Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to graph the memory usage of a particular process?

egrignon
Explorer
‎05-18-2011 11:36 AM

I m trying to find out the search query to use in order to graph on a timeline the memory usage of a particular process or group of processes.

For example, I would like to graph splunkd memory usage over time on a particular set of server(s)

host="util-web*" source="ps" | multikv fields COMMAND filter splunkd | timechart ...

I don't know how to tell timechart that I want to sum one the ps memory column per host.

Thank you in advance for your help,

Tags (2)
0 Karma
Reply

Simeon
Splunk Employee
Splunk Employee
‎05-18-2011 11:48 AM

It sounds like you need to break apart the event into multiple events by using 'mvexpand':

http://www.splunk.com/base/Documentation/latest/SearchReference/Mvexpand

0 Karma
Reply
State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!