time is a brilliant command if you want to figure out how much CPU time a given command takes. I am looking for something similar that can list the files being accessed by a program and its children. Either in real time or as a report afterwards. Currently I use: #!/bin/bash strace -ff -e trace=file "$@" 2>&1 | perl -ne 's/^[^"]+"(([^\\"]|\\[\\"nt])*)".*/$1/ && print' but its fails if the command to run involves sudo. It is not very intelligent (it would be nice if it could only list files existing or that had permission problems or group them into files that are read and files that are written). Also strace is slow, so it would be good with a faster choice.

On Linux, it's possible to [disable overcommitting memory](https://unix.stackexchange.com/questions/797835/disabling-overcommitting-memory-seems-to-cause-allocs-to-fail-too-early-what-co/797836#797836) which makes it behave like Windows, in that malloc() will fail once all physical memory is used up. As explained [in this insightful and good answer](https://unix.stackexchange.com/a/797888/104885) , in that mode, the Committed_AS memory statistic shown in /proc/meminfo becomes the relevant value for used up memory, rather than any of the other metrics like calculating it based on MemFree and so on. **Here's my question:** So when running that mode, how do I find out a process's proportional use of system-wide Committed_AS total value on Linux? Is there an easy way to do so? **As for more background info**, I've been using this mode now for some days. It's useful for example to test out how software I work on would behave on Windows when hitting the memory limit. However I ran into the practical issue when I run out of memory, it's hard to find the biggest offenders. It seems to be the case that no common system monitor tool shows how much a process actually committed in terms of memory, since in my understanding the usual resident memory, shared memory, and so on only apply to memory *actually written into* (which I think is smaller than committed memory). Hence, it becomes difficult to judge which program actually committed the most memory and may be worth terminating when I run out. Seeing the committed memory might also help identifying programs that accidentally use fork() in situations where they perhaps should be using vfork().

Prometheus, Loki and Promtail have been updated. Its Silence policy doesn't work anymore and alerts continues sent to the appropriate chat.

I utilize Mate's Hardware Sensor Monitor, and it shows the following for my device: What does each label refer to? What temperatures are considered dangerous?

In Linux, I can get the server uptime results in seconds (value) by using below command

cat /proc/uptime

But in AIX, we do not have uptime in /proc. If I just type uptime, I get results in days, hours, minutes, but I want to get the output only in seconds like 86400 seconds or 30 seconds or any value. With this output, I want to set an alert from SCOM monitoring tool to create alerts if it is less than 1800 seconds. From SCOM, I can run a shell command.

I'm trying to figure what's the right way for me to be notified when some systemd service is having problems. Manually checking systemctl status isn't a sustainable option; at the very least I want to have a simple tray icon, like just green or red. Some sounds and/or visual notifications can be useful too. Surprisingly I don't seem to find any existing tools for that, so the best I can think of is to write my own, maybe some simple bash script which would poll systemctl once in a while, and update the icon status. Pretty poor but alas. Before I actually start spending time on that, want to make sure, am I by any chance missing some better options?

Hello (I'm no hard core coder:), I try to develop a script to do some very basic monitoring on an IBM SVC. My goal is to get some information about the nodes and my quroum status and then send this information by mail. here's my code so far (I understood that grep command doesn't "work" on CLI for SVC). #check nodes of the cluster with lsnodes and parse status ssh admin@SVCName superuser>svcinfo lsnode | while read id name sn wwnn status temp;do echo $name" "$status;done #check quorum status with lsquorum and parse status ssh admin@SVCName superuser>svcinfo lsquorum | while read quorum_index status id name controller_id controller_name active temp; do echo $controller_name" "$active;done My problem is sending an email from the CLI to designed users. I don't find any valuable information anywhere on the internet. HINT: this script will be deployed on a jumppoint server (probably a windows server) in production, I cannot allow the installation of any exectution environment such as cigwin or perl or anything). Could you help me with that ?

