Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. Splunk
  3. Splunk IT Service Intelligence Certified Admin
  4. SPLK-3002 - Splunk IT Service Intelligence Certified Admin Exam

Splunk SPLK-3002 Splunk IT Service Intelligence Certified Admin Exam Exam Practice Test

Demo: 15 questions
Total 53 questions
Get SPLK-3002 Full Access Download SPLK-3002 PDF

Splunk IT Service Intelligence Certified Admin Exam Questions and Answers

Question 1

What is an episode?

Options:

A.

A workflow task.

B.

A deep dive.

C.

A notable event group.

D.

A notable event.

Question 2

Where are KPI search results stored?

Options:

A.

The default index.

B.

KV Store.

C.

Output to a CSV lookup.

D.

The itsi_summary index.

Question 3

How do you automatically restrict a KPI to only the entities in its service, and generate KPI values for each entity?

Options:

A.

Select “Yes” for both “Split by Entity” and “Filter to Entities in Service”.

B.

Select “No” for “Split by Entity” and “Yes” for “Filter to Entities in Service”.

C.

Select “Yes” for “Split by Entity” and “No” for “Filter to Entities in Service”.

D.

Select “No” for both “Split by Entity” and “Filter to Entities in Service”.

Question 4

In Episode Review, what is the result of clicking an episode’s Acknowledge button?

Options:

A.

Assign the current user as owner.

B.

Change status from New to Acknowledged.

C.

Change status from New to In Progress and assign the current user as owner.

D.

Change status from New to Acknowledged and assign the current user as owner.

Question 5

Which capabilities are enabled through “teams”?

Options:

A.

Teams allow searches against the itsi_summary index.

B.

Teams restrict notable event alert actions.

C.

Teams restrict searches against the itsi_notable_audit index.

D.

Teams allow restrictions to service content in UI views.

Question 6

Besides creating notable events, what are the default alert actions a correlation search can execute? (Choose all that apply.)

Options:

A.

Ping a host.

B.

Send email.

C.

Include in RSS feed.

D.

Run a script.

Question 7

Which deep dive swim lane type does not require writing SPL?

Options:

A.

Event lane.

B.

Automatic lane.

C.

Metric lane.

D.

KPI lane.

Question 8

In distributed search, which components need to be installed on instances other than the search head?

Options:

A.

SA-IndexCreation and SA-ITSI-Licensechecker on indexers.

B.

SA-IndexCreation and SA-ITOA on indexers; SA-ITSI-Licensechecker and SA-UserAccess on the license master.

C.

SA-IndexCreation on idexers; SA-ITSI-Licensechecker and SA-UserAccess on the license master.

D.

SA-ITSI-Licensechecker on indexers.

Question 9

Which glass table feature can be used to toggle displaying KPI values from more than one service on a single widget?

Options:

A.

Service templates.

B.

Service dependencies.

C.

Ad-hoc search.

D.

Service swapping.

Question 10

What are valid considerations when designing an ITSI Service? (Choose all that apply.)

Options:

A.

Service access control requirements for ITSI Team Access should be considered, and appropriate teams provisioned prior to creating the ITSI Service.

B.

Entities, entity meta-data, and entity rules should be planned carefully to support the service design and configuration.

C.

Services, entities, and saved searches are stored in the ITSI app, while events created by KPI execution are stored in the itsi_summary index.

D.

Backfill of a KPI should always be selected so historical data points can be used immediately and alerts based on that data can occur.

Question 11

Which scenario would benefit most by implementing ITSI?

Options:

A.

Monitoring of business services functionality.

B.

Monitoring of system hardware.

C.

Monitoring of system process statuses

D.

Monitoring of retail sales metrics.

Question 12

What are valid ITSI Glass Table editor capabilities? (Choose all that apply.)

Options:

A.

Creating glass tables.

B.

Correlation search creation.

C.

Service swapping configuration.

D.

Adding KPI metric lanes to glass tables.

Question 13

What is the main purpose of the service analyzer?

Options:

A.

Display a list of All Services and Entities.

B.

Trigger external alerts based on threshold violations.

C.

Allow Analysts to add comments to Alerts.

D.

Monitor overall Service and KPI status.

Question 14

What should be considered when onboarding data into a Splunk index, assuming that ITSI will need to use this data?

Options:

A.

Use | stats functions in custom fields to prepare the data for KPI calculations.

B.

Check if the data could leverage pre-built KPIs from modules, then use the correct TA to onboard the data.

C.

Make sure that all fields conform to CIM, then use the corresponding module to import related services.

D.

Plan to build as many data models as possible for ITSI to leverage

Question 15

Which of the following is a recommended best practice for service and glass table design?

Options:

A.

Plan and implement services first, then build detailed glass tables.

B.

Always use the standard icons for glass table widgets to improve portability.

C.

Start with base searches, then services, and then glass tables.

D.

Design glass tables first to discover which KPIs are important.

Load More SPLK-3002 Questions
Demo: 15 questions
Total 53 questions
Get SPLK-3002 Full Access Download SPLK-3002 PDF