I am logging memory utilization by process every 15 minutes which gives "x" number of memory data points where "x" is the number of running processes. For example, if there are 100 processes running on the server, I will end up with 100 values for memory utilization each being the amount of memory that is being used by each specific process. The sum of these values will equal the total amount of consumed memory in the server. The logging data is consumed by splunk as one CSV file delivered every 15 minutes by the Splunk Universal Forwarder.
I would like to get an average of the sum of these values over a given time frame. For example, searching over the past 8 hours would return one number - the average amount of consumed memory over that 8 hour period. I'm having a hard time figuring out how to make this work. I need to get the sum of consumed memory for each CSV file and then get an average of that sum - at least I think that is what I need to do.
... View more