Help me with splunk query to monitor CPU and Memor...

cogh3o · ‎06-02-2025

Help me with splunk query to monitor CPU and Memory utilized by splunk adhoc and alert searches

yuanliu

@cogh3o As you are new to this forum, you may not know that "Splunk" is not a purpose made application. No one here knows what your data looks like. To ask an answerable question, follow these golden rules; nay, call them the four commandments:

Illustrate data input (in raw text, anonymize as needed), whether they are raw events or output from a search (SPL that volunteers here do not have to look at).
Illustrate the desired output from illustrated data.
Explain the logic between illustrated data and desired output without SPL.
If you also illustrate attempted SPL, illustrate actual output and compare with desired output, explain why they look different to you if that is not painfully obvious.

akkoem

Are you looking for general metrics/usage or metrics per search/alert ?

Help me with splunk query to monitor CPU and Memory utilized by splunk adhoc and alert searches

chart

field extraction

join

stats

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

Splunk Observability for AI

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

Are you a member of the Splunk Community?

Help me with splunk query to monitor CPU and Memory utilized by splunk adhoc and alert searches

chart

field extraction

join

stats

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

Splunk Observability for AI

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler