Which of the following can be configured when subscribing to a built-in detector?

1. A. Alerts on team landing page.
2. B. Alerts on a dashboard.
3. C. Outbound notifications.
4. D. Links to a chart.

Correct Answer: C
According to the web search results1, subscribing to a built-in detector is a way to receive alerts and notifications from Splunk Observability Cloud when certain criteria are met. A built-in detector is a detector that is automatically created and configured by Splunk Observability Cloud based on the data from your integrations, such as AWS, Kubernetes, or OpenTelemetry1. To subscribe to a built-in detector, you need to do the following steps:
✑ Find the built-in detector that you want to subscribe to. You can use the metric finder or the dashboard groups to locate the built-in detectors that are relevant to your data sources1.
✑ Hover over the built-in detector and click the Subscribe button. This will open a dialog box where you can configure your subscription settings1.
✑ Choose an outbound notification channel from the drop-down menu. This is where you can specify how you want to receive the alert notifications from the built-in detector. You can choose from various channels, such as email, Slack, PagerDuty, webhook, and so on2. You can also create a new notification channel by clicking the + icon2.
✑ Enter the notification details for the selected channel. This may include your email address, Slack channel name, PagerDuty service key, webhook URL, and so on2. You can also customize the notification message with variables and markdown formatting2.
✑ Click Save. This will subscribe you to the built-in detector and send you alert notifications through the chosen channel when the detector triggers or clears an alert.
Therefore, option C is correct.

Where does the Splunk distribution of the OpenTelemetry Collector store the configuration files on Linux machines by default?

1. A. /opt/splunk/
2. B. /etc/otel/collector/
3. C. /etc/opentelemetry/
4. D. /etc/system/default/

Correct Answer: B
The correct answer is B. /etc/otel/collector/
According to the web search results, the Splunk distribution of the OpenTelemetry Collector stores the configuration files on Linux machines in the /etc/otel/collector/ directory by default. You can verify this by looking at the first result1, which explains how to install the Collector for Linux manually. It also provides the locations of the default configuration file, the agent configuration file, and the gateway configuration file.
To learn more about how to install and configure the Splunk distribution of the OpenTelemetry Collector, you can refer to this documentation2.
1: https://docs.splunk.com/Observability/gdi/opentelemetry/install-linux-manual.html 2: https://docs.splunk.com/Observability/gdi/opentelemetry.html

A Software Engineer is troubleshooting an issue with memory utilization in their application. They released a new canary version to production and now want to determine if the average memory usage is lower for requests with the 'canary' version dimension. They've already opened the graph of memory utilization for their service.
How does the engineer see if the new release lowered average memory utilization?

1. A. On the chart for plot A, select Add Analytics, then select MeanrTransformatio
2. B. In the window that appears, select 'version' from the Group By field.
3. C. On the chart for plot A, scroll to the end and click Enter Function, then enter 'A/B-l'.
4. D. On the chart for plot A, select Add Analytics, then select Mean:Aggregatio
5. E. In the window that appears, select 'version' from the Group By field.
6. F. On the chart for plot A, click the Compare Means butto
7. G. In the window that appears, type 'version1.

Correct Answer: C
The correct answer is C. On the chart for plot A, select Add Analytics, then select Mean:Aggregation. In the window that appears, select ‘version’ from the Group By field.
This will create a new plot B that shows the average memory utilization for each version of the application. The engineer can then compare the values of plot B for the ‘canary’ and ‘stable’ versions to see if there is a significant difference.
To learn more about how to use analytics functions in Splunk Observability Cloud, you can refer to this documentation1.
1: https://docs.splunk.com/Observability/gdi/metrics/analytics.html

The alert recipients tab specifies where notification messages should be sent when alerts are triggered or cleared. Which of the below options can be used? (select all that apply)

1. A. Invoke a webhook URL.
2. B. Export to CSV.
3. C. Send an SMS message.
4. D. Send to email addresses.

Correct Answer: ACD
The alert recipients tab specifies where notification messages should be sent when alerts are triggered or cleared. The options that can be used are:
✑ Invoke a webhook URL. This option allows you to send a HTTP POST request to a custom URL that can perform various actions based on the alert information. For example, you can use a webhook to create a ticket in a service desk system, post a message to a chat channel, or trigger another workflow1
✑ Send an SMS message. This option allows you to send a text message to one or more phone numbers when an alert is triggered or cleared. You can customize the message content and format using variables and templates2
✑ Send to email addresses. This option allows you to send an email notification to one or more recipients when an alert is triggered or cleared. You can customize the email subject, body, and attachments using variables and templates. You can also include information from search results, the search job, and alert triggering in the email3
Therefore, the correct answer is A, C, and D.
1: https://docs.splunk.com/Documentation/Splunk/latest/Alert/Webhooks 2:
https://docs.splunk.com/Documentation/Splunk/latest/Alert/SMSnotification 3: https://docs.splunk.com/Documentation/Splunk/latest/Alert/Emailnotification

What information is needed to create a detector?

1. A. Alert Status, Alert Criteria, Alert Settings, Alert Message, Alert Recipients
2. B. Alert Signal, Alert Criteria, Alert Settings, Alert Message, Alert Recipients
3. C. Alert Signal, Alert Condition, Alert Settings, Alert Message, Alert Recipients
4. D. Alert Status, Alert Condition, Alert Settings, Alert Meaning, Alert Recipients

Correct Answer: C
According to the Splunk Observability Cloud documentation1, to create a detector, you need the following information:
✑ Alert Signal: This is the metric or dimension that you want to monitor and alert on.
You can select a signal from a chart or a dashboard, or enter a SignalFlow query to define the signal.
✑ Alert Condition: This is the criteria that determines when an alert is triggered or cleared. You can choose from various built-in alert conditions, such as static threshold, dynamic threshold, outlier, missing data, and so on. You can also specify the severity level and the trigger sensitivity for each alert condition.
✑ Alert Settings: This is the configuration that determines how the detector behaves
and interacts with other detectors. You can set the detector name, description, resolution, run lag, max delay, and detector rules. You can also enable or disable the detector, and mute or unmute the alerts.
✑ Alert Message: This is the text that appears in the alert notification and event feed.
You can customize the alert message with variables, such as signal name, value, condition, severity, and so on. You can also use markdown formatting to enhance the message appearance.
✑ Alert Recipients: This is the list of destinations where you want to send the alert
notifications. You can choose from various channels, such as email, Slack, PagerDuty, webhook, and so on. You can also specify the notification frequency and suppression settings.