SPLK-3002 Exam Dumps : Splunk IT Service Intelligence Certified Admin Exam

In Splunk ITSI, swim lane overlays depend on a KPI beingsplit by entityso that each entity’s individual time series can be displayed separately in the Deep Dive view. When a KPI is aggregated without an entity split, it produces asingle time seriesvalue at each timestamp representing the entire group (in this case, the average CPU across all web servers). Because that KPI does not contain per‑entity values, ITSI has nothing to overlay — therefore no entity overlays appear in the Lane Overlay Options. This configuration mistake often happens when a KPI is defined to average values across sources without specifying an entity dimension on which to split results. Entity filtering is a separate feature that enables restricting which entities are considered in display or analytics and does not control availability of swim lane overlays; pseudo‑entities are artificial names that do not reflect actual system identities and are not relevant to this error; and having only three entities versus four would not prevent overlays from appearing if the KPI were correctly split by entity. The correct fix is to edit the KPI definition and configure it tosplit the metric results by the server entity field, such that each server has its own time series. This then enables Fritz to overlay the individual server CPU graphs on the swim lane as intended.

In the context of troubleshooting KPI search performance in Splunk IT Service Intelligence (ITSI), the search names in the job activity that identify base searches typically follow the pattern "Indicator - Shared - xxxx - ITSI Search." These base searches are fundamental components of the KPI calculation process, aggregating and preparing data for further analysis by KPIs. Identifying these base searches in the job activity is crucial for diagnosing performance issues, as these searches can be resource-intensive and impact overall system performance. Understanding the naming convention helps administrators and analysts quickly pinpoint the base searches related to specific KPIs, facilitating more effective troubleshooting and optimization of search performance within the ITSI environment.