Looking at the process through psutil and Python
Lately I have been trying to improve my system administration skills. I needed to monitor some of the running processes. To do that I used psutil module in Python. It is a cross platform module to parse the information about running process. It also provides information on how the system is being utilized. In the area of - CPU, memory, disks, network, sensors. The name psutil is the abbreviation for - process and system utilities. It supports the following platforms:
- Linux
- Windows
- macOS
- FreeBSD, OpenBSD, NetBSD
- Sun Solaris
- AIX
…both 32-bit and 64-bit architectures. Supported Python versions are 2.6, 2.7 and 3.4+. PyPy3 is also known to work.
Process class
Process is an running program. Wikipedia defines process as “In computing, a process is the instance of a computer program that is being executed by one or many threads. It contains the program code and its activity. “
I use Fedora as my primary Operating System. The Linux filesystem contains the process related information in /proc directory. It does not stay inside the disk instead kernel creates it in its memory. /proc contains information about the system such as :
/proc/cpuinfo
contains the information about the cpu like number of cores etc.- message output by kernel found in
/proc/kmsg
routed to syslog /proc/meminfo
has the information about the available system memory/proc/ioports
describes which input and output ports are being used.
Also there other details available in the /proc directory. One can find more information about this at
The psutil module helps us to find all these information through program. If we know the pid of a running process, we can get an instance of the [Process] class.
p = psutil.Process(7134)
Here I am using the pid value of 7134.
Now, we can check for the process name, and command line arguments. We
can also find the details about the init process or mother process or parent process.
>>> print(f"Name of the process : {p.name()}")
Name of the process : hexchat
>>> print(f"Parent process : {p.ppid()}")
Parent process : 2116
>>> print(f"Command Line : {p.cmdline()}")
Command Line : ['hexchat', '--existing']
Next we are getting executable, username, uid and gid
>>> print(f"The process executable as an absolute path : {p.exe()}")
The process executable as an absolute path : /usr/bin/hexchat
>>> print(f"Username : {p.username()}")
Username : adas
>>> print(f"uid : {p.uids()}")
uid : puids(real=1000, effective=1000, saved=1000)
>>> print(f"uid : {p.gids()}")
gid : pgids(real=1000, effective=1000, saved=1000)
To get the environment variable:
>>> print(f"The environment variables of the process as a dictionary : {p.environ()}")
It returns a dictionary in key, value pair. I did not print the full output because the length :)
The environment variables of the process as a dictionary : {'SHELL': '/bin/bash', 'HISTCONTROL': 'ignoredups', 'HOSTNAME': ‘localhost.localdomain',
You can get network connection details in and all the open files by the process.
>>> for conn in p.connections():
... print(f" Socket file descriptor: {conn.fd}\n Address family : {conn.family}\n Local address : {conn.laddr}\n Remote address : {conn.raddr}\n Status of a TCP connection : {conn.status}")
Socket file descriptor: 15
Address family : 2
Local address : addr(ip='192.168.1.3', port=56080)
Remote address : addr(ip='1xx.xx.xxx.xxx', port=8080)
Status of a TCP connection : ESTABLISHED
To know more functions and options have a look at the documentation of psutil.