Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
MuleSoft
Okta
Oracle
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. Splunk®
  3. SPLK-3002

Splunk® SPLK-3002 Exam (page: 1)
Splunk® IT Service Intelligence Certified Admin
Updated on: 26-Oct-2025

Viewing Page 1 of 12
SPLK-3002 PDF 90 Questions

After a notable event has been closed, how long will the meta data for that event remain in the KV Store by default?

  1. 6 months.
  2. 9 months.
  3. 1 year.
  4. 3 months.

Answer(s): A

Explanation:

By default, notable event metadata is archived after six months to keep the KV store from growing too large.


Reference:

https://docs.splunk.com/Documentation/ITSI/4.10.2/EA/TrimNECollections



Which of the following is a best practice for identifying the most effective services with which to start an iterative ITSI deployment?

  1. Only include KPIs if they will be used in multiple services.
  2. Analyze the business to determine the most critical services.
  3. Focus on low-level services.
  4. Define a large number of key services early.

Answer(s): A


Reference:

https://docs.splunk.com/Documentation/ITSI/4.10.2/SI/MKA



When creating a custom deep dive, what color are services/KPIs in maintenance mode within the topology view?

  1. Gray
  2. Purple
  3. Gear Icon
  4. Blue

Answer(s): A

Explanation:

Services, entities, and KPIs that are fully or partially impacted by a maintenance window appear in a dark gray color on pages that display health scores, including service analyzers, service and entity details pages, glass tables, multi-KPI alerts, and deep dives.


Reference:

https://docs.splunk.com/Documentation/ITSI/4.10.2/Configure/AboutMW



Which deep dive swim lane type does not require writing SPL?

  1. Event lane.
  2. Automatic lane.
  3. Metric lane.
  4. KPI lane.

Answer(s): B

Explanation:

Among all the search configurations, automatic lane doesn’t need to be written in Splunk Processing language.



Which of the following items apply to anomaly detection? (Choose all that apply.)

  1. Use AD on KPIs that have an unestablished baseline of data points. This allows the ML pattern to perform it’s magic.
  2. A minimum of 24 hours of data is needed for anomaly detection, and a minimum of 4 entities for cohesive analysis.
  3. Anomaly detection automatically generates notable events when KPI data diverges from the pattern.
  4. There are 3 types of anomaly detection supported in ITSI: adhoc, trending, and cohesive.

Answer(s): B,C

Explanation:

The KPI must be split by entity, and a minimum of four entities is required.
Minimum amount of data 24 hours 24 hours
If the KPI diverges from the normal pattern, ITSI creates a notable event in Episode Review.


Reference:

https://docs.splunk.com/Documentation/ITSI/4.10.2/SI/AD



Viewing Page 1 of 12



Share your comments for Splunk® SPLK-3002 exam with other users:

trying 7/28/2023 12:37:00 PM

thanks good stuff
UNITED STATES


exampei 10/4/2023 2:40:00 PM

need dump c_tadm_23
Anonymous


Eman Sawalha 6/10/2023 6:18:00 AM

next time i will write a full review
GREECE


johnpaul 11/15/2023 7:55:00 AM

first time using this site
ROMANIA


omiornil@gmail.com 7/25/2023 9:36:00 AM

please sent me oracle 1z0-1105-22 pdf
BANGLADESH


John 8/29/2023 8:59:00 PM

very helpful
Anonymous


Kvana 9/28/2023 12:08:00 PM

good info about oml
UNITED STATES


Checo Lee 7/3/2023 5:45:00 PM

very useful to practice
UNITED STATES


dixitdnoh@gmail.com 8/27/2023 2:58:00 PM

this website is very helpful.
UNITED STATES


Sanjay 8/14/2023 8:07:00 AM

good content
INDIA


Blessious Phiri 8/12/2023 2:19:00 PM

so challenging
Anonymous


PAYAL 10/17/2023 7:14:00 AM

17 should be d ,for morequery its scale out
Anonymous


Karthik 10/12/2023 10:51:00 AM

nice question
Anonymous


Godmode 5/7/2023 10:52:00 AM

yes.
NETHERLANDS


Bhuddhiman 7/30/2023 1:18:00 AM

good mateial
Anonymous


KJ 11/17/2023 3:50:00 PM

good practice exam
Anonymous


sowm 10/29/2023 2:44:00 PM

impressivre qustion
Anonymous


CW 7/6/2023 7:06:00 PM

questions seem helpful
Anonymous


luke 9/26/2023 10:52:00 AM

good content
Anonymous


zazza 6/16/2023 9:08:00 AM

question 21 answer is alerts
ITALY


Abwoch Peter 7/4/2023 3:08:00 AM

am preparing for exam
Anonymous


mohamed 9/12/2023 5:26:00 AM

good one thanks
EGYPT


Mfc 10/23/2023 3:35:00 PM

only got thru 5 questions, need more to evaluate
Anonymous


Whizzle 7/24/2023 6:19:00 AM

q26 should be b
Anonymous


sarra 1/17/2024 3:44:00 AM

the aaa triad in information security is authentication, accounting and authorisation so the answer should be d 1, 3 and 5.
UNITED KINGDOM


DBS 5/14/2023 12:56:00 PM

need to attend this
UNITED STATES


Da_costa 8/1/2023 5:28:00 PM

these are free brain dumps i understand, how can one get free pdf
Anonymous


vikas 10/28/2023 6:57:00 AM

provide access
EUROPEAN UNION


Abdullah 9/29/2023 2:06:00 AM

good morning
Anonymous


Raj 6/26/2023 3:12:00 PM

please upload the ncp-mci 6.5 dumps, really need to practice this one. thanks guys
Anonymous


Miguel 10/5/2023 12:21:00 PM

question 16: https://help.salesforce.com/s/articleview?id=sf.care_console_overview.htm&type=5
SPAIN


Hiren Ladva 7/8/2023 10:34:00 PM

yes i m prepared exam
Anonymous


oliverjames 10/24/2023 5:37:00 AM

my experience was great with this site as i studied for the ms-900 from here and got 900/1000 on the test. my main focus was on the tutorials which were provided and practice questions. thanks!
GERMANY


Bhuddhiman 7/20/2023 11:52:00 AM

great course
UNITED STATES