I have a service that is always supposed to be running. I’d like to know when the service ever stops or gets restarted. I’ve thought about referencing the service’s PID. If it gets restarted, it would get a new pid. So I would like to send an alert or email whenever the pid changes. What’s the least intrusive way to do this? Right now I have a cron job writing the pid to a file every 5 minutes. Is there a Linux tool that can monitor this file for pid changes? Or should I have some other thing like a Python script running outside somewhere that can pull this file and monitor that way?

I noticed that according to /proc/net/dev I am constantly receiving around 6Kb/s on my wireless usb interface. But I can't account for anything even close to that with the individual connections that I get with iptraf, iftop, and nethogs. Investigations with netstat, lsof, and tcpdump didn't help either. So, what else could contribute to /proc/net/dev values? I can speculate that, while only IP based traffic is reported by the applications I mentioned, /proc/net/dev probably accounts for other link-layer/internet-layer stuff too (arp? icmp? wireless management stuff?). Or maybe other transport/application protocols. Can anyone confirm this? How else would you proceed to find out: through what sockets are the 6Kb/s coming through? What processes are receiving the traffic? --- [EDIT] The 2 consistent results across all the tools: 1. the totals of Rx are around a few Kb/s - confirmed with /proc/net/dev, dstat, bmw-ng, cbm, iptraf, ifstat, gnome-system-monitor 2. no connection/packet stream justifies that - confirmed with netstat, tcpdump, iftop, nethogs, iptraf All of this with a Netgear WDNA 4100 wireless usb adapter using a custom driver from some git (the only way I got it to work). I asked the devs about it [here](https://github.com/ashaffer/rt3573sta/issues/9) . This might be malware, but I suspect the driver is simply reporting wrong totals. Nevertheless, I cannot explain what's going on for sure.

I don't understand iotop output: it shows ~1.5 MB/s of disk write (top right), but all programs have 0.00 B/s. Why? The video was taken as I was deleting the content of a folder with a few millions of files [using](https://unix.stackexchange.com/a/79656/16704) perl -e 'for(){((stat)<(unlink))}', on Kubuntu 14.04.3 LTS x64. iotop was launched using sudo iotop.

The disk activity monitor widget in KDE (Debian) shows constant HDD write around 12 MiB/s, when I run iotop, there is nothing that would be constantly using HDD. When I run atop, at first PAG is red and blinking but after about 3 seconds disappears, when i run free -h, I get: total used free shared buff/cache available Mem: 7.7Gi 2.2Gi 3.0Gi 1.1Gi 2.5Gi 4.2Gi Swap: 7.9Gi 0.0Ki 7.9Gi Any idea what can be causing this or how to find out? Also, i tried to clear the cache, it cleared to 1.5 Gi but after less than 5 minutes it was back to 2.5 Gi as shown above. Also i am thinking that Debian is using quite a lot of memory given that only firefox with the stackexchange window is open.

