How to make a dashboard of the last three month of...

chandankr · ‎12-12-2022

i want to make a dashboard of last 3 month of avg cpu load and max cpu load

For example:
dec= 320
dec=10
dec=40
dec=90
nov= 347
nov=150
nov=60
oct= 300
oct=320
and so on

for dec
320+10+40+90/31
same for nov and oct

So for that , need to calculate last 3 months count and last month count in same query.
Please suggest.

gcusello · ‎12-12-2022

Hi @chandankr,

let me understand do you want the montly or the daily avg?

then do you have a field called month or do you have a field for each month (es. dec, nov, oct)?

if the monthly and you have a field called month you should try something like this:

index=your_index
| stats avg(month) AS monthly_avg BY month

if you have a field name for each month (and it isn't an efficient solution) you have to use something like this:

index=your_index
| stats avg(eval(dec>0 OR nov>0 OR oct>0)) AS last_quarter_avg

if you want a daily average, you have to fix the month lenght

index=your_index
| stats sum(eval(dec>0)) AS dec sum(eval(nov>0)) AS nov sum(eval(oct>0)) AS oct
| eval avg_dec=dex/31, avg_nov=nov/30, avg_oct=oct/31
| table avg*

Ciao.

Giuseppe

How to make a dashboard of the last three month of avg cpu load?

stats

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

.conf24 | Personalize your .conf experience with Learning Paths!

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...