High CPU Utilization Alert Query

High CPU Utilization Alert Query


Query
WITH cpu_incremental AS

(

 SELECT

      upt_asset_id, upt_hostname, upt_time, 

      cpu_idle -  LAG(cpu_idle) OVER (PARTITION BY upt_asset_id ORDER BY upt_time) AS cpu_idle,  

      cpu_total - LAG(cpu_total) OVER (PARTITION BY upt_asset_id ORDER BY upt_time) AS cpu_total

    FROM upt_metrics u

    WHERE u.cpu_idle is not NULL AND

    u.upt_time >= (localtimestamp - INTERVAL '1' hour) AND u.upt_time < localtimestamp ),

cpu_percent AS

( 

  SELECT upt_asset_id, upt_time, upt_hostname, percnt_busy, max(percnt_busy) OVER (partition by upt_asset_id) as max_percnt

FROM (

  SELECT upt_asset_id, upt_time, upt_hostname,

     CAST(((cpu_total - cpu_idle)*100) AS DOUBLE)/CAST(cpu_total AS DOUBLE) as percnt_busy

   FROM cpu_incremental) WHERE percnt_busy >= 75

) 

SELECT 

    'high' as severity,

    'High CPU Utilization' as description,

    upt_asset_id as asset,

    max(upt_time) as time,

    'asset_id' as key,

    upt_hostname as value,

    max(percnt_busy) AS percnt_busy

FROM cpu_percent

WHERE percnt_busy=max_percnt

GROUP BY upt_asset_id, upt_hostname;


    • Related Articles

    • Query to find the Average CPU Load for the last 1 Hr.

      Query SELECT upt_asset_id, Avg((100 - (Cast(cpu_idle AS DOUBLE)/Cast(cpu_total AS DOUBLE))*100)) AS avg_busy_percent , Avg((Cast(cpu_idle AS DOUBLE)/Cast(cpu_total AS DOUBLE))*100) AS idle_percent FROM upt_metrics WHERE upt_time >= localtimestamp - ...

    • Windows Disk Usage query

      The article includes query to fetch the Windows Disk usage: Query SELCET DISTINCT                 upt_hostname,                 upt_time,                 device_id,                 size,                 free_space,                 size - free_space ...

    • Query to find Processes Running

      Processes running between certain times Query SELECT * FROM windowed_processes p WHERE p.upt_add_time >= <TIMESTAMP> AND p.upt_add_time <= <TIMESTAMP>; Example All processes running between 2018-07-18 2:00 to 2018-08-18 3:00 SELECT * FROM ...

    • Disk Usage Query (Linux and Darwin)

      This article includes the query used to find out the disk usage of a mount point for a particular host: Query SELECT m.upt_asset_id,  m.upt_time,  m.path,  Round(( ( m.blocks - m.blocks_available ) * m.blocks_size * 10e-10 ), 2)  AS  used_gigs  FROM ...

    • Query to find the Process Tree

      Query WITH pstree AS (SELECT 0 AS LEVEL, pid, name, parent, Cast(pid AS TEXT) AS ppid, name AS pparent FROM processes WHERE parent = 0 UNION ALL SELECT LEVEL + 1, t.pid, t.name, t.parent, pstree.ppid || ', ' || Cast(t.pid AS TEXT), pstree.pparent || ...