Monitoring Splunk
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

splunk monitor console forecasting when cpu or memory will reach 100%

vincenp2
New Member
‎03-15-2018 08:28 AM

I would like to be able to monitor cpu and memory usage, so that I can identify a trend for the increase in usage, and predict a time when full utilisation will occur

so for example I would like to be able to have a chart showing cpu usage gradually rising, with the line continuing into the future showing when 100% usage will be reached?

is this possible, and if so how? I have seen a demo where the predict command which might be a way forward?

thanks

0 Karma
Reply

damiensurat
Contributor
‎03-16-2018 07:53 PM

Are you gathering cpu utilization through events, scripts, logs or metric store? If you gave an example of the base search, it would help in understanding your metric fields and the how best to use predict in your scenario. You should also look at the x11 command as well.

0 Karma
Reply

hortonew
Builder
‎03-16-2018 03:54 PM

At a basic level, yes predict can be used:

<base search where metric=cpu and value is integer>| predict value

There are ways to tune predict with different algorithms: https://docs.splunk.com/Documentation/Splunk/7.0.2/SearchReference/Predict You can also take a look at the machine learning toolkit for some more advanced prediction: https://splunkbase.splunk.com/app/2890/

0 Karma
Reply
Get Updates on the Splunk Community!

Community Content Calendar, November Edition

Welcome to the November edition of our Community Spotlight! Each month, we dive into the Splunk Community to ...

October Community Champions: A Shoutout to Our Contributors!

As October comes to a close, we want to take a moment to celebrate the people who make the Splunk Community ...

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

What are Community Office Hours? Community Office Hours is an interactive 60-minute Zoom series where ...