I have installed XYMon server successfully, **but I can't get the client information to show**. It took me a while to figure out, but if you add a host to the server that doesn't have the client, it still shows some things like conn/ssh/info, but nothing like cpu/disk/mem. I have found it to be REALLY hard to find any good documentation, troubleshooting steps or anything. The installation of the client seems extremely simple. On **Ubuntu 14.04** >> apt-get install xymon-client Only one question during installation IP of XYMon-Server But I can't get anything to show in the server! The closest I have come to debugging is On Server : @xymon:/var/log/xymon$ cat alert.log 2016-07-20 21:31:52 -> Could not connect to Xymon daemon@xymon.freesoftwareservers.com:1984 (Connection refused) @xymon:/var/log/xymon$ cat xymonlaunch.log 2016-07-20 22:00:27 Cannot open env file /usr/local/xymon/server/etc/hobbitserver.cfg - No such file or directory 2016-07-20 22:00:27 Loading hostnames 2016-07-20 22:00:27 Loading saved state 2016-07-20 22:00:27 Setting up network listener on 0.0.0.0:1984 2016-07-20 22:00:27 Setting up signal handlers 2016-07-20 22:00:27 Setting up xymond channels 2016-07-20 22:00:27 Setting up logfiles 2016-07-20 22:10:27 Cannot open env file /usr/local/xymon/server/etc/hobbitserver.cfg - No such file or directory **On Both Client & Server I found this Error :** @xymon:/var/log/xymon$ cat xymonclient.log No LSB modules are available. - Repeated for ever... There was nothing more useful in client logs. **Install XYMON Config :** sudo apt-get install -y xymon sudo cp /etc/apache2/conf.d/xymon /etc/apache2/conf-available/xymon.conf sudo ln -s /etc/apache2/conf-available/xymon.conf /etc/apache2/conf-enabled/ sudo ln -s /etc/apache2/mods-available/authz_groupfile.load /etc/apache2/mods-enabled/ sudo ln -s /etc/apache2/mods-available/rewrite.load /etc/apache2/mods-enabled/ sudo ln -s /etc/apache2/mods-available/cgi.load /etc/apache2/mods-enabled/ sudo ln -s /var/lib/xymon /var/www/html/xymon sudo nano /etc/apache2/conf-available/xymon.conf *Replace the below 2 lines with the bottom ONE line. (All instances)* #Order allow,deny #Allow from localhost ::1/128 Require all granted

