SPLK-1001 exam

Which statement is true about the top command?A . It returns the top 10 resultsB . It displays the output in table formatC . It returns the count and percent columns per rowD . All of the aboveView AnswerAnswer: D

A collection of items containing things such as data inputs, UI elements, and knowledge objects is known as what?A . An appB . JSONC . A roleD . An enhanced solutionView AnswerAnswer: A

Which search string is the most efficient?A . "failed password"B . ''failed password"*C . index=* "failed password"D . index=security "failed password"View AnswerAnswer: D

Lookups allow you to overwrite your raw event.A . TrueB . FalseView AnswerAnswer: A

When a search returns __________, you can view the results as a list.A . a list of eventsB . transactionsC . statistical valuesView AnswerAnswer: C

Which command is used to validate a lookup file?A . | lookup products.csvB . inputlookup products.csvC . I inputlookup products.csvD . | lookup definition products.csvView AnswerAnswer: C

What does the following specified time range do? earliest=-72h@h latest=@dA . Look back 3 days ago and priorB . Look back 72 hours up to one day agoC . Look back 72 hours, up to the end of todayD . Look back from 3 days ago up to the beginning...

By default, all users have DELETE permission to ALL knowledge objects.A . TrueB . FalseView AnswerAnswer: B

What can be included in the All Fields option in the sidebar?A . DashboardsB . Metadata onlyC . Non-interesting fieldsD . Field descriptionsView AnswerAnswer: C

When running searches command modifiers in the search string are displayed in what color?A . RedB . BlueC . OrangeD . HighlightedView AnswerAnswer: B