How to calculate the downtime duration that a Jbos...

Norling80 · ‎03-17-2015

Hi Guys.

We have a Jboss instance from which we index AccessLogs from, and we expect a fair amount of processes requests on this instance 24/7, I need to be able to calculate "downtime duration" based on the time when this instance does not process any requests, any ideas how to proceed?

dwaddle · ‎03-17-2015

Here's one way of approaching this. For a "fair amount of requests" we'll make an assumption that you should have at least one request per minute. So any minute that has 0 requests is a "down" minute. To compute the "downtime duration" we count the number of minutes with no requests.

sourcetype = access_combined 
| bucket span=1m _time 
| stats count as requests_per_minute by _time 
| where requests_per_minute  = 0 
| stats count as downtime_duration

Norling80 · ‎03-25-2015

Thanks a lot 🙂

Norling80 · ‎04-10-2015

Hey, I just bumped into some problem when with the search you helped out with before. the where requests_per_minute = 0 does not work as expected, I think it´s because if the count is 0 it does not return any result, however if i do where requests_per_minute = 1 it find every single minute where the count is 1.

I changed it to where requests_per_minute < 10 and it founds every minute that has less then 10 events... except for the minutes that have a count = 0.

any ideas how to solve this? The most optimal would be if I could specify a

How to calculate the downtime duration that a Jboss instance does not process any requests?

Introducing the 2024 SplunkTrust!

Introducing the 2024 Splunk MVPs!

Splunk Custom Visualizations App End of Life