Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

SPLK-3002 by Splunk - Page 1 | ExamCademy

Mode Selection

Question 1

Question 2

Question 3

Which of the following is the best use case for configuring a Multi-KPI Alert?

A Comparing content between two notable events.
B Using machine learning to evaluate when data falls outside of an expected pattern.
C Comparing anomaly detection between two KPIs.
D Raising an alert when one or more KPIs indicate an outage is occurring.

Question 4

In distributed search, which components need to be installed on instances other than the search head?

A SA-IndexCreation and SA-ITSI-Licensechecker on indexers.
B SA-IndexCreation and SA-ITOA on indexers; SA-ITSI-Licensechecker and SA-UserAccess on the license master.
C SA-IndexCreation on idexers; SA-ITSI-Licensechecker and SA-UserAccess on the license master.
D SA-ITSI-Licensechecker on indexers.

Question 5

When deploying ITSI on a distributed Splunk installation, which component must be installed on the search head(s)?

A SA-ITOA
B ITSI app
C All ITSI components
D SA-ITSI-Licensechecker

Question 6

Which of the following describes entities? (Choose all that apply.)

A Entities must be IT devices, such as routers and switches, and must be identified by either IP value, host name, or mac address.
B An abstract (pseudo/logical) entity can be used to split by for a KPI, although no entity rules or filtering can be used to limit data to a specific service.
C Multiple entities can share the same alias value, but must have different role values.
D To automatically restrict the KPI to only the entities in a particular service, select “Filter to Entities in Service”.

Question 7

Which of the following describes a realistic troubleshooting workflow in ITSI?

A Correlation Search –> Deep Dive –> Notable Event
B Service Analyzer –> Notable Event Review –> Deep Dive
C Service Analyzer –> Aggregation Policy –> Deep Dive
D Correlation search –> KPI –> Aggregation Policy

Question 8

Which of the following accurately describes base searches used for KPIs in a service?

A Base searches can be used for multiple services.
B A base search can only be used by its service and all dependent services.
C All the metrics in a base search are used by one service.
D All the KPIs in a service use the same base search.

Question 9

Which scenario would benefit most by implementing ITSI?

A Monitoring of business services functionality.
B Monitoring of system hardware.
C Monitoring of system process statuses.
D Monitoring of retail sales metrics.

Question 10

ITSI Saved Search Scheduling is configured to use realtime_schedule = 0. Which statement is accurate about this configuration?

A If this value is set to 0, the scheduler bases its determination of the next scheduled search execution time on the current time.
B If this value is set to 0, the scheduler bases its determination of the next scheduled search on the last search execution time.
C If this value is set to 0, the scheduler may skip scheduled execution periods.
D If this value is set to 0, the scheduler might skip some execution periods to make sure that the scheduler is executing the searches running over the most recent time range.

Question 11

What effects does the KPI importance weight of 11 have on the overall health score of a service?

A At least 10% of the KPIs will go critical.
B Importance weight is unused for health scoring.
C The service will go critical.
D It is a minimum health indicator KPI.

That's the end of the Preview

Create a free account to unlock all questions for this exam.

Log In / Sign Up

Page 1 of 3 • Questions 1-25 of 53

1 2 3

→

Know a question that should be here? Contribute to this exam

After a notable event has been closed, how long will the meta data for that event remain in the KV Store by default?

A 6 months.
B 9 months.
C 1 year.
D 3 months.

What are valid ITSI Glass Table editor capabilities? (Choose all that apply.)

A Creating glass tables.
B Correlation search creation.
C Service swapping configuration.
D Adding KPI metric lanes to glass tables.