- All Exams Instant Download
Which is one of the directories Splunk will look in to find the script?
When an alert action is configured to run a script, Splunk must be able to locate the script. Which is one of the directories Splunk will look in to find the script?A . $SPLUNK_HOME/bin/scriptsB . $SPLUNK_HOME/etc/scriptsC . $SPLUNK_HOME/bin/etc/scriptsD . $SPLUNK_HOME/etc/scripts/binView AnswerAnswer: A Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/7.2.6/Alert/Configuringscriptedalerts
What is the correct syntax to count the number of events containing a vendor_actionfield?
What is the correct syntax to count the number of events containing a vendor_actionfield?A . count stats vendor_actionB . count stats (vendor_action)C . stats count (vendor_action)D . stats vendor_action (count)View AnswerAnswer: C
Which statement is true about Splunk alerts?
Which statement is true about Splunk alerts?A . Alerts are based on searches that are either run on a scheduled interval or in real-time.B . Alerts are based on searches and when triggered will only send an email notification.C . Alerts are based on searches and require cron to run...
Which Boolean operator is always implied between two search terms, unless otherwise specified?
Which Boolean operator is always implied between two search terms, unless otherwise specified?A . ORB . NOTC . ANDD . XORView AnswerAnswer: C Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/7.2.6/Search/Booleanexpressions
Which search string returns a filed containing the number of matching events and names that field Event Count?
Which search string returns a filed containing the number of matching events and names that field Event Count?A . index=security failure | stats sum as “Event Count”B . index=security failure | stats count as “Event Count”C . index=security failure | stats count by “Event Count”D . index=security failure | stats...
What is the main requirement for creating visualizations using the Splunk UI?
What is the main requirement for creating visualizations using the Splunk UI?A . Your search must transform event data into Excel file format first.B . Your search must transform event data into XML formatted data first.C . Your search must transform event data into statistical data tables first.D . Your...
Which of the following represents the Splunk recommended naming convention for dashboards?
Which of the following represents the Splunk recommended naming convention for dashboards?A . Description_Group_ObjectB . Group_Description_ObjectC . Group_Object_DescriptionD . Object_Group_DescriptionView AnswerAnswer: C Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/7.2.6/Knowledge/Developnamingconventionsforknowledgeobjecttitles
What syntax is used to link key/value pairs in search strings?
What syntax is used to link key/value pairs in search strings?A . action+purchaseB . action=purchaseC . action | purchaseD . action equal purchaseView AnswerAnswer: B
In the fields sidebar, which character denotes alphanumeric field values?
In the fields sidebar, which character denotes alphanumeric field values?A . #B . %C . aD . a#View AnswerAnswer: C
When running searches, command modifiers in the search string are displayed in what color?
When running searches, command modifiers in the search string are displayed in what color?A . RedB . BlueC . OrangeD . HighlightedView AnswerAnswer: C Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/7.2.6/Search/Parsingsearches
