There are plenty of monitoring tools out there to monitor local and remote Linux systems. One fine example is Cockpit. Those tools, however, are bit complicated to install and use, at least for the newbie admins. The newbie admin might need to spend some time to figure out how to configure those tools to monitor the systems. If you want a quick and dirty way to monitor multiple hosts at a time in your local area network, you might need to check “rwho” tool. It will instantly and quickly will monitor the local and remote systems as soon as you install rwho utility. You configure nothing! All you have to do is to install “rwho” tool on the systems that you want to monitor.

Please don’t think of rwho as a feature-rich, and complete monitoring tool. This is just a simple tool that monitors only the uptime, load and logged in users of a local/remote systems.

Using “rwho” utility, we can find the following:

Who is logged in on which computer,
List of monitored computers with uptime (time since last reboot),
How many users are logged in,
The load averages for the past 1, 5, and 15 minutes.
Nothing more! Nothing less! Also, it will only monitor the systems that are in the same subnet. hence, it is ideal for small and home office networks.

Monitor Multiple Hosts In Linux
Let me explain how rwho works. Every system that uses rwho on the network will broadcast information about itself. The other computers can access these information using rwhod-daemon. So, every computer on the network must have rwho installed. Also, the rwhod-port (e.g. Port 513/UDP) must be allowed through your firewall/router in-order to distribute or access the information of other hosts.

Alright, let us install it.

I tested in on Ubuntu 16.04 LTS server. rwho is available in the default repositories, so we can install it using the APT package manager like below.

$ sudo apt-get install rwho
On RPM based systems such as CentOS, Fedora, RHEL, use this command to install it:

$ sudo yum install rwho
Make sure you have allowed the rwhod-port 513 if you are behind a firewall/router. Also, verify if the rwhod-daemon is running or not using command:

$ sudo systemctl status rwhod
If it is not started already, run the following commands to enable and start rwhod service:

$ sudo systemctl enable rwhod
$ sudo systemctl start rwhod
Now, it is time to monitor the systems. Run the following command to find out who is logged on which computer:

$ rwho
ostechni ostechnix:pts/5 Mar 12 17:41
root server:pts/0 Mar 12 17:42
As you can see, currently there are two systems on my local area network. The local system user is ostechnix (Ubuntu 16.04 LTS) and remote system’s user is root (CentOS 7). As you might guessed already, rwho is similar to “who” command, but it will monitor the remote systems too.

And, we can find the uptime of all running systems on the network, using command:

$ ruptime
ostechnix up 2:17, 1 user, load 0.09, 0.03, 0.01
server up 1:54, 1 user, load 0.00, 0.01, 0.05
Here, ruptime (similar to “uptime” command) displays the total uptime of my Ubuntu (local) and CentOS (remote) systems. Got it? Great! Here is the sample screenshot from my Ubuntu 16.04 LTS system:

Monitor multiple hosts using rwho

You can find the information about all other machines in the local area network in the following location:

$ ls /var/spool/rwho/
whod.ostechnix whod.server
This is a small, yet very useful to find out who is logged in on which computer and the uptime along with system load details.

Suggested read:

Some Alternatives To ‘top’ Command line Utility You Might Want To Know
How To Find Who Is Logged On Your System And What They Are Doing
How To Monitor User Activity In Linux
An Easy Way To Monitor A Website From Command Line In Linux
How To Monitor WiFi Connection From Command Line In Linux
vnStat – Monitor Network Bandwidth in Linux and BSD
NetData : A Real-time performance monitoring tool for Linux
Please be mindful that this method has one serious loophole. Since information about every computer is broadcasted over the net, anyone in the subnet can get this information. It is okay normally but on the other side this can be a unwanted side-effect when information about the network is distributed to non-authorized users. So, It is strongly recommended to use it in a trusted and protected local area network.

For more details, refer man pages.

$ man rwho

Leave a Comment