Which of the following is a metadata field assigned to every event in Splunk?
Which of the following is a metadata field assigned to every event in Splunk?A . hostB . ownerC . bytesD . actionView AnswerAnswer: A Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/8.0.3/Data/Assignmetadatatoeventsdynamically
What are the three main Splunk components?
What are the three main Splunk components?A . Search head, GPU, streamerB . Search head, indexer, forwarderC . Search head, SQL database, forwarderD . Search head, SSD, heavy weight agentView AnswerAnswer: B Explanation: Reference: https://www.edureka.co/blog/splunk-architecture/
Field values are case sensitive.
Field values are case sensitive.A . TrueB . FalseView AnswerAnswer: B
What kind of logs can Splunk Index?
What kind of logs can Splunk Index?A . Only A, BB . Router and Switch LogsC . Firewall and Web Server LogsD . Only CE . Database logsF . All firewall, web server, database, router and switch logsView AnswerAnswer: F
Which of the following is the most efficient search?
Which of the following is the most efficient search?A . index=* “failed password”B . “failed password” index=*C . (index=* OR index=security) “failed password”D . index=security “failed password”View AnswerAnswer: A
When displaying results of a search, which of the following is true about line charts?
When displaying results of a search, which of the following is true about line charts?A . Line charts are optimal for single and multiple series.B . Line charts are optimal for single series when using Fast mode.C . Line charts are optimal for multiple series with 3 or more columns.D...
You can also specify a time range in the search bar. You can use the following for beginning and ending for a time range (Choose two.):
You can also specify a time range in the search bar. You can use the following for beginning and ending for a time range (Choose two.):A . Not possible to specify time manually in Search queryB . end=C . start=D . earliest=E . latest=View AnswerAnswer: D,E
Three basic components of Splunk are (Choose three.):
Three basic components of Splunk are (Choose three.):A . ForwardersB . Deployment ServerC . IndexerD . Knowledge ObjectsE . IndexF . Search HeadView AnswerAnswer: A,C,F
Put query into separate lines where | (Pipes) are used by selecting following options.
Put query into separate lines where | (Pipes) are used by selecting following options.A . CTRL + EnterB . Shift + EnterC . Space + EnterD . ALT + EnterView AnswerAnswer: B
What can be configured using the Edit Job Settings menu?
What can be configured using the Edit Job Settings menu?A . Export the results to CSV formatB . Add the Job results to a dashboardC . Schedule the Job to re-run in 10 minutesD . Change Job Lifetime from 10 minutes to 7 days.View AnswerAnswer: D