Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Splunk SPLK-1001 - Splunk Core Certified User

Splunk SPLK-1001 Premium Access     Download Demo    
Page: 7 / 8
Total 244 questions

Given the following SPL search, how many rows of results would you expect to be returned by default? index=security sourcetype=linux_secure (fail* OR invalid) I top src__ip

A.

10

B.

50

C.

100

D.

20

Which of the following are functions of the stats command?

A.

count, sum, add

B.

count, sum, less

C.

sum, avg, values

D.

sum, values, table

Forward Option gather and forward data to indexers over a receiving port from remote machines.

A.

False

B.

True

How are events displayed after a search is executed?

A.

In chronological order.

B.

Randomly by default.

C.

In reverse chronological order.

D.

Alphabetically according to field name.

Matching of parentheses is a feature of Splunk Assistant.

A.

No

B.

Yes

How do you add or remove fields from search results?

A.

Use field +to add and field -to remove.

B.

Use table +to add and table -to remove.

C.

Use fields +to add and fields –to remove.

D.

Use fields Plus to add and fields Minus to remove.

A field exists in search results, but isn’t being displayed in the fields sidebar. How can it be added to the fields sidebar?

A.

Click All Fields and select the field to add it to Selected Fields.

B.

Click Interesting Fields and select the field to add it to Selected Fields.

C.

Click Selected Fields and select the field to add it to Interesting Fields.

D.

This scenario isn’t possible because all fields returned from a search always appear in the fields sidebar.

Splunk apps are used for following (Choose three.):

A.

Designed to cater numerous use cases and empower Splunk.

B.

We can not install Splunk App.

C.

Allows multiple workspaces for different use cases/user roles.

D.

It is collection of different Splunk config files like data inputs, UI and Knowledge Object.

Portal for Splunk apps can be accessed through www.splunkbase.com

A.

False

B.

True

Splunk Enterprise is used as a Scalable service in Splunk Cloud.

A.

True

B.

False