Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

CPU Utilization

Saikat001
Explorer
‎06-23-2021 07:31 PM

value.PNG


I am trying to find out cpu utilization by process. value of Cpu utilization is coming as 100% and below, which is absolutely fine. but for the processes, it exceeding 100% value, i understand, its happening due to multiple cores configured. is there any way i can fetch it in (less than equal to 100 value).

Also i thought of dividing the values by cores (eg: 890/9  , 626/7). if i use "case" or "if" this will have multiple statements (for eg: process utilization till 4200).

Is there an easy way to perform this?

can i acheive it by integrating python script in alert, i know this can be done, but can someone help me with the process(unaware of integrating custom commands)?

process query i am running

index=perf_process object=Process instance!=_Total instance!=Idle
| fields _time host counter instance Value
| search counter="% Processor Time"
| stats avg(Value) as avg by instance host _time
| stats sum(avg) by _time host

@splunk

Labels (4)
0 Karma
Reply
Get Updates on the Splunk Community!

Join Us for Splunk University and Get Your Bootcamp Game On!

If you know, you know! Splunk University is the vibe this summer so register today for bootcamps galore ...

.conf24 | Learning Tracks for Security, Observability, Platform, and Developers!

.conf24 is taking place at The Venetian in Las Vegas from June 11 - 14. Continue reading to learn about the ...

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...