Splunk SPLK-3002 - Splunk IT Service Intelligence Certified Admin Exam
Page: 1 / 11
Total 53 questions
Question #1 (Topic: Exam A)
After a notable event has been closed, how long will the meta data for that event remain in the KV Store by default?
A. 6 months.
B. 9 months.
C. 1 year.
D. 3 months.
Answer: A
Question #2 (Topic: Exam A)
Which of the following is a best practice for identifying the most effective services with which to start an iterative ITSI deployment?
A. Only include KPIs if they will be used in multiple services.
B. Analyze the business to determine the most critical services.
C. Focus on low-level services.
D. Define a large number of key services early.
Answer: A
Question #3 (Topic: Exam A)
When creating a custom deep dive, what color are services/KPIs in maintenance mode within the topology view?
A. Gray
B. Purple
C. Gear Icon
D. Blue
Answer: A
Question #4 (Topic: Exam A)
Which deep dive swim lane type does not require writing SPL?
A. Event lane.
B. Automatic lane.
C. Metric lane.
D. KPI lane.
Answer: B
Question #5 (Topic: Exam A)
Which of the following items apply to anomaly detection? (Choose all that apply.)
A. Use AD on KPIs that have an unestablished baseline of data points. This allows the ML pattern to perform it’s magic.
B. A minimum of 24 hours of data is needed for anomaly detection, and a minimum of 4 entities for cohesive analysis.
C. Anomaly detection automatically generates notable events when KPI data diverges from the pattern.
D. There are 3 types of anomaly detection supported in ITSI: adhoc, trending, and cohesive.
Answer: BC
