Which of the following is a metadata field assigned to every event in Splunk?

Which of the following is a metadata field assigned to every event in Splunk?A . hostB . ownerC . bytesD . actionView AnswerAnswer: A Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/8.0.3/Data/Assignmetadatatoeventsdynamically

December 13, 2020 No Comments READ MORE +

What are the three main Splunk components?

What are the three main Splunk components?A . Search head, GPU, streamerB . Search head, indexer, forwarderC . Search head, SQL database, forwarderD . Search head, SSD, heavy weight agentView AnswerAnswer: B Explanation: Reference: https://www.edureka.co/blog/splunk-architecture/

December 13, 2020 No Comments READ MORE +

Field values are case sensitive.

Field values are case sensitive.A . TrueB . FalseView AnswerAnswer: B

December 13, 2020 No Comments READ MORE +

What kind of logs can Splunk Index?

What kind of logs can Splunk Index?A . Only A, BB . Router and Switch LogsC . Firewall and Web Server LogsD . Only CE . Database logsF . All firewall, web server, database, router and switch logsView AnswerAnswer: F

December 13, 2020 No Comments READ MORE +

Which of the following is the most efficient search?

Which of the following is the most efficient search?A . index=* “failed password”B . “failed password” index=*C . (index=* OR index=security) “failed password”D . index=security “failed password”View AnswerAnswer: A

December 13, 2020 No Comments READ MORE +

When displaying results of a search, which of the following is true about line charts?

When displaying results of a search, which of the following is true about line charts?A . Line charts are optimal for single and multiple series.B . Line charts are optimal for single series when using Fast mode.C . Line charts are optimal for multiple series with 3 or more columns.D...

December 12, 2020 No Comments READ MORE +

You can also specify a time range in the search bar. You can use the following for beginning and ending for a time range (Choose two.):

You can also specify a time range in the search bar. You can use the following for beginning and ending for a time range (Choose two.):A . Not possible to specify time manually in Search queryB . end=C . start=D . earliest=E . latest=View AnswerAnswer: D,E

December 12, 2020 No Comments READ MORE +

Three basic components of Splunk are (Choose three.):

Three basic components of Splunk are (Choose three.):A . ForwardersB . Deployment ServerC . IndexerD . Knowledge ObjectsE . IndexF . Search HeadView AnswerAnswer: A,C,F

December 12, 2020 No Comments READ MORE +

Put query into separate lines where | (Pipes) are used by selecting following options.

Put query into separate lines where | (Pipes) are used by selecting following options.A . CTRL + EnterB . Shift + EnterC . Space + EnterD . ALT + EnterView AnswerAnswer: B

December 12, 2020 No Comments READ MORE +

What can be configured using the Edit Job Settings menu?

What can be configured using the Edit Job Settings menu?A . Export the results to CSV formatB . Add the Job results to a dashboardC . Schedule the Job to re-run in 10 minutesD . Change Job Lifetime from 10 minutes to 7 days.View AnswerAnswer: D

December 12, 2020 No Comments READ MORE +