Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Splunk SPLK-1001 - Splunk Core Certified User

Splunk SPLK-1001 Premium Access     Download Demo    
Page: 4 / 8
Total 244 questions

Which search will return only events containing the word “error” and display the results as a table that includes

the fields named action, src, and dest?

A.

error | table action, src, dest

B.

error | tabular action, src, dest

C.

error | stats table action, src, dest

D.

error | table column=action column=src column=dest

Which all time unit abbreviations can you include in Advanced time range picker? (Choose seven.)

A.

h

B.

day

C.

mon

D.

yr

E.

y

F.

w

G.

week

You can view the search result in following format (Choose three.):

A.

Table

B.

Raw

C.

Pie Chart

D.

List

Field values are case sensitive.

A.

True

B.

False

The new data uploaded in Splunk are shown in ________________.

A.

Real-time

B.

10 Minutes

C.

Overnight Download

D.

30 Minutes

This is what Splunk uses to categorize the data that is being indexed.

A.

Host

B.

Sourcetype

C.

Index

D.

Source

Splunk users are assigned roles. Which of the following do roles determine?

A.

Password

B.

Port number

C.

Username

D.

Data access

When using the top command in the following search, which of the following will be true about the results?

index="main" sourcetype="access_*" action="purchase" | top 3 statusCode by user showperc=f countfield=status_code_count

A.

The search will fail. The proper top command format is top limit=3 instead of top 3.

B.

The top three most common values in statusCode will be displayed for each user.

C.

Only the top three overall most common values in statusCode will be displayed.

D.

The percentage field will be displayed in the results.

Use this command to use lookup fields in a search and see the lookup fields in the field sidebar.

A.

inputlookup

B.

lookup

In automatic lookup definitions, the _____ fields are those that are not in the event data.

A.

input

B.

output