SPLK-3002 Exam Dumps - Splunk IT Service Intelligence Certified Admin Exam

Reference: [Reference: https://docs.splunk.com/Documentation/ITSI/4.10.2/EA/EpisodeOverview, An episode is a deduplicated group of notable events occurring as part of a larger sequence, or an incident or period considered in isolation. An episode helps you reduce alert noise and focus on the most important issues affecting your IT services. An episode is created by an aggregation policy, which is a set of rules that determines how to group notable events based on certain criteria, such as severity, source, title, and so on. You can use episode review to view, manage, and resolve episodes in ITSI. The statement that defines an episode is:, C. A notable event group. This is true because an episode is composed of one or more notable events that are related by some common factor., The other options are not definitions of an episode because:, A. A workflow task. This is not true because a workflow task is an action that you can perform on an episode, such as assigning an owner, changing the status, adding comments, and so on., B. A deep dive. This is not true because a deep dive is a dashboard that allows you to analyze the historical trends and anomalies of your KPIs and metrics in ITSI., D. A notable event. This is not true because a notable event is an alert generated by ITSI based on certain conditions or correlations, not a group of alerts., References: [Overview of Episode Review in ITSI], [Overview of aggregation policies in ITSI], ]

Reference: [Reference: https://docs.splunk.com/Documentation/Splunk/8.2.2/Search/Searchindexes, B is the correct answer because dynamic field values can be specified with syntax within a correlation search. This syntax allows you to insert values from fields returned by the correlation search into alert actions such as email subject or body. For example, inserts the value of the host field into the email. References: [Use dynamic field values in correlation searches in ITSI]]

Reference: [Reference: https://docs.splunk.com/Documentation/ITSI/4.10.2/SI/GTOverview, The glass table editor is a tool that allows you to create and edit glass tables in ITSI. Some of the capabilities of the glass table editor are:, Creating glass tables from scratch or from existing templates., Configuring service swapping on widgets to toggle displaying metrics from different services., Adding KPI metric lanes to glass tables to show historical trends of KPI values., The glass table editor does not support correlation search creation, which is a separate feature in ITSI that allows you to create searches that look for relationships between data points and generate notable events. References: Overview of the glass table editor in ITSI, [Configure service swapping on glass tables], [Add KPI metric lanes to glass tables], [Overview of correlation searches in ITSI], ]

Reference: [Reference: https://docs.splunk.com/Documentation/ITSI/4.10.2/SI/AboutSI, Splunk IT Service Intelligence (ITSI) is a monitoring and analytics solution that uses artificial intelligence and machine learning to provide insights into the health and performance of IT services. ITSI lets you create services that represent the critical components of your IT infrastructure, such as applications, databases, servers, networks, and so on. You can then monitor the status and performance of these services using key performance indicators (KPIs), which are metrics that measure aspects of service health, such as availability, latency, error rate, and so on. ITSI also provides tools for visualizing, investigating, and alerting on service issues, such as service analyzers, glass tables, deep dives, episode review, and so on. The scenario that would benefit most by implementing ITSI is monitoring of business service functionality, because ITSI enables you to measure and improve the quality and reliability of your IT services and align them with your business objectives. References: What is Splunk IT Service Intelligence?]