Yes, that's what I want. When a sum of field value of any(traffic_in#xyz and traffic_out#xyz) at let's say 12:15 is greater than 30% of the same at 12:10, fire an alert and show all of those fields where this condition is satisfied.

I think part of your problem is that you are losing the reference to the "combination" field by doing your first timechart. 

You could try something like the following:

(Note: I have not tested this as I do not have access to your data)

eventtype=cacti:mirage host="onl-cacti-02" host_id=193 ldi IN("8835","8836","8837","8839","8840","8841","8846","8847","8848","8843","8844",)
| reverse
| eval combination=rrdn+"#"+name_cache
| streamstats current=t window=2 global=f range(_time) as deltaTime range(rrdv) AS rrd_value_delta by combination
| eval isTraffic = if(like(rrdn,"%traffic%"),1,0)
| eval kpi = if(isTraffic==1,rrd_value_delta*8/deltaTime,rrd_value_delta/deltaTime)
| bucket _time span=5m
| stats last(kpi) as last_kpi by combination _time
| sort combination _time
| streamstats current=t window=2 range(last_kpi) as last_kpi_diff by combination
| eval change_percent=(last_kpi/(last_kpi-last_kpi_diff))*100 
| where change_percent>30 AND last_kpi_diff!=0

It still didn't actually solve my problem. I need some formula that can accurately determine the percentage. 
E.g., if I have values like 2,10 and and so on and last_kpi_diff is 8, then change is abs(10/(10-8)*100)=500, that's ok.
But, if I have values like 10,2 and so on and last_kpi_diff is 8, then change is abs(2/(2-8)*100)=33,  which is not ok. Change should have been 20 here with abs(2/(2-(-8)))=20.

Need some functionality that can give the actual difference rather than absolute difference as given by range() function. I know there isn't any function that gives actual difference.

It might also be possible for you to get rid of the first streamstats and just construct the table you need using stats, and then doing the second streamstats (as you can see in my suggestion above) to get the difference in the values.