Winter Special Discount 60% Offer - Ends in 0d 00h 00m 00s - Coupon code: brite60

ExamsBrite Dumps

Splunk IT Service Intelligence Certified Admin Exam Question and Answers

Splunk IT Service Intelligence Certified Admin Exam

Last Update Dec 14, 2024
Total Questions : 90

We are offering FREE SPLK-3002 Splunk exam questions. All you do is to just go and sign up. Give your details, prepare SPLK-3002 free exam questions and then go for complete pool of Splunk IT Service Intelligence Certified Admin Exam test questions that will help you more.

SPLK-3002 pdf

SPLK-3002 PDF

$42  $104.99
SPLK-3002 Engine

SPLK-3002 Testing Engine

$50  $124.99
SPLK-3002 PDF + Engine

SPLK-3002 PDF + Testing Engine

$66  $164.99
Questions 1

Which of the following is a characteristic of notable event groups?

Options:

A.  

Notable event groups combine independent notable events.

B.  

Notable event groups are created in the itsi_tracked_alerts index.

C.  

Notable event groups allow users to adjust threshold settings.

D.  

All of the above.

Discussion 0
Questions 2

Which of the following are characteristics of service templates? (select all that apply)

Options:

A.  

Service templates can be modified after services are instantiated from it.

B.  

Service templates contain KPIs and KPI thresholds.

C.  

Service templates can contain specific or generic entity rules.

D.  

Service templates contain domain specific dashboards and deep dives.

Discussion 0
Questions 3

Which capabilities are enabled through “teams”?

Options:

A.  

Teams allow searches against the itsi_summary index.

B.  

Teams restrict notable event alert actions.

C.  

Teams restrict searches against the itsi_notable_audit index.

D.  

Teams allow restrictions to service content in UI views.

Discussion 0
Questions 4

In maintenance mode, which features of KPIs still function?

Options:

A.  

KPI searches will execute but will be buffered until the maintenance window is over.

B.  

KPI searches still run during maintenance mode, but results go to itsi_maintenance_summary index.

C.  

New KPIs can be created, but existing KPIs are locked.

D.  

KPI calculations and threshold settings can be modified.

Discussion 0
Questions 5

Where are KPI search results stored?

Options:

A.  

The default index.

B.  

KV Store.

C.  

Output to a CSV lookup.

D.  

The itsi_summary index.

Discussion 0
Questions 6

Which of the following is a valid type of Multi-KPI Alert?

Options:

A.  

Score over composite.

B.  

Value over time.

C.  

Status over time.

D.  

Rise over run.

Discussion 0
Questions 7

Which of the following items describe ITSI Backup and Restore functionality? (Choose all that apply.)

Options:

A.  

A pre-configured default ITSI backup job is provided that can be modified, but not deleted.

B.  

ITSI backup is inclusive of KV Store, ITSI Configurations, and index dependencies.

C.  

kvstore_to_json.py can be used in scripts or command line to backup ITSI for full or partial backups.

D.  

ITSI backups are stored as a collection of JSON formatted files.

Discussion 0
Questions 8

Which of the following is part of setting up a new aggregation policy?

Options:

A.  

Filtering criteria

B.  

Policy version

C.  

Review order

D.  

Module rules

Discussion 0
Questions 9

Which of the following applies when configuring time policies for KPI thresholds?

Options:

A.  

A person can only configure 24 policies, one for each hour of the day.

B.  

They are great if you expect normal behavior at 1:00 to be different than normal behavior at 5:00

C.  

If a person expects a KPI to change significantly through a cycle on a daily basis, don’t use it.

D.  

It is possible for multiple time policies to overlap.

Discussion 0
Questions 10

There are two departments using ITSI. Finance and Sales. Analysts in each department should not be allowed to see each other’s services. What are the role configuration steps required to accomplish this?

Options:

A.  

itoa_finance_admin, inherited from itoa_admin; itoa_sales_admin, inherited from itoa_team_admin; itoa_finance_analyst, inherited from itoa_analyst; itoa_sales_analyst, inherited from itoa_analyst.

B.  

itoa_finance_admin, inherited from itoa_admin; itoa_sales_admin, inherited from itoa_team_admin; itoa_finance_analyst, inherited from itoa_team_analyst; itoa_sales_analyst, inherited from itoa_team_analyst.

C.  

itoa_finance_admin, inherited from itoa_admin; itoa_sales_admin, inherited from itoa_team_admin; itoa_finance_analyst, inherited from itoa_analyst; itoa_sales_analyst, inherited from itoa_team_analyst.

D.  

itoa_finance_admin, inherited from itoa_team_admin; itoa_sales_admin, inherited from itoa_team_admin; itoa_finance_analyst, inherited from itoa_analyst; itoa_sales_analyst, inherited from itoa_analyst.

Discussion 0
Questions 11

When working with a notable event group in the Notable Events Review dashboard, which of the following can be set at the individual or group level?

Options:

A.  

Service, status, owner.

B.  

Severity, status, owner.

C.  

Severity, comments, service.

D.  

Severity, status, service.

Discussion 0
Questions 12

Which glass table feature can be used to toggle displaying KPI values from more than one service on a single widget?

Options:

A.  

Service templates.

