I found a useful tool named sniffer to help us analyze network packages (this tool can capture packages on specific port)
I use sniffer to analyze mysql and redis packages (translate these packages to normal queries)
#./vc-redis-sniffer –help
vc-redis-sniffer is a utility from VividCortex to monitor query activity and write results to a file.
See --license for the terms governing your usage of this program.
-binding="[::]:6379" This is a list of comma separated bind strings as seen in /proc/net/tcp
-help="false" Show this usage message
-license="false" Print the usage terms of this program
-output="" Filepath to output queries to. Defaults to stdout if none specified.
-show-database="false" Include a 'USE `database`' for every statement. Supersedes show-database-changes.
-show-database-changes="false"
Include a 'USE `database`' every time the database is changed.
-verbose="false" Enable logging on program startup to stderr
-version="false" Show version and exit
Flag Current value
--------------------------------------------
-binding "[::]:6379"
-help "true"
-license "false"
-output ""
-show-database "false"
-show-database-changes "false"
-verbose "false"
-version "false"
Capture packages and gather logs
[root@a1-dba-test-242-13 /tmp/vc-redis-sniffer]
#./vc-redis-sniffer -binding=”[::]:6379″ -output=/tmp/redis.log
Analyze logs using pt-tools
[root@a1-dba-test-242-13 /tmp/vc-mysql-sniffer]
#pt-query-digest /tmp/redis.log
Also we can analyze mysql online queries ,do above steps to get result: