What are valid considerations when designing an ITSI Service? (Choose all that apply.)
A . Service access control requirements for ITSI Team Access should be considered, and appropriate teams provisioned prior to creating the ITSI Service.
B . Entities, entity meta-data, and entity rules should be planned carefully to support the service design and configuration.
C . Services, entities, and saved searches are stored in the ITSI app, while events created by KPI execution are stored in the itsi_summary index.
D . Backfill of a KPI should always be selected so historical data points can be used immediately and alerts based on that data can occur.
Answer: A, B, C
Explanation:
Reference: https://docs.splunk.com/Documentation/ITSI/4.10.2/Configure/ImplementPerms
A, B, and C are correct answers because service access control requirements for ITSI Team Access should be considered before creating the ITSI Service, as different teams may have different permissions and views of the service data. Entities, entity meta-data, and entity rules should also be planned carefully to support the service design and configuration, as they determine how ITSI maps data sources to services and KPIs. Services, entities, and saved searches are stored in the ITSI app, while events created by KPI execution are stored in the itsi_summary index for faster retrieval and analysis.
Reference: ITSI service design best practices, Overview of ITSI indexes
Latest SPLK-3002 Dumps Valid Version with 53 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund