March Special Sale Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 713PS592

SPLK-3002 Splunk IT Service Intelligence Certified Admin Exam Questions and Answers

Questions 4

Which of the following is a best practice for identifying the most effective services with which to start an iterative ITSI deployment?

Options:

A.

Only include KPIs if they will be used in multiple services.

B.

Analyze the business to determine the most critical services.

C.

Focus on low-level services.

D.

Define a large number of key services early.

Buy Now
Questions 5

Which views would help an analyst identify that a memory usage KPI is going critical? (select all that apply)

Options:

A.

Memory KPI in a glass table.

B.

Memory panel of the OS Host Details view in the Operating System module.

C.

Memory swim lane in a Deep Dive.

D.

Service & KPI tiles in the Service Analyzer.

Buy Now
Questions 6

In which index are active notable events stored?

Options:

A.

itsi_notable_archive

B.

itsi_notable_audit

C.

itsi_tracked_alerts

D.

itsi_tracked_groups

Buy Now
Questions 7

Which of the following is a good use case for creating a custom module?

Options:

A.

Modules are required to create entity and service import searches.

B.

Modules are required to be able to create custom visualizations for deep dives.

C.

Making it easy to migrate KPI base searches and related visualizations to other ITSI installations.

D.

Creating a service template to make it easy to automatically create new services during service and entity import.

Buy Now
Questions 8

What is the main purpose of the service analyzer?

Options:

A.

Display a list of All Services and Entities.

B.

Trigger external alerts based on threshold violations.

C.

Allow Analysts to add comments to Alerts.

D.

Monitor overall Service and KPI status.

Buy Now
Questions 9

Which of the following is a characteristic of notable event groups?

Options:

A.

Notable event groups combine independent notable events.

B.

Notable event groups are created in the itsi_tracked_alerts index.

C.

Notable event groups allow users to adjust threshold settings.

D.

All of the above.

Buy Now
Questions 10

Which of the following is a good use case regarding defining entities for a service?

Options:

A.

Automatically associate entities to services using multiple entity aliases.

B.

All of the entities have the same identifying field name.

C.

Being able to split a CPU usage KPI by host name.

D.

KPI total values are aggregated from multiple different category values in the source events.

Buy Now
Questions 11

ITSI Saved Search Scheduling is configured to use realtime_schedule = 0. Which statement is accurate about this configuration?

Options:

A.

If this value is set to 0, the scheduler bases its determination of the next scheduled search execution time on the current time.

B.

If this value is set to 0, the scheduler bases its determination of the next scheduled search on the last search execution time.

C.

If this value is set to 0, the scheduler may skip scheduled execution periods.

D.

If this value is set to 0, the scheduler might skip some execution periods to make sure that the scheduler is executing the searches running over the most recent time range.

Buy Now
Questions 12

Which of the following items describe ITSI Deep Dive capabilities? (Choose all that apply.)

Options:

A.

Comparing a service’s notable events over a time period.

B.

Visualizing one or more Service KPIs values by time.

C.

Examining and comparing alert levels for KPIs in a service over time.

D.

Comparing swim lane values for a slice of time.

Buy Now
Questions 13

Which of the following is a problem requiring correction in ITSI?

Options:

A.

Twoormore entitieswiththe same service ID.

B.

Twoormore entitieswiththe same entity ID.

C.

Twoormore entitieswiththe same value in a single alias field.

D.

Twoormore entitieswiththe same entity key value inanyinfo field.

Buy Now
Questions 14

What is the range for a normal Service Health score category?

Options:

A.

20-40

B.

40-60

C.

60-80

D.

80-100

Buy Now
Questions 15

Which of the following are characteristics of service templates? (select all that apply)

Options:

A.

Service templates can be modified after services are instantiated from it.

B.

Service templates contain KPIs and KPI thresholds.

C.

Service templates can contain specific or generic entity rules.

D.

Service templates contain domain specific dashboards and deep dives.

Buy Now
Questions 16

Which of the following is a good use case for a Multi-KPI alert?

Options:

A.

Alerting when the values of two or more KPIs go into maintenance mode.

B.

Alerting when the trend of two or more KPIs indicates service failure is imminent.

C.

Alerting when two or more KPIs are deviating from their typical pattern.

D.

Alerting when comparing the values of two or more KPIs indicates an unusual condition is occurring.

Buy Now
Questions 17

What is the minimum number of entities a KPI must be split by in order to use Entity Cohesion anomaly detection?

Options:

A.

3

B.

4

C.

5

D.

2

Buy Now
Questions 18

Which deep dive swim lane type does not require writing SPL?

Options:

A.

Event lane.

B.

Automatic lane.

C.

Metric lane.

D.

KPI lane.

Buy Now
Questions 19

For which ITSI function is it a best practice to use a 15-30 minute time buffer?

Options:

A.

Correlation searches.

B.

Adaptive thresholding.

C.

Maintenance windows

D.

Anomaly detection.

Buy Now
Questions 20

What effects does the KPI importance weight of 11 have on the overall health score of a service?

Options:

A.

At least 10% of the KPIs will go critical.

B.

Importance weight is unused for health scoring.

C.

The service will go critical.

D.

It is a minimum health indicator KPI.

Buy Now
Questions 21

Which of the following items describe ITSI Backup and Restore functionality? (Choose all that apply.)

Options:

A.

A pre-configured default ITSI backup job is provided that can be modified, but not deleted.

B.

ITSI backup is inclusive of KV Store, ITSI Configurations, and index dependencies.

C.

kvstore_to_json.py can be used in scripts or command line to backup ITSI for full or partial backups.

D.

ITSI backups are stored as a collection of JSON formatted files.

Buy Now
Questions 22

When deploying ITSI on a distributed Splunk installation, which component must be installed on the search head(s)?

Options:

A.

SA-ITOA

B.

ITSI app

C.

All ITSI components

D.

SA-ITSI-Licensechecker

Buy Now
Questions 23

Which index is used to store KPI values?

Options:

A.

itsi_summary_metrics

B.

itsi_metrics

C.

itsi_service_health

D.

itsi_summary

Buy Now
Questions 24

Anomaly detection can be enabled on which one of the following?

Options:

A.

KPI

B.

Multi-KPI alert

C.

Entity

D.

Service

Buy Now
Questions 25

In maintenance mode, which features of KPIs still function?

Options:

A.

KPI searches will execute but will be buffered until the maintenance window is over.

B.

KPI searches still run during maintenance mode, but results go to itsi_maintenance_summary index.

C.

New KPIs can be created, but existing KPIs are locked.

D.

KPI calculations and threshold settings can be modified.

Buy Now
Questions 26

Which of the following is part of setting up a new aggregation policy?

Options:

A.

Filtering criteria

B.

Policy version

C.

Review order

D.

Module rules

Buy Now
Questions 27

Which of the following services often has KPIs but no entities?

Options:

A.

Security Service.

B.

Network Service.

C.

Business Service.

D.

Technical Service.

Buy Now
Exam Code: SPLK-3002
Exam Name: Splunk IT Service Intelligence Certified Admin Exam
Last Update: Mar 25, 2024
Questions: 90

PDF + Testing Engine

$66.4  $165.99

Testing Engine

$46  $114.99
buy now SPLK-3002 testing engine

PDF (Q&A)

$42  $104.99
buy now SPLK-3002 pdf