March Special Sale - Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 575363r9

Welcome To DumpsPedia

SPLK-3002 Sample Questions Answers

Questions 4

Which of the following actions can be performed with a deep dive?

Options:

A.

Create a Multi-KPI alert from the deep dive's current state to warn of similar situations in the future.

B.

Create a predictive analysis model from the deep dive to warn of future service degradation.

C.

Create an anomaly detection alert to show when the same pattern begins in the future.

D.

Create a custom service analyzer from selected deep dive lanes.

Buy Now
Questions 5

Which of the following describes entities? (Choose all that apply.)

Options:

A.

Entities must be IT devices, such as routers and switches, and must be identified by either IP value, host name, or mac address.

B.

An abstract (pseudo/logical) entity can be used to split by for a KPI, although no entity rules or filtering can be used to limit data to a specific service.

C.

Multiple entities can share the same alias value, but must have different role values.

D.

To automatically restrict the KPI to only the entities in a particular service, select “Filter to Entities in Service”.

Buy Now
Questions 6

Which of the following best describes a default deep dive?

Options:

A.

It initially shows the health scores for all services.

B.

It initially shows the highest importance KPIs.

C.

It initially shows all of the KPIs for a selected service.

D.

It initially shows all the entity swim lanes.

Buy Now
Questions 7

Anomaly detection can be enabled on which one of the following?

Options:

A.

KPI

B.

Multi-KPI alert

C.

Entity

D.

Service

Buy Now
Questions 8

Besides creating notable events, what are the default alert actions a correlation search can execute? (Choose all that apply.)

Options:

A.

Ping a host.

B.

Send email.

C.

Include in RSS feed.

D.

Run a script.

Buy Now
Questions 9

Which glass table feature can be used to toggle displaying KPI values from more than one service on a single widget?

Options:

A.

Service templates.

B.

Service dependencies.

C.

Ad-hoc search.

D.

Service swapping.

Buy Now
Questions 10

Which of the following describes default deep dives?

Options:

A.

Are manually generated and can be accessed via the Service Analyzer.

B.

Include all KPIs of all services.

C.

Are auto-generated and can be accessed via the Service Analyzer.

D.

Include health scores of all services.

Buy Now
Questions 11

Which of the following describes a realistic troubleshooting workflow in ITSI?

Options:

A.

Correlation Search –> Deep Dive –> Notable Event

B.

Service Analyzer –> Notable Event Review –> Deep Dive

C.

Service Analyzer –> Aggregation Policy –> Deep Dive

D.

Correlation search –> KPI –> Aggregation Policy

Buy Now
Questions 12

What is the main purpose of the service analyzer?

Options:

A.

Display a list of All Services and Entities.

B.

Trigger external alerts based on threshold violations.

C.

Allow Analysts to add comments to Alerts.

D.

Monitor overall Service and KPI status.

Buy Now
Questions 13

Which of the following accurately describes base searches used for KPIs in a service?

Options:

A.

Base searches can be used for multiple services.

B.

A base search can only be used by its service and all dependent services.

C.

All the metrics in a base search are used by one service.

D.

All the KPIs in a service use the same base search.

Buy Now
Questions 14

Which anomaly detection algorithm is included within ITSI?

Options:

A.

Entity cohesion

B.

Standard deviation

C.

Linear regression

D.

Infantile regression

Buy Now
Questions 15

When deploying ITSI on a distributed Splunk installation, which component must be installed on the search head(s)?

Options:

A.

SA-ITOA

B.

ITSI app

C.

All ITSI components

D.

SA-ITSI-Licensechecker

Buy Now
Questions 16

When a KPI's aggregate value is calculated, which function is called?

Options:

A.

stats

B.

tstats

C.

fieldsummary

D.

eval

Buy Now
Questions 17

To use Adaptive Threshholding, what is the minimum requirement for a set of KPI data?

Options:

A.

14 days old.

B.

7 days old.

C.

30 days old.

D.

10 days old.

Buy Now
Questions 18

ITSI Saved Search Scheduling is configured to use realtime_schedule = 0. Which statement is accurate about this configuration?

Options:

A.

If this value is set to 0, the scheduler bases its determination of the next scheduled search execution time on the current time.

B.

If this value is set to 0, the scheduler bases its determination of the next scheduled search on the last search execution time.

C.

If this value is set to 0, the scheduler may skip scheduled execution periods.

D.

If this value is set to 0, the scheduler might skip some execution periods to make sure that the scheduler is executing the searches running over the most recent time range.

Buy Now
Questions 19

There are two Smart Mode configuration settings that control how fields affect grouping. Which of these is correct?

Options:

A.

Text deviation and category deviation.

B.

Text similarity and category deviation.

C.

Text similarity and category similarity.

D.

Text deviation and category similarity.

Buy Now
Questions 20

Which of the following are the default ports that must be configured on Splunk to use ITSI?

Options:

A.

SplunkWeb (8405), SplunkD (8519), and HTTP Collector (8628)

B.

SplunkWeb (8089), SplunkD (8088), and HTTP Collector (8000)

C.

SplunkWeb (8000), SplunkD (8089), and HTTP Collector (8088)

D.

SplunkWeb (8088), SplunkD (8089), and HTTP Collector (8000)

Buy Now
Questions 21

Which of the following is a characteristic of notable event groups?

Options:

A.

Notable event groups combine independent notable events.

B.

Notable event groups are created in the itsi_tracked_alerts index.

C.

Notable event groups allow users to adjust threshold settings.

D.

All of the above.

Buy Now
Questions 22

Within a correlation search, dynamic field values can be specified with what syntax?

Options:

A.

fieldname

B.

C.

%fieldname%

D.

eval(fieldname)

Buy Now
Questions 23

How can admins manually control groupings of notable events?

Options:

A.

Correlation searches.

B.

Multi-KPI alerts.

C.

notable_event_grouping.conf

D.

Aggregation policies.

Buy Now
Questions 24

Which of the following items apply to anomaly detection? (Choose all that apply.)

Options:

A.

Use AD on KPIs that have an unestablished baseline of data points. This allows the ML pattern to perform it’s magic.

B.

A minimum of 24 hours of data is needed for anomaly detection, and a minimum of 4 entities for cohesive analysis.

C.

Anomaly detection automatically generates notable events when KPI data diverges from the pattern.

D.

There are 3 types of anomaly detection supported in ITSI: adhoc, trending, and cohesive.

Buy Now
Questions 25

Which index contains ITSI Episodes?

Options:

A.

itsi_tracked_alerts

B.

itsi_grouped_alerts

C.

itsi_notable_archive

D.

itsi_summary

Buy Now
Questions 26

Which of the following is a characteristic of custom deep dives?

Options:

A.

Allows itoa_analyst roles to add comments.

B.

Requires at least 7 days' data to show anomalies.

C.

Combines metric, event, KPI, and service health score lanes.

D.

Uses drilldown to generate notable events via anomaly detection.

Buy Now
Questions 27

Which views would help an analyst identify that a memory usage KPI is going critical? (select all that apply)

Options:

A.

Memory KPI in a glass table.

B.

Memory panel of the OS Host Details view in the Operating System module.

C.

Memory swim lane in a Deep Dive.

D.

Service & KPI tiles in the Service Analyzer.

Buy Now
Exam Code: SPLK-3002
Exam Name: Splunk IT Service Intelligence Certified Admin Exam
Last Update: Mar 23, 2024
Questions: 90
$64  $159.99
$48  $119.99
$40  $99.99
buy now SPLK-3002