Which of the following is a best practice when configuring maintenance windows?
Answer(s): C
It's a best practice to schedule maintenance windows with a 15- to 30-minute time buffer before and after you start and stop your maintenance work.
https://docs.splunk.com/Documentation/ITSI/4.10.2/Configure/AboutMW A maintenance window is a period of time when a service or entity is undergoing maintenance operations or does not require active monitoring. It is a best practice to schedule maintenance windows with a 15- to 30-minute time buffer before and after you start and stop your maintenance work. This gives the system an opportunity to catch up with the maintenance state and reduces the chances of ITSI generating false positives during maintenance operations. For example, if a server will be shut down for maintenance at 1:00PM and restarted at 5:00PM, the ideal maintenance window is 12:30PM to 5:30PM. The 15- to 30-minute time buffer is a rough estimate based on 15 minutes being the time period over which most KPIs are configured to search data and identify alert triggers.Overview of maintenance windows in ITSI
In Episode Review, what is the result of clicking an episode's Acknowledge button?
Answer(s): D
When an episode warrants investigation, the analyst acknowledges the episode, which moves the status from New to In Progress.
https://docs.splunk.com/Documentation/ITSI/4.10.2/EA/EpisodeOverview An episode represents a disruption of service operation causing impact to business operations. It is a deduplicated group of notable events occurring as part of a larger sequence, or an incident or period considered in isolation. In Episode Review, you can manage the episodes and their statuses using various actions. One of the actions is Acknowledge, which changes the status of an episode from New to Acknowledged and assigns the current user as the owner. This action indicates that someone is working on resolving the episode and prevents duplicate efforts from other users.Overview of Episode Review in ITSI, [Episode actions in Episode Review]
Which glass table feature can be used to toggle displaying KPI values from more than one service on a single widget?
https://docs.splunk.com/Documentation/ITSI/4.10.2/SI/Visualizations#collapseDesktop8 A glass table is a visualization tool that allows you to monitor the interrelationships and dependencies across your IT and business services. You can add metrics like KPIs, ad hoc searches, and service health scores that update in real time against a background that you design. One of the features of glass tables is service swapping, which enables you to toggle displaying KPI values from more than one service on a single widget. You can use service swapping to compare metrics across different services without creating multiple glass tables or widgets.Overview of the glass table editor in ITSI, [Configure service swapping on glass tables]
Which of the following is a characteristic of base searches?
Answer(s): B
https://docs.splunk.com/Documentation/ITSI/4.10.2/SI/BaseSearch A base search is a search definition that can be shared across multiple KPIs that use the same data source. Base searches can improve search performance and reduce search load by consolidating multiple similar KPIs. One of the characteristics of base searches is that it is possible to filter to entities assigned to the service for calculating the metrics for the service's KPIs. This means that you can use entity filtering rules to specify which entities are relevant for each KPI based on the base search results.Create KPI base searches in ITSI, [Filter entities for KPIs based on base searches]
What are valid ITSI Glass Table editor capabilities? (Choose all that apply.)
Answer(s): A,C,D
Create a glass table to visualize and monitor the interrelationships and dependencies across your IT and business services.The service swapping settings are saved and apply the next time you open the glass table. You can add metrics like KPIs, ad hoc searches, and service health scores that update in real time against a background that you design. Glass tables show real-time data generated by KPIs and services.
https://docs.splunk.com/Documentation/ITSI/4.10.2/SI/GTOverviewThe glass table editor is a tool that allows you to create and edit glass tables in ITSI. Some of the capabilities of the glass table editor are:Creating glass tables from scratch or from existing templates. Configuring service swapping on widgets to toggle displaying metrics from different services. Adding KPI metric lanes to glass tables to show historical trends of KPI values. The glass table editor does not support correlation search creation, which is a separate feature in ITSI that allows you to create searches that look for relationships between data points and generate notable events.Overview of the glass table editor in ITSI, [Configure service swapping on glass tables], [Add KPI metric lanes to glass tables], [Overview of correlation searches in ITSI]
Post your Comments and Discuss Splunk SPLK-3002 exam dumps with other Community members:
DynamoDB
S3
Cognito
RDS
EFS
/sbin/init
/etc/inittab
/etc/rc.d
/etc/init.d
/lib/init.so
/etc/rc.d/rcinit
/proc/sys/kernel/init
/boot/init
/bin/init
Amazon S3 Intelligent-Tiering
S3 Lifecycle
S3 Glacier Flexible Retrieval
Amazon Athena
Amazon EFS
EC2 instance store
ElastiCache for Redis
S3 Glacier Deep Archive
AWS Lake Formation
Amazon EMR Spark jobs
Amazon Kinesis Data Streams
Amazon DynamoDB
Defender for Endpoint
Defender for Identity
Defender for Cloud Apps
Defender for Office 365
S3 Object Lock
SFTP
AWS Transfer Family
Amazon SQS
API Gateway
Lambda
usage plan
AWS WAF
Amazon ECS
Application Load Balancer
AWS Global Accelerator
Network Load Balancer
EC2
Auto Scaling group
CloudFront
ALB
AWS PrivateLink
CRR
SSE-S3
Athena
SSE-KMS
RDS Custom for Oracle