Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

how to find out the maximum CPU percentage the host reached for last one month

ksarode
Explorer
‎05-09-2018 03:42 AM

i want to find out the maximum CPU utilization reached by the server "xyz" in last one month

Tags (1)
0 Karma
Reply

xpac
SplunkTrust
SplunkTrust
‎05-09-2018 04:14 AM

You only provided little detail, so you'll have to adapt this to your data:

index=yourindex sourcetype=yoursourcetype
| timechart span=1mon max(yourfield) by host

Hope that helps - if it does I'd be happy if you would upvote/accept this answer, so others could profit from it. 🙂

0 Karma
Reply

FrankVl
Ultra Champion
‎05-09-2018 04:26 AM

Since he is looking for max in last month, a simple | stats max(yourfield) by host would do right (and then use the timepicker to run that over the desired timerange)?

Reply

xpac
SplunkTrust
SplunkTrust
‎05-09-2018 04:52 AM

Yeah, I thought it might be useful to have a comparison handy, but that might actually be enough 😉

0 Karma
Reply

xpac
SplunkTrust
SplunkTrust
‎05-09-2018 03:49 AM

Please add some details: Do you already have that data? Is it Windows, Linux.... like, basics. 😉

0 Karma
Reply

ksarode
Explorer
‎05-09-2018 03:54 AM

its an unix box and also these servers are getting monitored in splunk and also CPU,memory,disk is getting monitored to trigger an alert of it is crossing 70%

0 Karma
Reply

ksarode
Explorer
‎05-09-2018 03:55 AM

but here they want to see the maximum range host has reached in last month

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...