Splunk IT Service Intelligence Certified Admin SPLK-3002 Exam Questions and Answers PDF

Reference: [Reference: https://docs.splunk.com/Documentation/ITSI/4.10.2/SI/DeepDives, A deep dive is a dashboard that allows you to analyze the historical trends and anomalies of your KPIs and metrics in ITSI. A deep dive displays a timeline of events and swim lanes of data that you can customize and filter to investigate issues and perform root cause analysis. Some of the capabilities of deep dives are:, B. Visualizing one or more service KPIs values by time. This is true because you can add KPI swim lanes to a deep dive to show the values and severity levels of one or more KPIs over time. You can also compare KPIs from different services or entities using service swapping or entity splitting., C. Examining and comparing alert levels for KPIs in a service over time. This is true because you can add alert swim lanes to a deep dive to show the alert levels and counts for one or more KPIs over time. You can also drill down into the alert details and view the notable events associated with each alert., D. Comparing swim lane values for a slice of time. This is true because you can use the time range selector to zoom in or out of a specific time range in a deep dive. You can also use the time brush to select a slice of time and compare the swim lane values for that time period., The other option is not a capability of deep dives because:, A. Comparing a service’s notable events over a time period. This is not true because deep dives do not display notable events, which are alerts generated byITSI based on certain conditions or correlations. Notable events are displayed in other dashboards, such as episode review or glass tables., References: [Overview of deep dives in ITSI], [Add swim lanes to a deep dive in ITSI], ]

Reference: [Reference: https://docs.splunk.com/Documentation/ES/latest/Install/DeploymentPlanning, A, B, and C are correct answers because ITSI deployments often require more hardware resources than base Splunk requirements due to the high volume of data ingestion and processing. ITSI deployments also require a dedicated search head that runs the ITSI app and handles all ITSI-related searches and dashboards. ITSI deployments may also increase the number of required indexers based on the number and frequency of KPI searches, which can generate a large amount of summary data. References: ITSI deployment overview, ITSI deployment planning]

Reference: [Reference: https://docs.splunk.com/Documentation/ITSI/4.10.2/SI/Dependencies, A service template is a predefined set of KPIs and entity rules that you can apply to a service or a group of services. A service template helps you standardize the configuration and monitoring of similar services across your IT environment. A service template can also include dependent services, which are services that are required for another service to function properly. For example, a web server service might depend on a database service and a network service. The default importance value for dependent services’ health scores is:, D. 10. This is true because the importance value indicates how much a dependent service contributes to the health score of the parent service. The default value is 10, which means that the dependent service has the highest impact on the parent service’s healthscore. You can change the importance value of a dependent service in the service template settings., The other options are not correct because:, A. 11. This is not true because 11 is an invalid value for importance. The valid range is from 1 (lowest) to 10 (highest)., B. 1. This is not true because 1 is the lowest value for importance, not the default value. A value of 1 means that the dependent service has the lowest impact on the parent service’s health score., C. Unassigned. This is not true because every dependent service has an assigned importance value, which defaults to 10., References: Create and manage service templates in ITSI, Set KPI importance values in ITSI, ]