Anomaly detection can be enabled on which one of the following?
A. KPI
B. Multi-KPI alert
C. Entity
D. Service
Which index is used to store KPI values?
A. itsi_summary_metrics
B. itsi_metrics
C. itsia_service_health
D. itsi_summary
What are valid considerations when designing an ITSI Service? (Choose all that apply.)
A. Service access control requirements for ITSI Team Access should be considered, and appropriate teams provisioned prior to creating the ITSI Service.
B. Entities, entity meta-data, and entity rules should be planned carefully to support the service design and configuration.
C. Services, entities, and saved searches are stored in the ITSI app, while events created by KPI execution are stored in the itsi_summaryindex.
D. Backfill of a KPI should always be selected so historical data points can be used immediately and alerts based on that data can occur.
Which of the following is a recommended best practice for service and glass table design?
A. Plan and implement services first, then build detailed glass tables.
B. Always use the standard icons for glass table widgets to improve portability.
C. Start with base searches, then services, and then glass tables.
D. Design glass tables first to discover which KPIs are important.
Which of the following are deployment recommendations for ITSI? (Choose all that apply.)
A. Deployments often require an increase of hardware resources above base Splunk requirements.
B. Deployments require a dedicated ITSI search head.
C. Deployments may increase the number of required indexers based on the number of KPI searches.
D. Deployments should use fastest possible disk arrays for indexers.
Which index will contain useful error messages when troubleshooting ITSI issues?
A. _introspection
B. _internal
C. itsi_summary
D. itsi_notable_audit
What is an episode?
A. A workflow task.
B. A deep dive.
C. A notable event group.
D. A notable event.
Which of the following items describe ITSI Deep Dive capabilities? (Choose all that apply.)
A. Comparing a service's notable events over a time period.
B. Visualizing one or more Service KPIs values by time.
C. Examining and comparing alert levels for KPIs in a service over time.
D. Comparing swim lane values for a slice of time.
When changing a service template, which of the following will be added to linked services by default?
A. Thresholds.
B. Entity Rules.
C. New KPIs.
D. Health score.
What should be considered when onboarding data into a Splunk index, assuming that ITSI will need to use this data?
A. Use | stats functions in custom fields to prepare the data for KPI calculations.
B. Check if the data could leverage pre-built KPIs from modules, then use the correct TA to onboard the data.
C. Make sure that all fields conform to CIM, then use the corresponding module to import related services.
D. Plan to build as many data models as possible for ITSI to leverage
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Splunk exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SPLK-3002 exam preparations and Splunk certification application, do not hesitate to visit our Vcedump.com to find your solutions here.