Splunk® App for Infrastructure (Legacy)

Use Splunk App for Infrastructure

On August 22, 2022, the Splunk App Infrastructure will reach its end of life and Splunk will no longer maintain or develop this product.

Monitor CPU resource utilization using Splunk App for Infrastructure

You can create an alert to notify you when your CPU.system is running at a high level. For example, you can create an alert for when a server is running at 100% of CPU.system utilization. This could be affecting the performance of server, and degrading application delivery and user experience.

Problem: Too many duplicated processes and threads are running at the same time, due to a bug in a patch that was deployed. The server is running at 100% of CPU.system utilization.

Resolution: Set up an alert to issue a warning when the average CPU.system utilization is greater than 89 percent.

Admin privileges required to configure and manage alerts.

Steps

Step 1: Investigate the entity for which you want to set an alert

  1. Click the Investigate tab to display a list of your entities.
  2. Click the entity for which you want to set an alert and drilldown to the Analysis Workspace

Step 2: Select the metric to set the alert

  1. On the Analysis Workspace, click the Metrics tab.
  2. Select cpu > system. A new chart displays.

Step 3: Save the chart as an alert

  1. In the chart, click the ... and select Create Alert. This launches the Create Alert dialog.

Step 4: Configure the alert

  1. Name: The alert is automatically given an alert name. Change the name if desired, following the character requirements.
  2. Entity title: The entity or group name is displayed.
  3. Metric: The type of metric selected for the chart, along with data analysis information.
  4. Trigger Actions: Enter a critical threshold for a value greater than 89. You can click + Add New Threshold to add a lower warning threshold.
  5. Click + Alert Notification to configure notifications for the alert.
    1. Notify if: Select to notify a recipient if the alert severity improves, degrades, or either.
    2. via: Select the method to receive an alert.
    3. Depending on the alert method, enter the email address or webhook that will receive any notifications for the alert.
  6. Click Submit.

Step 5: Display alerts as a chart in the Analysis Workspace

  1. Click the Alerts tab to display the created alert.
  2. Click the alert from the list to display the alert as a chart. This allows you to monitor the alert in the main panel view. When an alert triggers, the icon and chart displays the alert color, and alert details display in the right Analysis panel.

Step 6: View triggered alerts from the Alerts List View

You can view your most recent triggered alerts from the Alerts List View.

  1. Click Alerts in the menu bar at the top of the user interface.
  2. Click an entity or group to view more details about the alert in the right slide-out panel. The following screen shows akron.usa.com

Summary

You now have an alert that will notify you by email if your entity's cpu.system reaches 89% or more.

Last modified on 08 July, 2020
Monitor CPU usage using Splunk App for Infrastructure   Using the Infrastructure Overview in Splunk App for Infrastructure

This documentation applies to the following versions of Splunk® App for Infrastructure (Legacy): 1.3.0, 1.3.1, 1.4.0, 1.4.1, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.1.0, 2.1.1 Cloud only, 2.2.0 Cloud only, 2.2.1, 2.2.3 Cloud only, 2.2.4, 2.2.5

Acrobat logo Download manual
Acrobat logo Download this page

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters