Want to create a Splunk alert for Servers traffic distribution. I have 100's of different type servers in each data center (like app servers, db servers etc.). I can create a dashboard and splunk alert for specific set of servers.

But here I want to create this dashboard and splunk alert on basis of datacenter.

So how I can create this type of requirement ? 

Per host wise, below query I written for reference, But data center wise all hosts can i put it in one query and write ? 

index=* | where host like "ANCLOPR%" | bin span=5m _time | stats count BY _time host | eventstats sum(count) as total by _time | eval percent = count / total*100 | chart values(percent) by _time host usenull=f useother=f limit=100