I currently have a search query to calculate the maximum, average and median CPU usage of a server over the past 2 hours using NMON data models, which is in real-time.
| tstats `CPU_ALL(max)` from datamodel=NMON_Data_CPU where (nodename = CPU.CPU_ALL) (host=myhost) (CPU.frameID="*") (CPU.OStype="*") `No_Filter(CPU)` groupby _time, host prestats=true span=1m
| stats dedup_splitvals=t max("CPU.cpu_PCT") AS CPU.cpu_PCT by _time, host
| fields *
| sort +str(host)
| stats max("CPU.cpu_PCT") AS max, avg("CPU.cpu_PCT") AS avg, median("CPU.cpu_PCT") AS median by host
| eval max=round(max,2) | eval avg=round(avg,2)
| rename max as "Max (%)", avg as "Avg (%)", median as "Min (%)"
I would like to plot a timechart showing the values within the last 2 hours, where the values are the avg, max, median CPU usage within the past 2 hours relative to the timestamp.
i.e.
Assuming current time is 07:00, I would like my timechart to show the following values as a line chart:
avg, max, median CPU usage at 05:00 --> showing avg, max, median of CPU usage from 03:00 - 05:00
avg, max, median CPU usage at 05:01 --> showing avg, max, median of CPU usage from 03:01 - 05:01
avg, max, median CPU usage at 05:02 --> showing avg, max, median of CPU usage from 03:02 - 05:02
:
:
avg, max, median CPU usage at 06:59 --> showing avg, max, median of CPU usage from 04:59 - 06:59
avg, max, median CPU usage at 07:00 --> showing avg, max, median of CPU usage from 05:00 - 07:00
Are there ways to do that? Thanks in advance.
↧