Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Splunk Exam SPLK-2002 Topic 9 Question 75 Discussion

Actual exam question for Splunk's SPLK-2002 exam
Question #: 75
Topic #: 9
[All SPLK-2002 Questions]

A Splunk deployment is being architected and the customer will be using Splunk Enterprise Security (ES) and Splunk IT Service Intelligence (ITSI). Through data onboarding and sizing, it is determined that over 200 discrete KPIs will be tracked by ITSI and 1TB of data per day by ES. What topology ensures a scalable and performant deployment?

Show Suggested Answer Hide Answer
Suggested Answer: A, C

by Eladia at Oct 02, 2023, 09:18 PM

Limited Time Offer

25%

Off

Get Premium SPLK-2002 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Ciara
22 days ago
Clearly option C is the way to go. I mean, who needs performance or scalability when you can just cram everything onto one search head cluster? It'll be fine, right? *nervous laughter*
upvoted 0 times
Derrick
4 days ago
I think option B is the best choice. Having separate search head clusters for ITSI and ES will ensure better performance and scalability.
upvoted 0 times
...
...
Kate
29 days ago
I'm with Alfred on this one. Two search head clusters is the way to go. It's the only option that ensures you can scale and handle the data load without everything grinding to a halt.
upvoted 0 times
Danilo
21 days ago
I agree with you, having two search head clusters is definitely the best option for this scenario.
upvoted 0 times
...
...
Peggy
1 months ago
Oh man, option D is just begging for trouble. One search head handling both ITSI and ES? That's like trying to fit an elephant and a giraffe in a Smart car. Not happening!
upvoted 0 times
...
Alfred
1 months ago
Two search head clusters, one for each, is definitely the way to go. You don't want to risk overloading a single search head with that kind of data volume. Separating them is the smart move.
upvoted 0 times
Christiane
4 days ago
Two search head clusters, one for each, is definitely the way to go.
upvoted 0 times
...
Margret
8 days ago
B) Two search head clusters, one for ITSI and one for ES.
upvoted 0 times
...
Vilma
10 days ago
A) Two search heads, one for ITSI and one for ES.
upvoted 0 times
...
...
Frederica
2 months ago
Choosing a single search head with both ITSI and ES installed seems like a recipe for disaster with that much data. I'd go with option B to keep them separated for better scalability and performance.
upvoted 0 times
Millie
27 days ago
Yeah, it's important to keep them separated to avoid any performance issues with that much data being processed.
upvoted 0 times
...
Stanford
1 months ago
I agree, having separate search head clusters for ITSI and ES would definitely help with scalability.
upvoted 0 times
...
...
Queen
2 months ago
I disagree, I believe option C is more efficient as it allows for easier management of both ITSI and ES on a single search head cluster.
upvoted 0 times
...
Nelida
2 months ago
I agree with Ty, having separate search head clusters for ITSI and ES makes sense for scalability.
upvoted 0 times
...
Ty
2 months ago
I think option B is the best choice.
upvoted 0 times
...

Save Cancel