I am trying to trigger an alert based on a value that is in a column. Below is the search I am running
|`node_details(SERVER NAME)` | search Node_ID="Node3" (stats.key="node.cpu.sys.max" OR stats.key="node.cpu.user.max") | eval usage_by = case('stats.key'="node.cpu.user.max", "User", 'stats.key'="node.cpu.sys.max", "System") | eval stats.value = round(('stats.value'/10),1)| timechart span=5m avg(stats.value) by usage_by
basically I want to alert anytime the System is greater than X.
I have tried using customer alert condition and have added where System > 4
but that has not helped. Can someone recommend a solution please?
Thanks
![alt text][1]
[1]: /storage/temp/254918-usage.jpg
↧