Hello Trying to setup splunk alert where in list the java process consuming more than 80 % cpu and memory and trigger an alert. Below is the base script that created but not sure how to add condition. Please help.
top
host=xzy index=os java latest=now| top limit=5 COMMAND PID pctCPU pctMEM
Try this
host=xzy index=os java latest=now
| where (pctCPU>80 AND pctMEM>80)
| table COMMAND PID pctCPU pctMEM