Splunk SPLK-3002 Splunk IT Service Intelligence Certified Admin Exam Online Training
Splunk SPLK-3002 Online Training
The questions for SPLK-3002 were last updated at Nov 19,2024.
- Exam Code: SPLK-3002
- Exam Name: Splunk IT Service Intelligence Certified Admin Exam
- Certification Provider: Splunk
- Latest update: Nov 19,2024
Which of the following is the best use case for configuring a Multi-KPI Alert?
- A . Comparing content between two notable events.
- B . Using machine learning to evaluate when data falls outside of an expected pattern.
- C . Comparing anomaly detection between two KPIs.
- D . Raising an alert when one or more KPIs indicate an outage is occurring.
In distributed search, which components need to be installed on instances other than the search head?
- A . SA-IndexCreation and SA-ITSI-Licensechecker on indexers.
- B . SA-IndexCreation and SA-ITOA on indexers; SA-ITSI-Licensechecker and SA-UserAccess on the license master.
- C . SA-IndexCreation on idexers; SA-ITSI-Licensechecker and SA-UserAccess on the license master.
- D . SA-ITSI-Licensechecker on indexers.
When deploying ITSI on a distributed Splunk installation, which component must be installed on the search head(s)?
- A . SA-ITOA
- B . ITSI app
- C . All ITSI components
- D . SA-ITSI-Licensechecker
Which of the following describes entities? (Choose all that apply.)
- A . Entities must be IT devices, such as routers and switches, and must be identified by either IP value, host name, or mac address.
- B . An abstract (pseudo/logical) entity can be used to split by for a KPI, although no entity rules or filtering can be used to limit data to a specific service.
- C . Multiple entities can share the same alias value, but must have different role values.
- D . To automatically restrict the KPI to only the entities in a particular service, select “Filter to Entities in Service”.
Which of the following describes a realistic troubleshooting workflow in ITSI?
- A . Correlation Search C> Deep Dive C> Notable Event
- B . Service Analyzer C> Notable Event Review C> Deep Dive
- C . Service Analyzer C> Aggregation Policy C> Deep Dive
- D . Correlation search C> KPI C> Aggregation Policy
Which of the following accurately describes base searches used for KPIs in a service?
- A . Base searches can be used for multiple services.
- B . A base search can only be used by its service and all dependent services.
- C . All the metrics in a base search are used by one service.
- D . All the KPIs in a service use the same base search.
Which scenario would benefit most by implementing ITSI?
- A . Monitoring of business services functionality.
- B . Monitoring of system hardware.
- C . Monitoring of system process statuses
- D . Monitoring of retail sales metrics.
ITSI Saved Search Scheduling is configured to use realtime_schedule = 0.
Which statement is accurate about this configuration?
- A . If this value is set to 0, the scheduler bases its determination of the next scheduled search execution time on the current time.
- B . If this value is set to 0, the scheduler bases its determination of the next scheduled search on the last search execution time.
- C . If this value is set to 0, the scheduler may skip scheduled execution periods.
- D . If this value is set to 0, the scheduler might skip some execution periods to make sure that the scheduler is executing the searches running over the most recent time range.
What effects does the KPI importance weight of 11 have on the overall health score of a service?
- A . At least 10% of the KPIs will go critical.
- B . Importance weight is unused for health scoring.
- C . The service will go critical.
- D . It is a minimum health indicator KPI.
Which of the following is an advantage of using adaptive time thresholds?
- A . Automatically update thresholds daily to manage dynamic changes to KPI values.
- B . Automatically adjust KPI calculation to manage dynamic event data.
- C . Automatically adjust aggregation policy grouping to manage escalating severity.
- D . Automatically adjust correlation search thresholds to adjust sensitivity over time.
Latest SPLK-3002 Dumps Valid Version with 53 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
