Splunk ITSI

Trying to setup splunk alert for high CPU and memory consuming process in java

ravir_jbp
Explorer

Hello Trying to setup splunk alert where in list the java process consuming more than 80 % cpu and memory and trigger an alert. Below is the base script that created but not sure how to add condition. Please help.

top

host=xzy index=os java latest=now| top limit=5 COMMAND PID pctCPU pctMEM

Labels (2)
Tags (1)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

Try this 

host=xzy index=os java latest=now
| where (pctCPU>80 AND pctMEM>80)
| table COMMAND PID pctCPU pctMEM
---
If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

New Dates, New City: Save the Date for .conf25!

Wake up, babe! New .conf25 dates AND location just dropped!! That's right, this year, .conf25 is taking place ...

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud  In today’s fast-paced digital ...

Observability protocols to know about

Observability protocols define the specifications or formats for collecting, encoding, transporting, and ...