My ftp user face error like this: FTP 127 Response: 500 I won't open a connection to xxx.xxx.xxx.xxx (only to yyy.yyy.yyy.yyy) This is the response of my server which captured by Wireshark in a windows ftp client. I enabled the VerboseLog in /etc/pure-ftpd.conf and there is line which says: #If you want to log all client commands, set this to "yes". #This directive can be specified twice to also log server responses. #VerboseLog yes So I edited my config file and brought the VerboseLog yes twice to log server response something like this: # If you want to log all client commands, set this to "yes". # This directive can be specified twice to also log server responses. VerboseLog yes VerboseLog yes However still I cannot find logs in /var/log/message for this error anywhere. Can somebody say what is wrong? P.S.: I want to have logs since I want to monitor the status of server and check if problem still arise or not. I'm not looking for capturing or snooping the interfaces as a temporary solution/workaround. Here is my /etc/pure-ftpd.conf: ############################################################ # # # Configuration file for pure-ftpd # # # ############################################################ # If you want to run Pure-FTPd with this configuration # instead of command-line options, please run the # following command : # # /usr/sbin/pure-ftpd /etc/etc/pure-ftpd.conf # # Online documentation: # https://www.pureftpd.org/project/pure-ftpd/doc # Restrict users to their home directory ChrootEveryone yes # If the previous option is set to "no", members of the following group # won't be restricted. Others will be. If you don't want chroot()ing anyone, # just comment out ChrootEveryone and TrustedGID. # TrustedGID 100 # Turn on compatibility hacks for broken clients BrokenClientsCompatibility no # Maximum number of simultaneous users MaxClientsNumber 250 # Run as a background process Daemonize No # Maximum number of simultaneous clients with the same IP address MaxClientsPerIP 20 # If you want to log all client commands, set this to "yes". # This directive can be specified twice to also log server responses. VerboseLog yes VerboseLog yes # List dot-files even when the client doesn't send "-a". DisplayDotFiles yes # Disallow authenticated users - Act only as a public FTP server. AnonymousOnly no # Disallow anonymous connections. Only accept authenticated users. NoAnonymous yes # Syslog facility (auth, authpriv, daemon, ftp, security, user, local*) # The default facility is "ftp". "none" disables logging. SyslogFacility ftp,auth,authpriv,daemon,security,user # Display fortune cookies # FortunesFile /usr/share/fortune/zippy # Don't resolve host names in log files. Recommended unless you trust # reverse host names, and don't care about DNS resolution being possibly slow. DontResolve yes # Maximum idle time in minutes (default = 15 minutes) MaxIdleTime 15 # LDAP configuration file (see README.LDAP) # LDAPConfigFile /etc/pureftpd-ldap.conf # MySQL configuration file (see README.MySQL) # MySQLConfigFile /etc/pureftpd-mysql.conf # PostgreSQL configuration file (see README.PGSQL) # PGSQLConfigFile /etc/pureftpd-pgsql.conf # PureDB user database (see README.Virtual-Users) # PureDB /etc/pureftpd.pdb # Path to pure-authd socket (see README.Authentication-Modules) ExtAuth /var/run/ftpd.sock # If you want to enable PAM authentication, uncomment the following line # PAMAuthentication yes # If you want simple Unix (/etc/passwd) authentication, uncomment this # UnixAuthentication yes # Please note that LDAPConfigFile, MySQLConfigFile, PAMAuthentication and # UnixAuthentication can be used specified once, but can be combined # together. For instance, if you use MySQLConfigFile, then UnixAuthentication, # the SQL server will be used first. If the SQL authentication fails because the # user wasn't found, a new attempt will be done using system authentication. # If the SQL authentication fails because the password didn't match, the # authentication chain stops here. Authentication methods are chained in # the order they are given. # 'ls' recursion limits. The first argument is the maximum number of # files to be displayed. The second one is the max subdirectories depth. LimitRecursion 10000 8 # Are anonymous users allowed to create new directories? AnonymousCanCreateDirs no # If the system load is greater than the given value, anonymous users # aren't allowed to download. MaxLoad 4 # Port range for passive connections - keep it as broad as possible. PassivePortRange 49152 65534 # Force an IP address in PASV/EPSV/SPSV replies. - for NAT. # Symbolic host names are also accepted for gateways with dynamic IP # addresses. # ForcePassiveIP 5.9.161.221 # Upload/download ratio for anonymous users. # AnonymousRatio 1 10 # Upload/download ratio for all users. # This directive supersedes the previous one. # UserRatio 1 10 # Disallow downloads of files owned by the "ftp" system user; # files that were uploaded but not validated by a local admin. AntiWarez yes # IP address/port to listen to (default=all IP addresses, port 21). Bind 21 # Maximum bandwidth for anonymous users in KB/s # AnonymousBandwidth 8 # Maximum bandwidth for *all* users (including anonymous) in KB/s # Use AnonymousBandwidth *or* UserBandwidth, not both. # UserBandwidth 8 # File creation mask. : . # 177:077 if you feel paranoid. Umask 133:022 # Minimum UID for an authenticated user to log in. # For example, a value of 100 