Feb 01 2018
- last edited on
Apr 07 2022
I am trying to build OMS log search query for High CPU utilisation with process name details. Tried and failed, due to no ideas about which values to use.
Example : The performance of the CPU is from 80% to 95% then alert should be generated with causing application name details(means .exe name).
For testing I have executed one exe application in one machine for high CPU and consumed around 80%, but not able to find exe name in the log table
How can I create this query with particular process utilisation range with application name?
Can anyone help me to get the exact query?
Feb 02 2018 11:27 AM
Feb 05 2018 01:59 AMSolution
Log Analytics supports adding any windows/linux performance counters. You could potentially add performance counter for specific process to monitor its CPU Usage. You can even add any process available to monitor its cpu usage by not specifying the instance, instead you will use "*" for the instance. Needless to say that this will create a lot of usage on your Log Analytics workspace and will not be cost effective at all. Second option which requires some work on you is to implement the following workflow:
1. You have alert for high CPU usage.
2. The alert kicks a runbook when it is triggered.
3. The runbook connects to the server in question with High CPU and finds out which process is with highest CPU and how much exactly.
4. You can use the ingestion API for Log Analytics to send the data into custom log.
Additionally you can create another alert based on that custom log that contains the computer, the process and the CPU usage for it.
Hope this helps.
Feb 05 2019 11:43 PM
No concrete example but the main workflow was explained. If you have some scripting skills it is not so hard to do.