keep them in check with a quick look at top, iotop, or ps_mem, and investigate further with Monit and lsof.

These are powerful tools that have a lot more options available in their man pages, so be sure to also read their documentation when investigating a troublesome issue.

Image credit: Xfce to the rescue!

Casey Houser

I have worked as a professional writer since 2011. I like to compose my articles in Vim, which I also use for hobbyist C and Ruby projects. When I'm not in front of a text editor, I run, bike, and play tennis until I'm too tired to move.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox