What is a primary function of a scheduled report?

What is a primary function of a scheduled report?A . Auto-detect changes in performance.B . Auto-generated PDF reports of overall data trends.C . Regularly scheduled archiving to keep disk space use low.D . Triggering an alert in your Splunk instance when certain conditions are met.View AnswerAnswer: D

October 4, 2019 No Comments READ MORE +

Which is one of the directories Splunk will look in to find the script?

When an alert action is configured to run a script, Splunk must be able to locate the script. Which is one of the directories Splunk will look in to find the script?A . $SPLUNK_HOME/bin/scriptsB . $SPLUNK_HOME/etc/scriptsC . $SPLUNK_HOME/bin/etc/scriptsD . $SPLUNK_HOME/etc/scripts/binView AnswerAnswer: A

October 3, 2019 No Comments READ MORE +

Which of the following statements about case sensitivity is true?

Which of the following statements about case sensitivity is true?A . Both field names and field values ARE case sensitive.B . Field names ARE case sensitive; field values are NOD . Field values ARE case sensitive; field names ARE NOF . Both field names and field values ARE NOT case...

October 3, 2019 No Comments READ MORE +

Which Boolean operator is always implied between two search terms, unless otherwise specified?

Which Boolean operator is always implied between two search terms, unless otherwise specified?A . ORB . NOTC . ANDD . XORView AnswerAnswer: C

September 29, 2019 No Comments READ MORE +

When sorting on multiple fields with the sort command, what delimiter can be used between the field names in the search?

When sorting on multiple fields with the sort command, what delimiter can be used between the field names in the search?A . |B . $C . !D . ,View AnswerAnswer: D

September 29, 2019 No Comments READ MORE +

Which of the following Splunk components typically resides on the machines where data originates?

Which of the following Splunk components typically resides on the machines where data originates?A . IndexerB . ForwarderC . Search headD . Deployment serverView AnswerAnswer: C

September 28, 2019 2 Comments READ MORE +

By default, which of the following fields would be listed in the fields sidebar under interesting Fields?

By default, which of the following fields would be listed in the fields sidebar under interesting Fields?A . hostB . indexC . sourceD . sourcetypeView AnswerAnswer: A

September 28, 2019 1 Comment READ MORE +

Which time range picker configuration would return real-time events for the past 30 seconds?

Which time range picker configuration would return real-time events for the past 30 seconds?A . Preset - Relative: 30-seconds agoB . Relative - Earliest: 30-seconds ago, Latest: NowC . Real-time - Earliest: 30-seconds ago, Latest: NowD . Advanced - Earliest: 30-seconds ago, Latest: NowView AnswerAnswer: C

September 28, 2019 No Comments READ MORE +

By default, how long does Splunk retain a search job?

By default, how long does Splunk retain a search job?A . 10 MinutesB . 15 MinutesC . 1 DayD . 7 DaysView AnswerAnswer: A Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/7.2.6/Search/Extendjoblifetimes

September 27, 2019 No Comments READ MORE +

Which search string only returns events from hostWWW3?

Which search string only returns events from hostWWW3?B . host=WWW3D . host=WWW*F . Host=WWW3View AnswerAnswer: B

September 27, 2019 No Comments READ MORE +