SPLK-1002 V4

Which of the following statements are true for this search? (Select all that apply.) SEARCH: sourcetype=access* |fields action productld statusA . is looking for all events that include the search terms: fields AND action AND productld AND statusB . users the table command to improve performanceC . limits the fields...

Which of the following statements about tags is true?A . Tags are case insensitive.B . Tags are created at index time.C . Tags can make your data more understandable.D . Tags are searched by using the syntax tag:: <fieldneme>View AnswerAnswer: C Explanation: Tags are aliases or alternative names for field...

Which of the following are required to create a POST workflow action?A . Label, URI, search string.B . XMI attributes, URI, name.C . Label, URI, post arguments.D . URI, search string, time range picker.View AnswerAnswer: C Explanation: POST workflow actions are custom actions that send a POST request to a...

Based on the macro definition shown below, what is the correct way to execute the macro in a search string? A . Convert_sales (euro, , 79)”B . Convert_sales (euro, , .79)C . Convert_sales ($euro,$$,s79$D . Convert_sales ($euro, $$,S,79$)View AnswerAnswer: B Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/8.0.3/Knowledge/Usesearchmacros The correct way to execute the macro...

Which of the following can be used with the eval command tostring function (select all that apply)A . ‘’hex’’B . ‘’commas’’C . ‘’Decimal’’D . ‘’duration’’View AnswerAnswer: A, B, D Explanation: https://docs.splunk.com/Documentation/Splunk/8.1.0/SearchReference/ConversionFunctions#tostri ng.28X.2CY.29 The tostring function in the eval command converts a numeric value to a string value. It can take...

Selected fields are displayed ______each event in the search results.A . belowB . interesting fieldsC . other fieldsD . aboveView AnswerAnswer: A Explanation: Selected fields are fields that you choose to display in your search results by clicking on them in the Fields sidebar or by using the fields command2....

Calculated fields can be based on which of the following?A . TagsB . Extracted fieldsC . Output fields for a lookupD . Fields generated from a search stringView AnswerAnswer: B Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/8.0.3/Knowledge/definecalcfields A calculated field is a field that you create based on the value of another field or...

Use this command to use lookup fields in a search and see the lookup fields in the field sidebar.A . inputlookupB . lookupView AnswerAnswer: B

Which of the following statements describes macros?A . A macro is a reusable search string that must contain the full search.B . A macro is a reusable search string that must have a fixed time range.C . A macro Is a reusable search string that may have a flexible time...

Which of the following statements describe the search below? (select all that apply) Index=main I transaction clientip host maxspan=30s maxpause=5sA . Events in the transaction occurred within 5 seconds.B . It groups events that share the same clientip and host.C . The first and last events are no more than...