Imagine you are collecting data from cpu, memory and disk, using a NIX TA (sourcetype=cpu, for example) and logs from Oracle Database (alert.log). All Oracle Database's processes, at the database level, are registered on alert.log. A redo log rotation will generate a kind of spike on consume of cpu, memory and/or disk. I ask you, how to group those events in a correlation and provide answers kind of "the Oracle's log rotation is consuming X% of CPU"? Any clue?
↧