B.  

Service dependencies.

C.  

Ad-hoc search.

D.  

Service swapping.

Discussion 0
Questions 13

What are valid considerations when designing an ITSI Service? (Choose all that apply.)

Options:

A.  

Service access control requirements for ITSI Team Access should be considered, and appropriate teams provisioned prior to creating the ITSI Service.

B.  

Entities, entity meta-data, and entity rules should be planned carefully to support the service design and configuration.

C.  

Services, entities, and saved searches are stored in the ITSI app, while events created by KPI execution are stored in the itsi_summary index.

D.  

Backfill of a KPI should always be selected so historical data points can be used immediately and alerts based on that data can occur.

Discussion 0
Questions 14

Which ITSI functions generate notable events? (Choose all that apply.)

Options:

A.  

KPI threshold breaches.

B.  

KPI anomaly detection.

C.  

Multi-KPI alert.

D.  

Correlation search.

Discussion 0
Questions 15

Which of the following describes default deep dives?

Options:

A.  

Are manually generated and can be accessed via the Service Analyzer.

B.  

Include all KPIs of all services.

C.  

Are auto-generated and can be accessed via the Service Analyzer.

D.  

Include health scores of all services.

Discussion 0
Questions 16

Within a correlation search, dynamic field values can be specified with what syntax?

Options:

A.  

fieldname

B.  

C.  

%fieldname%

D.  

eval(fieldname)

Discussion 0
Questions 17

Which of the following items describe ITSI teams? (select all that apply)

Options:

A.  

Teams should have itoa admin roles added with read-only permissions for services and entities.

B.  

Services should be assigned to the 'global' team if all users need access to it.

C.  

By default, all services are owned by the built-in 'global' team and administered by the 'itoa_admin' role.

D.  

A new team admin role should be created for each team. The new role should inherit the 'itoa_team_admin' role.

Discussion 0
Questions 18

Which of the following are the default ports that must be configured on Splunk to use ITSI?

Options:

A.  

SplunkWeb (8405), SplunkD (8519), and HTTP Collector (8628)

B.  

SplunkWeb (8089), SplunkD (8088), and HTTP Collector (8000)

C.  

SplunkWeb (8000), SplunkD (8089), and HTTP Collector (8088)

D.  

SplunkWeb (8088), SplunkD (8089), and HTTP Collector (8000)

Discussion 0
Questions 19

Which of the following is a problem requiring correction in ITSI?

Options:

A.  

Twoormore entitieswiththe same service ID.

B.  

Twoormore entitieswiththe same entity ID.

C.  

Twoormore entitieswiththe same value in a single alias field.

D.  

Twoormore entitieswiththe same entity key value inanyinfo field.

Discussion 0
Questions 20

Which of the following describes a way to delete multiple duplicate entities in ITSI?

Options:

A.  

Via c CSV upload.

B.  

Via the entity lister page.

C.  

Via a search using the | deleteentity command.

D.  

All of the above.

Discussion 0
Questions 21

Which deep dive swim lane type does not require writing SPL?

Options:

A.  

Event lane.

B.  

Automatic lane.

C.  

Metric lane.

D.  

KPI lane.

Discussion 0
Questions 22

Which of the following items apply to anomaly detection? (Choose all that apply.)

Options:

A.  

Use AD on KPIs that have an unestablished baseline of data points. This allows the ML pattern to perform it’s magic.

B.  

A minimum of 24 hours of data is needed for anomaly detection, and a minimum of 4 entities for cohesive analysis.

C.  

Anomaly detection automatically generates notable events when KPI data diverges from the pattern.

D.  

There are 3 types of anomaly detection supported in ITSI: adhoc, trending, and cohesive.

Discussion 0
Questions 23

Anomaly detection can be enabled on which one of the following?

Options:

A.  

KPI

B.  

Multi-KPI alert

C.  

Entity

D.  

Service

Discussion 0
Questions 24

Which of the following items describe ITSI Deep Dive capabilities? (Choose all that apply.)

Options:

A.  

Comparing a service’s notable events over a time period.

B.  

Visualizing one or more Service KPIs values by time.

C.  

Examining and comparing alert levels for KPIs in a service over time.

D.  

Comparing swim lane values for a slice of time.

Discussion 0
Questions 25

After ITSI is initially deployed for the operations department at a large company, another department would like to use ITSI but wants to keep their information private from the operations group. How can this be achieved?

Options:

A.  

Create service templates for each group and create the services from the templates.

B.  

Create teams for each department and assign KPIs to each team.

C.  

Create services for each group and set the permissions of the services to restrict them to each group.

D.  

Create teams for each department and assign services to the teams.

Discussion 0
Questions 26

Which of the following is an advantage of using adaptive time thresholds?

Options:

A.  

Automatically update thresholds daily to manage dynamic changes to KPI values.

B.  

Automatically adjust KPI calculation to manage dynamic event data.

C.  

Automatically adjust aggregation policy grouping to manage escalating severity.

D.  

Automatically adjust correlation search thresholds to adjust sensitivity over time.

Discussion 0
Questions 27

What is an episode?

Options:

A.  

A workflow task.

B.  

A deep dive.

C.  

A notable event group.

D.  

A notable event.

Discussion 0