Winter Special - 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4sdisc65

SPLK-3002 PDF

$38.5

$109.99

3 Months Free Update

  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions

SPLK-3002 PDF + Testing Engine

$61.6

$175.99

3 Months Free Update

  • Exam Name: Splunk IT Service Intelligence Certified Admin Exam
  • Last Update: Jan 16, 2025
  • Questions and Answers: 90
  • Free Real Questions Demo
  • Recommended by Industry Experts
  • Best Economical Package
  • Immediate Access

SPLK-3002 Engine

$46.2

$131.99

3 Months Free Update

  • Best Testing Engine
  • One Click installation
  • Recommended by Teachers
  • Easy to use
  • 3 Modes of Learning
  • State of Art Technology
  • 100% Real Questions included

SPLK-3002 Practice Exam Questions with Answers Splunk IT Service Intelligence Certified Admin Exam Certification

Question # 6

Anomaly detection can be enabled on which one of the following?

A.

KPI

B.

Multi-KPI alert

C.

Entity

D.

Service

Full Access
Question # 7

Which of the following is an advantage of using adaptive time thresholds?

A.

Automatically update thresholds daily to manage dynamic changes to KPI values.

B.

Automatically adjust KPI calculation to manage dynamic event data.

C.

Automatically adjust aggregation policy grouping to manage escalating severity.

D.

Automatically adjust correlation search thresholds to adjust sensitivity over time.

Full Access
Question # 8

In Episode Review, what is the result of clicking an episode’s Acknowledge button?

A.

Assign the current user as owner.

B.

Change status from New to Acknowledged.

C.

Change status from New to In Progress and assign the current user as owner.

D.

Change status from New to Acknowledged and assign the current user as owner.

Full Access
Question # 9

Which of the following items describe ITSI Deep Dive capabilities? (Choose all that apply.)

A.

Comparing a service’s notable events over a time period.

B.

Visualizing one or more Service KPIs values by time.

C.

Examining and comparing alert levels for KPIs in a service over time.

D.

Comparing swim lane values for a slice of time.

Full Access
Question # 10

What is the minimum number of entities a KPI must be split by in order to use Entity Cohesion anomaly detection?

A.

3

B.

4

C.

5

D.

2

Full Access
Question # 11

Which of the following are the default ports that must be configured on Splunk to use ITSI?

A.

SplunkWeb (8405), SplunkD (8519), and HTTP Collector (8628)

B.

SplunkWeb (8089), SplunkD (8088), and HTTP Collector (8000)

C.

SplunkWeb (8000), SplunkD (8089), and HTTP Collector (8088)

D.

SplunkWeb (8088), SplunkD (8089), and HTTP Collector (8000)

Full Access
Question # 12

Which of the following is a characteristic of notable event groups?

A.

Notable event groups combine independent notable events.

B.

Notable event groups are created in the itsi_tracked_alerts index.

C.

Notable event groups allow users to adjust threshold settings.

D.

All of the above.

Full Access
Question # 13

In maintenance mode, which features of KPIs still function?

A.

KPI searches will execute but will be buffered until the maintenance window is over.

B.

KPI searches still run during maintenance mode, but results go to itsi_maintenance_summary index.

C.

New KPIs can be created, but existing KPIs are locked.

D.

KPI calculations and threshold settings can be modified.

Full Access
Question # 14

Which of the following can generate notable events?

A.

Through ad-hoc search results which get processed by adaptive thresholds.

B.

When two entity aliases have a matching value.

C.

Through scheduled correlation searches which link to their respective services.

D.

Manually selected using the Notable Event Review panel.

Full Access
Question # 15

Which of the following is an advantage of an adaptive time threshold?

A.

Automatically alerting when KPI value patterns change over time.

B.

Automatically adjusting thresholds as normal KPI values change over time.

C.

Automatically adjusting to holiday schedules.

D.

Automatically predicting future degradation of KPI values over time.

Full Access
Question # 16

How do you automatically restrict a KPI to only the entities in its service, and generate KPI values for each entity?

A.

Select “Yes” for both “Split by Entity” and “Filter to Entities in Service”.

B.

Select “No” for “Split by Entity” and “Yes” for “Filter to Entities in Service”.

C.

Select “Yes” for “Split by Entity” and “No” for “Filter to Entities in Service”.

D.

Select “No” for both “Split by Entity” and “Filter to Entities in Service”.

Full Access
Question # 17

Which deep dive swim lane type does not require writing SPL?

A.

Event lane.

B.

Automatic lane.

C.

Metric lane.

D.

KPI lane.

Full Access
Question # 18

Which of the following is the best use case for configuring a Multi-KPI Alert?

A.

Comparing content between two notable events.

B.

Using machine learning to evaluate when data falls outside of an expected pattern.

C.

Comparing anomaly detection between two KPIs.

D.

Raising an alert when one or more KPIs indicate an outage is occurring.

Full Access
Question # 19

Which index will contain useful error messages when troubleshooting ITSI issues?

A.

_introspection

B.

_internal

C.

itsi_summary

D.

itsi_notable_audit

Full Access
Question # 20

When changing a service template, which of the following will be added to linked services by default?

A.

Thresholds.

B.

Entity Rules.

C.

New KPIs.

D.

Health score.

Full Access
Question # 21

Which of the following describes enabling smart mode for an aggregation policy?

A.

Configure –> Policies –> Smart Mode –> Enable, select “fields”, click “Save”

B.

Enable grouping in Notable Event Review, select “Smart Mode”, select “fields”, and click “Save”

C.

Edit the aggregation policy, enable smart mode, select fields to analyze, click “Save”

D.

Edit the notable event view, enable smart mode, select “fields”, and click “Save”

Full Access
Question # 22

When installing ITSI to support a Distributed Search Architecture, which of the following items apply? (Choose all that apply.)

A.

Copy SA-IndexCreation to all indexers.

B.

Copy SA-IndexCreation to the etc/apps directory on the index cluster master node.

C.

Extract installer package into etc/apps directory of the cluster deployer node.

D.

Extract ITSI app package into etc/apps directory of search head.

Full Access
Question # 23

Which of the following best describes a default deep dive?

A.

It initially shows the health scores for all services.

B.

It initially shows the highest importance KPIs.

C.

It initially shows all of the KPIs for a selected service.

D.

It initially shows all the entity swim lanes.

Full Access
Question # 24

When working with a notable event group in the Notable Events Review dashboard, which of the following can be set at the individual or group level?

A.

Service, status, owner.

B.

Severity, status, owner.

C.

Severity, comments, service.

D.

Severity, status, service.

Full Access
Question # 25

Which of the following is a best practice for identifying the most effective services with which to start an iterative ITSI deployment?

A.

Only include KPIs if they will be used in multiple services.

B.

Analyze the business to determine the most critical services.

C.

Focus on low-level services.

D.

Define a large number of key services early.

Full Access
Question # 26

Which of the following statements describe default glass tables in ITSI?

A.

The Service Health Score default glass table.

B.

There is one default glass table per service.

C.

There is one service template default glass table.

D.

There are no default glass tables.

Full Access
Question # 27

Which anomaly detection algorithm is included within ITSI?

A.

Entity cohesion

B.

Standard deviation

C.

Linear regression

D.

Infantile regression

Full Access