Splunk query require if perc75(totalfilter) count ...

Monitoring Splunk

Hello All,

I need to alert when the perc75(totalfilter) value reached greater than 40000 within 10 mins or more. I am sharing my original query and now I am looking for the above condition to be append with the below query to trigger alert

index=clai_pd env=pd*cloud* perflog getprovider RASNewDispatch-Ext_RASDispatchDetailScreen-getProviderNext_act OR RASDispatchPage-RASDispatchPanelSet-RASDispatchCardPanel-getProvider_act
| timechart span=10m perc50(totalfilter), perc75(totalfilter) by count

Get Updates on the Splunk Community!

Fueling your curiosity with new Splunk ILT and eLearning courses

At Splunk Education, we’re driven by curiosity—both ours and yours! That’s why we’re committed to delivering ...

Splunk AI Assistant for SPL 1.1.0 | Now Personalized to Your Environment for Greater ...

Splunk AI Assistant for SPL has transformed how users interact with Splunk, making it easier than ever to ...

Unleash Unified Security and Observability with Splunk Cloud Platform

Now Available on Microsoft AzureOn Demand Now Step boldly into the AI revolution with enhanced security ...