Splunk SOAR Certified Automation Developer — Question 56

Which of the following is not true about anomaly detection?

Answer options

• A. It can analyze per-entity behavior.
• B. It is configured at the service level.
• C. It looks for a deviation from a historic pattern.
• D. Its results are stored in the anomaly_detection index.

Correct answer: D

Explanation

The correct answer is D because while anomaly detection does generate results, they are typically not stored in a dedicated index like anomaly_detection. Options A, B, and C accurately describe the capabilities and functions of anomaly detection.