Q I need to keep track of how much bandwidth my servers are using. How can I log network traffic for all or selected interfaces?
A There are a number of programs that will monitor and display the traffic though each network interface, most of these use information culled from the /proc filesystem. The main differences between them are the way in which they display the statistics. For a simple overview, Vnstat is a good choice. Available from http://humdi.net/vnstat, and probably in your distro's package repositories too, Vnstat is normally run as an hourly Cron job, collecting statistics from /proc and adding them to its database. You can query this database at any time by running Vnstat from the command line. There are options to display the statistics by day, week or month as well as various other ways of tweaking the output.
If you need more than a simple ASCII report, you should try Traffic-vis, from www.mindrot.org/traffic-vis.html. This consists of a number of tools; the one that does most of the work is Traffic-collector, which should be running all the time. Traffic-collector collates information on the traffic passing through the specified network interfaces and saves this data to a file. This file is not meant to be read directly but passed to one of the other programs in the suite that process the traffic data and produce reports in HTML, PostScript, plain text and GIF formats. The HTML option is particularly interesting if you want to monitor a web server, as you could have a CGI script run Traffic-tohtml and give you on-demand traffic reports from a web browser.
There are other utility programs included that can process the data in other ways; for example, Traffic-exclude is a useful option if you have bandwidth limits or charges and want to know only how much traffic the interface passed over your more expensive connection while ignoring and traffic between, say, the web server and database server on the same network.