← Back to exam page

SPLK-3002 Splunk IT Service Intelligence Certified Admin Exam

Loading demo links...

Showing 1–3 of 10 questions

Question 1

What are valid ITSI Glass Table editor capabilities? (Choose all that apply.)

Select all that apply, then click Submit answer.

  • Creating glass tables.

  • Correlation search creation.

  • Service swapping configuration.

  • Adding KPI metric lanes to glass tables.
Question 2

What are valid considerations when designing an ITSI Service? (Choose all that apply.)

Select all that apply, then click Submit answer.

  • Service access control requirements for ITSI Team Access should be considered, and appropriate teams provisioned prior to creating the ITSI Service.

  • Entities, entity meta-data, and entity rules should be planned carefully to support the service design and configuration.

  • Services, entities, and saved searches are stored in the ITSI app, while events created by KPI execution are stored in the itsi_summary index.

  • Backfill of a KPI should always be selected so historical data points can be used immediately and alerts based on that data can occur.
Question 3

Which of the following items apply to anomaly detection? (Choose all that apply.)

Select all that apply, then click Submit answer.

  • Use AD on KPIs that have an unestablished baseline of data points. This allows the ML pattern to perform it’s magic.

  • A minimum of 24 hours of data is needed for anomaly detection, and a minimum of 4 entities for cohesive analysis.

  • Anomaly detection automatically generates notable events when KPI data diverges from the pattern.

  • There are 3 types of anomaly detection supported in ITSI: adhoc, trending, and cohesive.