prevents all users whose user id is below # 100 from logging in. If you want "root" to be able to log in, use 0. MinUID 100 # Allow FXP transfers for authenticated users. AllowUserFXP no # Allow anonymous FXP for anonymous and non-anonymous users. AllowAnonymousFXP no # Users can't delete/write files starting with a dot ('.') # even if they own them. But if TrustedGID is enabled, that group # will exceptionally have access to dot-files. ProhibitDotFilesWrite no # Prohibit *reading* of files starting with a dot (.history, .ssh...) ProhibitDotFilesRead no # Don't overwrite files. When a file whose name already exist is uploaded, # it gets automatically renamed to file.1, file.2, file.3, ... AutoRename no # Prevent anonymous users from uploading new files (no = upload is allowed) AnonymousCantUpload yes # Only connections to this specific IP address are allowed to be # non-anonymous. You can use this directive to open several public IPs for # anonymous FTP, and keep a private firewalled IP for remote administration. # You can also only allow a non-routable local IP (such as 10.x.x.x) for # authenticated users, and run a public anon-only FTP server on another IP. # TrustedIP 10.1.1.1 # To add the PID to log entries, uncomment the following line. # LogPID yes # Create an additional log file with transfers logged in a Apache-like format : # fw.c9x.org - jedi [13/Apr/2017:19:36:39] "GET /ftp/linux.tar.bz2" 200 21809338 # This log file can then be processed by common HTTP traffic analyzers. AltLog xferlog:/etc/apache2/logs/domlogs/ftpxferlog # Create an additional log file with transfers logged in a format optimized # for statistic reports. AltLog stats:/var/log/pureftpd.log # Create an additional log file with transfers logged in the standard W3C # format (compatible with many HTTP log analyzers) # AltLog w3c:/var/log/pureftpd.log # Disallow the CHMOD command. Users cannot change perms of their own files. # NoChmod yes # Allow users to resume/upload files, but *NOT* to delete them. # KeepAllFiles yes # Automatically create home directories if they are missing # CreateHomeDir yes # Enable virtual quotas. The first value is the max number of files. # The second value is the maximum size, in megabytes. # So 1000:10 limits every user to 1000 files and 10 MB. # Quota 1000:10 # If your pure-ftpd has been compiled with standalone support, you can change # the location of the pid file. The default is /var/run/pure-ftpd.pid # PIDFile /var/run/pure-ftpd.pid # If your pure-ftpd has been compiled with pure-uploadscript support, # this will make pure-ftpd write info about new uploads to # /var/run/pure-ftpd.upload.pipe so pure-uploadscript can read it and # spawn a script to handle the upload. # Don't enable this option if you don't actually use pure-uploadscript. # CallUploadScript yes # This option is useful on servers where anonymous upload is # allowed. When the partition is more that percententage full, # new uploads are disallowed. MaxDiskUsage 99 # Set to 'yes' to prevent users from renaming files. # NoRename yes # Be 'customer proof': forbids common customer mistakes such as # 'chmod 0 public_html', that are valid, but can cause customers to # unintentionally shoot themselves in the foot. CustomerProof yes # Per-user concurrency limits. Will only work if the FTP server has # been compiled with --with-peruserlimits. # Format is: : # For example, 3:20 means that an authenticated user can have up to 3 active # sessions, and that up to 20 anonymous sessions are allowed. # PerUserLimits 3:20 # When a file is uploaded and there was already a previous version of the file # with the same name, the old file will neither get removed nor truncated. # The file will be stored under a temporary name and once the upload is # complete, it will be atomically renamed. For example, when a large PHP # script is being uploaded, the web server will keep serving the old version and # later switch to the new one as soon as the full file will have been # transferred. This option is incompatible with virtual quotas. # NoTruncate yes # This option accepts three values: # 0: disable SSL/TLS encryption layer (default). # 1: accept both cleartext and encrypted sessions. # 2: refuse connections that don't use the TLS security mechanism, # including anonymous sessions. # Do _not_ uncomment this blindly. Double check that: # 1) The server has been compiled with TLS support (--with-tls), # 2) A valid certificate is in place, # 3) Only compatible clients will log in. TLS 1 # Cipher suite for TLS sessions. # The default suite is secure and setting this property is usually # only required to *lower* the security to cope with legacy clients. # Prefix with -C: in order to require valid client certificates. # If -C: is used, make sure that clients' public keys are present on # the server. TLSCipherSuite HIGH # Certificate file, for TLS # CertFile /etc/ssl/private/pure-ftpd.pem # Listen only to IPv4 addresses in standalone mode (ie. disable IPv6) # By default, both IPv4 and IPv6 are enabled. # IPV4Only yes # Listen only to IPv6 addresses in standalone mode (i.e. disable IPv4) # By default, both IPv4 and IPv6 are enabled. # IPV6Only yes # UTF-8 support for file names (RFC 2640) # Set the charset of the server filesystem and optionally the default charset # for remote clients that don't use UTF-8. # Works only if pure-ftpd has been compiled with --with-rfc2640 # FileSystemCharset big5 # ClientCharset big5

