SPLK-3002 Online Practice Questions and Answers
Which of the following is a best practice for identifying the most effective services with which to start an iterative ITSI deployment?
A. Only include KPIs if they will be used in multiple services.
B. Analyze the business to determine the most critical services.
C. Focus on low-level services.
D. Define a large number of key services early.
Which deep dive swim lane type does not require writing SPL?
A. Event lane.
B. Automatic lane.
C. Metric lane.
D. KPI lane.
Which of the following items apply to anomaly detection? (Choose all that apply.)
A. Use AD on KPIs that have an unestablished baseline of data points. This allows the ML pattern to perform it's magic.
B. A minimum of 24 hours of data is needed for anomaly detection, and a minimum of 4 entities for cohesive analysis.
C. Anomaly detection automatically generates notable events when KPI data diverges from the pattern.
D. There are 3 types of anomaly detection supported in ITSI: adhoc, trending, and cohesive.
In Episode Review, what is the result of clicking an episode's Acknowledge button?
A. Assign the current user as owner.
B. Change status from New to Acknowledged.
C. Change status from New to In Progress and assign the current user as owner.
D. Change status from New to Acknowledged and assign the current user as owner.
What are valid ITSI Glass Table editor capabilities? (Choose all that apply.)
A. Creating glass tables.
B. Correlation search creation.
C. Service swapping configuration.
D. Adding KPI metric lanes to glass tables.
Which of the following accurately describes base searches used for KPIs in a service?
A. Base searches can be used for multiple services.
B. A base search can only be used by its service and all dependent services.
C. All the metrics in a base search are used by one service.
D. All the KPIs in a service use the same base search.
What effects does the KPI importance weight of 11 have on the overall health score of a service?
A. At least 10% of the KPIs will go critical.
B. Importance weight is unused for health scoring.
C. The service will go critical.
D. It is a minimum health indicator KPI.
Which of the following is an advantage of using adaptive time thresholds?
A. Automatically update thresholds daily to manage dynamic changes to KPI values.
B. Automatically adjust KPI calculation to manage dynamic event data.
C. Automatically adjust aggregation policy grouping to manage escalating severity.
D. Automatically adjust correlation search thresholds to adjust sensitivity over time.
What is the default importance value for dependent services’ health scores?
A. 11
B. 1
C. Unassigned
D. 10
Which of the following is a recommended best practice for service and glass table design?
A. Plan and implement services first, then build detailed glass tables.
B. Always use the standard icons for glass table widgets to improve portability.
C. Start with base searches, then services, and then glass tables.
D. Design glass tables first to discover which KPIs are important.
Which of the following are deployment recommendations for ITSI? (Choose all that apply.)
A. Deployments often require an increase of hardware resources above base Splunk requirements.
B. Deployments require a dedicated ITSI search head.
C. Deployments may increase the number of required indexers based on the number of KPI searches.
D. Deployments should use fastest possible disk arrays for indexers.
Which capabilities are enabled through “teams”?
A. Teams allow searches against the itsi_summaryindex.
B. Teams restrict notable event alert actions.
C. Teams restrict searches against the itsi_notable_auditindex.
D. Teams allow restrictions to service content in UI views.
Besides creating notable events, what are the default alert actions a correlation search can execute? (Choose all that apply.)
A. Ping a host.
B. Send email.
C. Include in RSS feed.
D. Run a script.
In maintenance mode, which features of KPIs still function?
A. KPI searches will execute but will be buffered until the maintenance window is over.
B. KPI searches still run during maintenance mode, but results go to itsi_maintenance_summaryindex.
C. New KPIs can be created, but existing KPIs are locked.
D. KPI calculations and threshold settings can be modified.
Which of the following describes enabling smart mode for an aggregation policy?
A. Configure –andgt; Policies –andgt; Smart Mode –andgt; Enable, select “fields”, click “Save”
B. Enable grouping in Notable Event Review, select “Smart Mode”, select “fields”, and click “Save”
C. Edit the aggregation policy, enable smart mode, select fields to analyze, click “Save”
D. Edit the notable event view, enable smart mode, select “fields”, and click “Save”
Why select/choose certbus.com?
Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.
Copyright © 2004-2025 certbus.com, All Rights Reserved.