Hello Splunk Experts,
I have an issue with measuring the CPU load in a Linux box.
With the below query, I am getting a high CPU usage when there were no activities running on Linux Server.
Actually, the server status is pretty much an Idea most of the time and it is being used as a backup server.
cpu_load = 100 - PercentIdleTime;
eval cpu_load = 100 - PercentIdleTime | stats avg(cpu_load) as "CPUUsage" by host | eval "CPUUsage"=round('CPUUsage', 2) | where CPUUsage>90
Hi, @4uramana4u
Can you write your Linux machine parameters?
Maybe the answer in your question is here:
Splunk hardware requirements
The following are the minimum and recommended hardware requirements for running Splunk Light.
Platform : Non-Windows platforms
Minimum supported hardware: 1x1.4 GHz CPU, 1 GB RAM
Recommended hardware : 2x six-core, 2+ GHz CPU, 12 GB RAM, Redundant Array of Independent Disks (RAID) 0 or 1+0, with a 64 bit OS installed.