Introduction
The sadf command in Linux is a powerful tool for working with system performance data collected by sar. It allows you to display and export this data in multiple formats, making it easier to analyze, share, and integrate with modern tools. Additionally, it can convert older sar files into newer, more accessible formats.
In this guide, we’ll cover how to use sadf effectively for data analysis and conversion.
What Is the sadf Command?
The sadf command is part of the sysstat package and is used to process and export performance data collected by sar. Whether you need to filter data by time, export it for dashboards, or convert legacy files, sadf provides a versatile solution for system administrators and analysts.
Key Features of the sadf Command
1. Export Data in Multiple Formats
With sadf, you can export sar data in formats such as:
- JSON (
-j): Ideal for integrating with modern analytics tools or dashboards. - XML (
-x): Suitable for structured data analysis. - CSV (
-c): Perfect for spreadsheets or database imports.
Example command to export sar data to JSON:
sadf -j /var/log/sa/sa10 > sar_data.json
2. Filter Data by Time Range
Need data for specific hours? Use the -s (start) and -e (end) options to narrow down the output to a specific time range.
Example command to display data from 8:00 AM to 10:00 AM:
sadf -s 08:00:00 -e 10:00:00 /var/log/sa/sa10
3. Convert Legacy sar Files
Got older sar files that need to be converted into newer formats? Use the -O option to specify the desired output format.
Example command to convert an older sar file to JSON:
sadf -j -O JSON older_sar_file > new_sar_data.json
Benefits of Using sadf
1. Accessibility
Exporting sar data into formats like JSON or CSV makes it easier to integrate with modern tools, dashboards, or scripts.
2. Sharable Data
By converting sar files into widely-used formats, you can share system performance data with colleagues or import it into external reporting systems.
3. Time-Specific Analysis
The ability to filter data by time range ensures you focus only on the relevant performance metrics.
4. Compatibility
Convert legacy sar files into formats compatible with newer tools, ensuring no data gets left behind.
Practical Use Cases for sadf
Scenario 1: Monitoring System Performance
Export sar data to JSON and visualize it using tools like Grafana or Kibana.
sadf -j /var/log/sa/sa10 > performance_data.json
Scenario 2: Debugging System Issues
Filter data by time to analyze system activity during a specific event (e.g., a crash or slowdown).
sadf -s 12:00:00 -e 14:00:00 /var/log/sa/sa10
Scenario 3: Migrating Legacy Data
Convert old sar files to a modern format for long-term storage or analysis.
sadf -j -O JSON /var/log/sa/old_sar_file > converted_data.json
Reference
For more details about sadf and sar, visit: