How can I combine CPU Usage and Memory Usage stati...

u2s1e0n2 · ‎02-27-2018

I need help combining the CPU usage & memory Usage statistics to render as one visualization. The command below was gotten from my Distributed Management Console(DMC).

dmc_set_index_introspection search_group=* search_group="*" sourcetype=splunk_resource_usage component=Hostwide
| eval pct_mem_usage = 'data.mem_used' / 'data.mem' * 100 
| eval server = host 
| dmc_set_bin
| stats latest(pct_mem_usage) as dedup_pct_mem_usage by server _time 
| dmc_timechart Avg(dedup_pct_mem_usage) as pct_mem_usage

dmc_set_index_introspection search_group=* search_group="*" sourcetype=splunk_resource_usage component=Hostwide
| eval total_cpu_usage = ('data.cpu_system_pct' + 'data.cpu_user_pct')
| eval server = host
| dmc_set_bin
| stats latest(total_cpu_usage) as dedup_total_cpu_usage by server _time
| dmc_timechart Avg(dedup_total_cpu_usage) as cpu_usage

skoelpin · ‎02-27-2018

Try this.. You can than format the chart so you can overlay the memory over the CPU

dmc_set_index_introspection search_group= search_group="" sourcetype=splunk_resource_usage component=Hostwide
| eval pct_mem_usage = 'data.mem_used' / 'data.mem' * 100 
| eval total_cpu_usage = ('data.cpu_system_pct' + 'data.cpu_user_pct')
| eval server = host 
| dmc_set_bin
| stats latest(pct_mem_usage) as dedup_pct_mem_usage latest(total_cpu_usage) as dedup_total_cpu_usage by server _time 
| dmc_timechart Avg(dedup_pct_mem_usage) as pct_mem_usage Avg(dedup_total_cpu_usage) as cpu_usage

How can I combine CPU Usage and Memory Usage statistics into one Visualization?

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics!

New in Observability Cloud - Explicit Bucket Histograms