For Linux system administrators, you must understand the ps aux command. If you want to be a Linux system administrator,
or you are a Linux user, you should understand this The command
ps is the abbreviation of process status. Anyone can find out what kind of program is running on the system and how the status is executed through this command.
Seeing some programs that should not appear, the system may be invaded and used to mine 🥹

The following is the schematic screen of my Synology NAS running ps aux

root     32617  0.0  0.0 622580 15148 ?        Sl    2022   1:55 synoccc_had
devin    32650  0.0  0.0      0     0 ?        Z    00:32   0:00 [sshd] <defunct>
devin    32651  0.0  0.0      0     0 ?        Zs   00:32   0:00 [sftp-server] <defunct>
root     24567  0.0  0.0 208784  5360 ?        S    12:33   0:00 sshd: devin@pts/1
devin    24568  0.0  0.0  26592  4352 pts/1    Ss+  12:33   0:00 -sh
root     19003  0.0  0.0   5552  2560 ?        SLs  Jan05   0:00 /bin/vmtouch -l /usr/syno/bin/synoschedtask /usr/syno/bin/synoschedtool /usr/syno/bin/s
root     29468  0.2  0.1 786436 56680 ?        Ssl   2022  35:16 /var/packages/Virtualization/target/bin/synocccd
Synolog+ 24662  0.0  0.0  23712  5772 ?        Ss    2022   1:43 /var/packages/SynologyApplicationService/target/daemon/pgbouncer -q /var/packages/Synol
root     25856  0.0  0.0 402676 16932 ?        SNs   2022   0:00 /var/packages/VideoStation/target/sbin/synovideoindexd
root     25869  0.0  0.0 701852 13204 ?        Ssl   2022   2:25 /var/packages/VideoStation/target/sbin/synovpcd
root     25891  0.0  0.0 318144 14212 ?        SNs   2022   0:00 /var/packages/VideoStation/target/sbin/synovideoconversiond
vmcomm   29515  0.0  0.0  37156   392 ?        Ss    2022   3:40 /var/packages/Virtualization/target/bin/synohostsvcd
root     29611  0.0  0.2 436700 76716 ?        S<Ls  2022   6:43 /var/packages/Virtualization/target/bin/synohostcmdd

This article is my research on the relevant information about ps status and provides it for reference by those who need it:

S    interruptible sleep (waiting for an event to complete)
  ;     S interruptible sleep (wait for event to complete)

D    uninterruptible sleep (usually IO)
       D uninterruptible sleep (usually IO)

+    is in the foreground process group
      + in the foreground process group

complete process Status code, found in the man page
PROCESS STATE CODES
      Here are the different values ​​that the s, stat and state output specifiers (header "STAT" or " S") will display to describe the state of a process:

              D    uninterruptible sleep (usually IO)
                  I    Idle kernel thread
     
              S    interruptible sleep (waiting for an event to complete)
              T    stopped by job control signal
      ;stopped by debugger during the tracing
              W    paging (not valid since the 2.6.       X     dead (should never be seen)
              Z   but not reaped by its parent

      For BSD formats and when the stat keyword is used, additional characters may be displayed:

              <     high-priority (not nice to other users)
            to other users)
              L    has pages locked into memory (for real-time and custom IO)
              s    is a session leader
      ;is multi-threaded (using CLONE_THREAD, like NPTL pthreads do)
              +   br>