SPLK-1001 exam

How does Splunk determine which fields to extract from data?A . Splunk only extracts the most interesting data from the last 24 hours.B . Splunk only extracts fields users have manually specified in their data.C . Splunk automatically extracts any fields that generate interesting visualizations.D . Splunk automatically discovers many...

Data summary button just below the search bar gives you the following (Choose three.):A . HostsB . SourcetypesC . SourcesD . IndexesView AnswerAnswer: A,B,D

Which symbol is used to snap the time?A . @B . &C . *D . #View AnswerAnswer: A

Interesting fields are the fields that have at least 20% of resulting fields.A . TrueB . FalseView AnswerAnswer: A

There are three different search modes in Splunk (Choose three.):A . AutomaticB . SmartC . FastD . VerboseView AnswerAnswer: B,C,D

The stats command will create a _____________ by default.A . TableB . ReportC . Pie chartView AnswerAnswer: A

Select the answer that displays the accurate placing of the pipe in the following search string: index=security sourcetype=access_* status=200 stats count by priceA . index=security sourcetype=access_* status=200 stats | count by priceB . index=security sourcetype=access_* status=200 | stats count by priceC . index=security sourcetype=access_* status=200 | stats count | by...

Matching search terms are highlighted.A . YesB . NoView AnswerAnswer: A

What user interface component allows for time selection?A . Time summaryB . Time range pickerC . Search time pickerD . Data source time statisticsView AnswerAnswer: B

After running a search, what effect does clicking and dragging across the timeline have?A . Executes a new search.B . Filters current search results.C . Moves to past or future events.D . Expands the time range of the search.View AnswerAnswer: B