Splunk SOAR Certified Automation Developer — Question 19

Which index contains ITSI Episodes?

Answer options

• A. itsi_tracked_alerts
• B. itsi_grouped_alerts
• C. itsi_notable_archive
• D. itsi_summary

Correct answer: B

Explanation

The correct answer is B, as the itsi_grouped_alerts index is specifically designed to store ITSI Episodes. Options A, C, and D do not contain episodes; A tracks alerts, C archives notable events, and D summarizes information.