Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Splunk SPLK-1001 - Splunk Core Certified User

Splunk SPLK-1001 Premium Access     Download Demo    
Page: 2 / 8
Total 244 questions

@ Symbol can be used in advanced time unit option.

A.

No

B.

Yes

All users by default have WRITE permission to ALL knowledge objects.

A.

True

B.

False

Splunk indexes the data on the basis of timestamps.

A.

True

B.

False

Which of the following represents the Splunk recommended naming convention for dashboards?

A.

Description_Group_Object

B.

Group_Description_Object

C.

Group_Object_Description

D.

Object_Group_Description

Which of the following statements describes a search job?

A.

Once a search job begins, it cannot be stopped

B.

A search job can only be paused when less than 50% of events are returned

C.

A search job can only be stopped when less than 50% of events are returned

D.

Once a search job begins, it can be stopped or paused at any point in time

Can you stop or pause the searching?

A.

No

B.

Yes

Which of the following index searches would provide the most efficient search performance?

A.

index=*

B.

index=web OR index=s*

C.

(index=web OR index=sales)

D.

*index=sales AND index=web*

Zoom Out and Zoom to Selection re-executes the search.

A.

No

B.

Yes

Query - status != 100:

A.

Will return event where status field exist but value of that field is not 100.

B.

Will return event where status field exist but value of that field is not 100 and all events where status field

doesn't exist.

C.

Will get different results depending on data

In the fields sidebar, which character denotes alphanumeric field values?

A.

#

B.

%

C.

a

D.

a#