I am using Zenoss for monitoring purpose. I have been using its mail service for a long time. Suddenly my mail service in zenoss stopped and started showing - Connection unexpectedly closed and no mails are outgoing. When I ran the mail command via CLI, the mail goes to the email address. While executing the zenoss script for mailer won't work and throws out the error as shown above. My server is RHEL 5.3 x86_64, with Zenoss 4.2 & sendmail email server. ### Sendmail logs & Zenoss email conf Apr 11 07:14:30 XXXhostnameXX sendmail: r3BBDgia013582: lost input channel from localhost.localdomain [127.0.0.1] to MTA after mail Apr 11 07:14:30 XXXhostnameXX sendmail: r3BBDgia013582: from=, size=146972, class=0, nrcpts=0, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1] Zenoss is following basic smtp connection as emailing is done by local sendmail server (localhost) in port 25. No specific configuration is used.

today I started my laptop, but my external display was not working. I ran the command

:

Screen 0: minimum 8 x 8, current 1366 x 768, maximum 32767 x 32767
eDP1 connected primary 1366x768+0+0 (normal left inverted right x axis y axis) 340mm x 190mm
   1366x768      59.97*+
   1280x720      59.74  
   1024x768      60.00  
   1024x576      60.00    59.90    59.82  
   960x540       60.00    59.63    59.82  
   800x600       60.32    56.25  
   864x486       60.00    59.92    59.57  
   640x480       59.94  
   720x405       59.51    60.00    58.99  
   680x384       60.00  
   640x360       59.84    59.32    60.00  
VIRTUAL1 disconnected (normal left inverted right x axis y axis)

As you can see, there is no hdmi. When I run this exact same command on my **other** computer, it shows this:

Screen 0: minimum 8 x 8, current 1366 x 768, maximum 32767 x 32767
eDP1 connected primary 1366x768+0+0 (normal left inverted right x axis y axis) 340mm x 190mm
   1366x768      59.97*+
   1280x720      59.74  
   1024x768      60.00  
   1024x576      60.00    59.90    59.82  
   960x540       60.00    59.63    59.82  
   800x600       60.32    56.25  
   864x486       60.00    59.92    59.57  
   640x480       59.94  
   720x405       59.51    60.00    58.99  
   680x384       60.00  
   640x360       59.84    59.32    60.00 
DP1 disconnected (normal left inverted right x axis y axis)
DP2 disconnected (normal left inverted right x axis y axis)
HDMI1 disconnected (normal left inverted right x axis y axis)
HDMI2 disconnected (normal left inverted right x axis y axis)
VIRTUAL1 disconnected (normal left inverted right x axis y axis)

my os:

acer-a515 5.7.12-arch1-1 #1 SMP PREEMPT Fri, 31 Jul 2020 17:38:22 +0000 x86_64 GNU/Linux

Can someone help me?

I have been trying to learn tcpdump and I am using this command to attempt to monitor my network: sudo tcpdump -I -i en1 But this gives me a bunch of stuff I don't want, so I used this version to filter the packets: sudo tcpdump -I -i en1 port 80 or 443 And it gives me nothing. I know you can't use your WiFi when using monitor mode, but I still can, so I think thats a sign something is wrong. I tried it with en0, but it couldn't go into monitor mode. What am I doing wrong? I am using a MacBook Pro with OS X 10.9.3, and I would like to be able to do this with tcpdump, or any other utility that's built into OS X.

I have a folder on my RHEL 9 server that gets deleted every few days, but I don’t know which process or user is responsible. I’d like to log all events related to this folder, particularly deletions. I came across a tool called auditd, which seems like it could help, but I'm not sure how to configure it to monitor this specific folder. Is auditd the best option for this task, or is there a better tool or script I could use to track and log deletions? Is this enough? auditctl -w /path/to/myfolder -p rwa -k rule_watch_folder

