- All Exams Instant Download
Which of the following about reports is/are true?
Which of the following about reports is/are true?A . Reports are knowledge objects.B . Reports can be scheduled.C . Reports can run a script.D . All of the above.View AnswerAnswer: D Explanation: A report is a way to save a search and its results in a format that you can...
What is the relationship between data models and pivots?
What is the relationship between data models and pivots?A . Data models provide the datasets for pivots.B . Pivots and data models have no relationship.C . Pivots and data models are the same thing.D . Pivots provide the datasets for data models.View AnswerAnswer: A Explanation: The relationship between data models...
This is what Splunk uses to categorize the data that is being indexed.
This is what Splunk uses to categorize the data that is being indexed.A . HostB . SourcetypeC . IndexD . SourceView AnswerAnswer: B
Which of the following searches will return events contains a tag name Privileged?
Which of the following searches will return events contains a tag name Privileged?A . Tag= PrivB . Tag= Pri*C . Tag= Priv*D . Tag= PrivilegedView AnswerAnswer: B Explanation: Reference: https://docs.splunk.com/Documentation/PCI/4.1.0/Install/PrivilegedUserActivity A tag is a descriptive label that you can apply to one or more fields or field values in your...
Which is not a comparison operator in Splunk
Which is not a comparison operator in SplunkA . <=B . =C . !=D . >E . ?=View AnswerAnswer: E Explanation: A comparison operator is a symbol that compares two values and returns a Boolean result (true or false)2. Splunk supports various comparison operators such as <, >, =, !=,...
Which of the following file formats can be extracted using a delimiter field extraction?
Which of the following file formats can be extracted using a delimiter field extraction?A . CSVB . PDFC . XMLD . JSONView AnswerAnswer: A Explanation: A delimiter field extraction is a method of extracting fields from data that uses a character or a string to separate fields in each event....
Which of the following statements about event types is true? (select all that apply)
Which of the following statements about event types is true? (select all that apply)A . Event types can be tagged.B . Event types must include a time range,C . Event types categorize events based on a search.D . Event types can be a useful method for capturing and sharing knowledge.View...
These users can create global knowledge objects. (Select all that apply.)
These users can create global knowledge objects. (Select all that apply.)A . usersB . power usersC . administratorsView AnswerAnswer: B, C
When using the Field Extractor (FX), which of the following delimiters will work? (select all that apply)
When using the Field Extractor (FX), which of the following delimiters will work? (select all that apply)A . TabsB . PipesC . ColonsD . SpacesView AnswerAnswer: A, B, D Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/8.0.3/Knowledge/FXSelectMethodstep https://community.splunk.com/t5/Splunk-Search/Field-Extraction-Separate-on-Colon/m-p/29751 The Field Extractor (FX) is a tool that helps you extract fields from your data using delimiters...
Which of the following statements are true for this search? (Select all that apply.)
Which of the following statements are true for this search? (Select all that apply.) SEARCH: sourcetype=access* |fields action productld statusA . is looking for all events that include the search terms: fields AND action AND productld AND statusB . users the table command to improve performanceC . limits the fields...
