Splunk IT Service Intelligence Certified Admin v1.0

Page:    1 / 4   
Exam contains 53 questions
Expand All

What are valid considerations when designing an ITSI Service? (Choose all that apply.)

  • A. Service access control requirements for ITSI Team Access should be considered, and appropriate teams provisioned prior to creating the ITSI Service.
  • B. Entities, entity meta-data, and entity rules should be planned carefully to support the service design and configuration.
  • C. Services, entities, and saved searches are stored in the ITSI app, while events created by KPI execution are stored in the itsi_summary index.
  • D. Backfill of a KPI should always be selected so historical data points can be used immediately and alerts based on that data can occur.


Answer : AC

Anomaly detection can be enabled on which one of the following?

  • A. KPI
  • B. Multi-KPI alert
  • C. Entity
  • D. Service


Answer : A

Which index is used to store KPI values?

  • A. itsi_summary_metrics
  • B. itsi_metrics
  • C. itsi_service_health
  • D. itsi_summary


Answer : A

Where are KPI search results stored?

  • A. The default index.
  • B. KV Store.
  • C. Output to a CSV lookup.
  • D. The itsi_summary index.


Answer : D

Which ITSI functions generate notable events? (Choose all that apply.)

  • A. KPI threshold breaches.
  • B. KPI anomaly detection.
  • C. Multi-KPI alert.
  • D. Correlation search.


Answer : ABD

Which of the following describes a way to delete multiple duplicate entities in ITSI?

  • A. Via c CSV upload.
  • B. Via the entity lister page.
  • C. Via a search using the | deleteentity command.
  • D. All of the above.


Answer : A

Which capabilities are enabled through “teams”?

  • A. Teams allow searches against the itsi_summary index.
  • B. Teams restrict notable event alert actions.
  • C. Teams restrict searches against the itsi_notable_audit index.
  • D. Teams allow restrictions to service content in UI views.


Answer : A

Besides creating notable events, what are the default alert actions a correlation search can execute? (Choose all that apply.)

  • A. Ping a host.
  • B. Send email.
  • C. Include in RSS feed.
  • D. Run a script.


Answer : BCD

Within a correlation search, dynamic field values can be specified with what syntax?

  • A. fieldname
  • B. <fieldname /fieldname>
  • C. %fieldname%
  • D. eval(fieldname)


Answer : A

In maintenance mode, which features of KPIs still function?

  • A. KPI searches will execute but will be buffered until the maintenance window is over.
  • B. KPI searches still run during maintenance mode, but results go to itsi_maintenance_summary index.
  • C. New KPIs can be created, but existing KPIs are locked.
  • D. KPI calculations and threshold settings can be modified.


Answer : A

Which index contains ITSI Episodes?

  • A. itsi_tracked_alerts
  • B. itsi_grouped_alerts
  • C. itsi_notable_archive
  • D. itsi_summary


Answer : C

Which of the following best describes a default deep dive?

  • A. It initially shows the health scores for all services.
  • B. It initially shows the highest importance KPIs.
  • C. It initially shows all of the KPIs for a selected service.
  • D. It initially shows all the entity swim lanes.


Answer : D

Which of the following describes enabling smart mode for an aggregation policy?

  • A. Configure –> Policies –> Smart Mode –> Enable, select “fields”, click “Save”
  • B. Enable grouping in Notable Event Review, select “Smart Mode”, select “fields”, and click “Save”
  • C. Edit the aggregation policy, enable smart mode, select fields to analyze, click “Save”
  • D. Edit the notable event view, enable smart mode, select “fields”, and click “Save”


Answer : A

Which of the following are the default ports that must be configured on Splunk to use ITSI?

  • A. SplunkWeb (8405), SplunkD (8519), and HTTP Collector (8628)
  • B. SplunkWeb (8089), SplunkD (8088), and HTTP Collector (8000)
  • C. SplunkWeb (8000), SplunkD (8089), and HTTP Collector (8088)
  • D. SplunkWeb (8088), SplunkD (8089), and HTTP Collector (8000)


Answer : C

Which of the following is a good use case regarding defining entities for a service?

  • A. Automatically associate entities to services using multiple entity aliases.
  • B. All of the entities have the same identifying field name.
  • C. Being able to split a CPU usage KPI by host name.
  • D. KPI total values are aggregated from multiple different category values in the source events.


Answer : A

Page:    1 / 4   
Exam contains 53 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy