Splunk SOAR Certified Automation Developer — Question 5

Which of the following is the best use case for configuring a Multi-KPI Alert?

Answer options

• A. Comparing content between two notable events.
• B. Using machine learning to evaluate when data falls outside of an expected pattern.
• C. Comparing anomaly detection between two KPIs.
• D. Raising an alert when one or more KPIs indicate an outage is occurring.

Correct answer: D

Explanation

The correct answer, D, is suitable because Multi-KPI Alerts are designed to monitor multiple KPIs for signs of outages. The other options focus on comparisons or evaluations that do not specifically address the need for alerts during outages.