I didn’t like the CPU input from the Splunk TA Nix app, so I created this small ingest from top. The script takes a snapshot of the top command, and looks directly at the header:
|
1 |
top -b -n 1 | sed -n '1,5p' |
and comes back with the first 5 lines of Top:
|
1 2 3 4 5 |
top - 15:20:55 up 26 days, 9:53, 1 user, load average: 0.89, 0.59, 0.48 Tasks: 125 total, 1 running, 124 sleeping, 0 stopped, 0 zombie Cpu(s): 3.5%us, 0.7%sy, 0.0%ni, 95.7%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st Mem: 8059752k total, 4138600k used, 3921152k free, 759256k buffers Swap: 2097148k total, 96532k used, 2000616k free, 2228520k cached |
and the following query pulls CPU load average data […]
