Summer Special Sale - Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 575363r9

Welcome To DumpsPedia

SPLK-3002 Sample Questions Answers

Questions 4

When installing ITSI to support a Distributed Search Architecture, which of the following items apply? (Choose all that apply.)

Options:

A.

Copy SA-IndexCreation to all indexers.

B.

Copy SA-IndexCreation to the etc/apps directory on the index cluster master node.

C.

Extract installer package into etc/apps directory of the cluster deployer node.

D.

Extract ITSI app package into etc/apps directory of search head.

Buy Now
Questions 5

Which of the following items describe ITSI Deep Dive capabilities? (Choose all that apply.)

Options:

A.

Comparing a service’s notable events over a time period.

B.

Visualizing one or more Service KPIs values by time.

C.

Examining and comparing alert levels for KPIs in a service over time.

D.

Comparing swim lane values for a slice of time.

Buy Now
Questions 6

ITSI Saved Search Scheduling is configured to use realtime_schedule = 0. Which statement is accurate about this configuration?

Options:

A.

If this value is set to 0, the scheduler bases its determination of the next scheduled search execution time on the current time.

B.

If this value is set to 0, the scheduler bases its determination of the next scheduled search on the last search execution time.

C.

If this value is set to 0, the scheduler may skip scheduled execution periods.

D.

If this value is set to 0, the scheduler might skip some execution periods to make sure that the scheduler is executing the searches running over the most recent time range.

Buy Now
Questions 7

Where are KPI search results stored?

Options:

A.

The default index.

B.

KV Store.

C.

Output to a CSV lookup.

D.

The itsi_summary index.

Buy Now
Questions 8

What is the main purpose of the service analyzer?

Options:

A.

Display a list of All Services and Entities.

B.

Trigger external alerts based on threshold violations.

C.

Allow Analysts to add comments to Alerts.

D.

Monitor overall Service and KPI status.

Buy Now
Questions 9

Which of the following is an advantage of an adaptive time threshold?

Options:

A.

Automatically alerting when KPI value patterns change over time.

B.

Automatically adjusting thresholds as normal KPI values change over time.

C.

Automatically adjusting to holiday schedules.

D.

Automatically predicting future degradation of KPI values over time.

Buy Now
Questions 10

In Episode Review, what is the result of clicking an episode’s Acknowledge button?

Options:

A.

Assign the current user as owner.

B.

Change status from New to Acknowledged.

C.

Change status from New to In Progress and assign the current user as owner.

D.

Change status from New to Acknowledged and assign the current user as owner.

Buy Now
Questions 11

Which of the following is a good use case for a Multi-KPI alert?

Options:

A.

Alerting when the values of two or more KPIs go into maintenance mode.

B.

Alerting when the trend of two or more KPIs indicates service failure is imminent.

C.

Alerting when two or more KPIs are deviating from their typical pattern.

D.

Alerting when comparing the values of two or more KPIs indicates an unusual condition is occurring.

Buy Now
Questions 12

Which of the following is a characteristic of custom deep dives?

Options:

A.

Allows itoa_analyst roles to add comments.

B.

Requires at least 7 days' data to show anomalies.

C.

Combines metric, event, KPI, and service health score lanes.

D.

Uses drilldown to generate notable events via anomaly detection.

Buy Now
Questions 13

Which of the following are characteristics of ITSI service dependencies? (select all that apply)

Options:

A.

If a primary service has a dependent service KPI and the KPI's importance level is changed, the dependency is broken.

B.

It is best practice to use the dependent service's built-in 'ServiceHealthScore' KPI to reflect impact to the primary service.

C.

Setting the dependent service KPI importance level will be treated as any other KPI in the primary service's health score.

D.

Impactful dependent services should only be configured to one primary service to avoid false negatives in Multi KPI Alerts.

Buy Now
Questions 14

When in maintenance mode, which of the following is accurate?

Options:

A.

Once the window is over, KPIs and notable events will begin to be generated again.

B.

KPIs are shown in blue while in maintenance mode.

C.

Maintenance mode slots are scheduled on a per hour basis.

D.

Service health scores and KPI events are deleted until the window is over.

Buy Now
Questions 15

Which ITSI functions generate notable events? (Choose all that apply.)

Options:

A.

KPI threshold breaches.

B.

KPI anomaly detection.