I am currently reading the "Malware Analyst's Cookbook and DVD". There is a chapter "Dynamic Analysis" and there are also some recipes about hooking and monitoring API calls of process but it is for Windows. I want to do the same thing like recipe 9-10 explains but for Linux. 9-10 is called "Capturing process, Thread, and Image Load Events". In this receipe it is showed "how to implement a driver that alerts you when any events occure on the system while your malware samlpe executes". It uses the API functions of the Windows Driver Kit (WDK) to call a user-defined callback function. It uses the callback functions: - Process creation callback function called PsSetCreateProcessNotifyRoutine(...) - Thread creation callback function called PsSetCreateThreadNotifyRoutine(...) - Image load callback function called PsSetLoadImageNotifyRoutine(...). And when any events occur it will display them as a debug message which can then be viewed in e.g. DebugView. It seems well documented for Windows and it is easy to find information for this, but I have a bit of a problem in finding information for Linux. I've found some general introduction to drivers and a one for hooking, but I still haven't found any that are not so general or at least are a bit more focused on malware analysis. I would be happy for tips for further readings or recommended tutorials on this topic.

**What I need** I want to monitor system resources (namely memory and CPU usage) by application, not just by process. Just as the Windows Task Manager groups resources by the 'calling mother process,' I would like to see it that way as well. Nowadays, applications like Firefox and VSCode spawn many child processes, and I want to get a quick and complete overview of their usage. The solution can be a GUI or TUI, a bash script or a big one-liner. I do not really care. For it to work, I imagine I could feed it with the pid of the mother process or the name of an executable as a means of filtering. **Example** **What I Tried** * I tried htop, but it only shows me a tree where the calling process has its own memory listed - not the ones it called. * I tried the gnome-system-monitor, but its the same. * I tried a bit with ps and free but have not found the correct set of arguments / pipes to make them do what I want. It stumped me that I could not google a solution for that. Maybe there is a reason for it? Does anybody have an idea?

In intel_gpu_top 1.27.1 CLI output, contrary to previous releases detailed in there are two values for each of frequency and power:

intel-gpu-top: Intel Skylake (Gen9) @ /dev/dri/card0 -  642/ 661 MHz;  38% RC6;  4.15/26.08 W;      566 irqs/s

      IMC reads:     4143 MiB/s
     IMC writes:     2146 MiB/s

         ENGINES     BUSY                                                                                                                                                                          MI_SEMA MI_WAIT
       Render/3D   46.99% |██████████████████████████████████████████████████████████████████████████████                                                                                        |      0%      0%
         Blitter    0.00% |                                                                                                                                                                      |      0%      0%
           Video    0.00% |                                                                                                                                                                      |      0%      0%
    VideoEnhance    0.00% |                                                                                                                                                                      |      0%      0%

   PID              NAME                   Render/3D                                      Blitter                                        Video                                      VideoEnhance                   
1197822          kodi.bin |███████████████▏                            ||                                            ||                                            ||                                            |
     1           systemd |████▍                                       ||                                            ||                                            ||                                            |
1108342       gnome-shell |▊                                           ||                                            ||                                            ||                                            |
1108382   mutter-x11-fram |                                            ||                                            ||                                            ||                                            |
1108584         nextcloud |                                            ||                                            ||                                            ||                                            |
1108608    gnome-software |                                            ||                                            ||                                            ||                                            |
1109072   xdg-desktop-por |                                            ||                                            ||                                            ||                                            |
1109594    gnome-calendar |                                            ||                                            ||                                            ||                                            |
1110431         evolution |                                            ||                                            ||                                            ||                                            |
1110509   WebKitWebProces |                                            ||                                            ||                                            ||                                            |
1284014      gnome-clocks |                                            ||                                            ||                                            ||                                            |
1291600        input-leap |                                            ||                                            ||                                            ||                                            |
1335594            baobab |                                            ||                                            ||                                            ||                                            |
1375739          kodi.bin |                                            ||                                            ||                                            ||                                            |

The meaning of these two values for each of these fields was asked on [Intel-gpu-top doubts about the displayed information](https://forums.linuxmint.com/viewtopic.php?t=393896) .