CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Splunk®
  5. SPLK-3002

Free SPLK-3002 Exam Braindumps (page: 3)

Page 2 of 14
PDF with 90 Questions

Which of the following items apply to anomaly detection? (Choose all that apply.)

  1. Use AD on KPIs that have an unestablished baseline of data points. This allows the ML pattern to perform it’s magic.
  2. A minimum of 24 hours of data is needed for anomaly detection, and a minimum of 4 entities for cohesive analysis.
  3. Anomaly detection automatically generates notable events when KPI data diverges from the pattern.
  4. There are 3 types of anomaly detection supported in ITSI: adhoc, trending, and cohesive.

Answer(s): B,C

Explanation:

The KPI must be split by entity, and a minimum of four entities is required.
Minimum amount of data 24 hours 24 hours
If the KPI diverges from the normal pattern, ITSI creates a notable event in Episode Review.


Reference:

https://docs.splunk.com/Documentation/ITSI/4.10.2/SI/AD



Which of the following is a best practice when configuring maintenance windows?

  1. Disable any glass tables that reference a KPI that is part of an open maintenance window.
  2. Develop a strategy for configuring a service’s notable event generation when the service’s maintenance window is open.
  3. Give the maintenance window a buffer, for example, 15 minutes before and after actual maintenance work.
  4. Change the color of services and entities that are part of an open maintenance window in the service analyzer.

Answer(s): C

Explanation:

It's a best practice to schedule maintenance windows with a 15- to 30-minute time buffer before and after you start and stop your maintenance work.


Reference:

https://docs.splunk.com/Documentation/ITSI/4.10.2/Configure/AboutMW



In Episode Review, what is the result of clicking an episode’s Acknowledge button?

  1. Assign the current user as owner.
  2. Change status from New to Acknowledged.
  3. Change status from New to In Progress and assign the current user as owner.
  4. Change status from New to Acknowledged and assign the current user as owner.

Answer(s): C

Explanation:

When an episode warrants investigation, the analyst acknowledges the episode, which moves the status from New to In Progress.


Reference:

https://docs.splunk.com/Documentation/ITSI/4.10.2/EA/EpisodeOverview



Which glass table feature can be used to toggle displaying KPI values from more than one service on a single widget?

  1. Service templates.
  2. Service dependencies.
  3. Ad-hoc search.
  4. Service swapping.

Answer(s): C


Reference:

https://docs.splunk.com/Documentation/ITSI/4.10.2/SI/Visualizations#collapseDesktop8






Post your Comments and Discuss Splunk® SPLK-3002 exam with other Community members:

SPLK-3002 Discussions & Posts