C.

Multi-KPI alert.

D.

Correlation search.

Buy Now
Questions 16

There are two Smart Mode configuration settings that control how fields affect grouping. Which of these is correct?

Options:

A.

Text deviation and category deviation.

B.

Text similarity and category deviation.

C.

Text similarity and category similarity.

D.

Text deviation and category similarity.

Buy Now
Questions 17

Which of the following are the default ports that must be configured on Splunk to use ITSI?

Options:

A.

SplunkWeb (8405), SplunkD (8519), and HTTP Collector (8628)

B.

SplunkWeb (8089), SplunkD (8088), and HTTP Collector (8000)

C.

SplunkWeb (8000), SplunkD (8089), and HTTP Collector (8088)

D.

SplunkWeb (8088), SplunkD (8089), and HTTP Collector (8000)

Buy Now
Questions 18

Which of the following is a good use case regarding defining entities for a service?

Options:

A.

Automatically associate entities to services using multiple entity aliases.

B.

All of the entities have the same identifying field name.

C.

Being able to split a CPU usage KPI by host name.

D.

KPI total values are aggregated from multiple different category values in the source events.

Buy Now
Questions 19

Which of the following is a characteristic of base searches?

Options:

A.

Search expression, entity splitting rules, and thresholds are configured at the base search level.

B.

It is possible to filter to entities assigned to the service for calculating the metrics for the service’s KPIs.

C.

The fewer KPIs that share a common base search, the more efficiency a base search provides, and anomaly detection is more efficient.

D.

The base search will execute whether or not a KPI needs it.

Buy Now
Questions 20

Which of the following accurately describes base searches used for KPIs in a service?

Options:

A.

Base searches can be used for multiple services.

B.

A base search can only be used by its service and all dependent services.

C.

All the metrics in a base search are used by one service.

D.

All the KPIs in a service use the same base search.

Buy Now
Questions 21

Which of the following is a recommended best practice for ITSI installation?

Options:

A.

ITSI should not be installed on search heads that have Enterprise Security installed.

B.

Before installing ITSI, make sure the Common Information Model (CIM) is installed.

C.

Install the Machine Learning Toolkit app if anomaly detection must be configured.

D.

Install ITSI on one search head in a search head cluster and migrate the configuration bundle to other search heads.

Buy Now
Questions 22

When working with a notable event group in the Notable Events Review dashboard, which of the following can be set at the individual or group level?

Options:

A.

Service, status, owner.

B.

Severity, status, owner.

C.

Severity, comments, service.

D.

Severity, status, service.

Buy Now
Questions 23

What are valid considerations when designing an ITSI Service? (Choose all that apply.)

Options:

A.

Service access control requirements for ITSI Team Access should be considered, and appropriate teams provisioned prior to creating the ITSI Service.

B.

Entities, entity meta-data, and entity rules should be planned carefully to support the service design and configuration.

C.

Services, entities, and saved searches are stored in the ITSI app, while events created by KPI execution are stored in the itsi_summary index.

D.

Backfill of a KPI should always be selected so historical data points can be used immediately and alerts based on that data can occur.

Buy Now
Questions 24

For which ITSI function is it a best practice to use a 15-30 minute time buffer?

Options:

A.

Correlation searches.

B.

Adaptive thresholding.

C.

Maintenance windows

D.

Anomaly detection.

Buy Now
Questions 25

Which of the following services often has KPIs but no entities?

Options:

A.

Security Service.

B.

Network Service.

C.

Business Service.

D.

Technical Service.

Buy Now
Questions 26

Which of the following is a valid type of Multi-KPI Alert?

Options:

A.

Score over composite.

B.

Value over time.

C.

Status over time.

D.

Rise over run.

Buy Now
Questions 27

Which of the following is a recommended best practice for service and glass table design?

Options:

A.

Plan and implement services first, then build detailed glass tables.

B.

Always use the standard icons for glass table widgets to improve portability.

C.

Start with base searches, then services, and then glass tables.

D.

Design glass tables first to discover which KPIs are important.

Buy Now
Exam Code: SPLK-3002
Exam Name: Splunk IT Service Intelligence Certified Admin Exam
Last Update: Jun 17, 2024
Questions: 90
$64  $159.99
$48  $119.99
$40  $99.99
buy now SPLK-3002