Splunk Exam SPLK-3002 Topic 1 Question 51 Discussion

Actual exam question for Splunk's SPLK-3002 exam

Question #: 51
Topic #: 1

[All SPLK-3002 Questions]

When must a service define entity rules?

AIf the intention is for the KPIs in the service to filter to only entities assigned to the service.

BTo enable entity cohesion anomaly detection.

CIf some or all of the KPIs in the service will be split by entity.

DIf the intention is for the KPIs in the service to have different aggregate vs. entity KPI values.

Show Suggested Answer

Suggested Answer: A

Provide a value to filter the service to a specific set of entities. These entity rule values are meant to be custom for each service.

A is the correct answer because a service must define entity rules if the intention is for the KPIs in the service to filter to only entities assigned to the service. Entity rules are filters that match entities to services based on entity aliases or entity metadata. If you enable the Filter to Entities in Service option for a KPI, you need to define entity rules for the service to ensure that the KPI search results only include the relevant entities for the service. Otherwise, the KPI search results might include entities that are not part of the service or exclude entities that are part of the service. Reference: [Define entities for a service in ITSI], [Configure KPI settings in ITSI]

by Van at Jan 23, 2024, 04:56 AM

Limited Time Offer

25%

Off

Get Premium SPLK-3002 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!