When looking at a dashboard panel that is based on a report, which of the following is true?

When looking at a dashboard panel that is based on a report, which of the following is true?A . You can modify the search string in the panel, and you can change and configure the visualization.B . You can modify the search string in the panel, but you cannot change...

September 26, 2019 No Comments READ MORE +

What must be done in order to use a lookup table in Splunk?

What must be done in order to use a lookup table in Splunk?A . The lookup must be configured to run automatically.B . The contents of the lookup file must be copied and pasted into the search bar.C . The lookup file must be uploaded to Splunk and a lookup...

September 26, 2019 No Comments READ MORE +

Which stats command function provides a count of how many unique values exist for a given field in the result set?

Which stats command function provides a count of how many unique values exist for a given field in the result set?A . dc(field)B . count(field)C . count-by(field)D . distinct-count(field)View AnswerAnswer: A

September 24, 2019 No Comments READ MORE +

What does the rare command do?

What does the rare command do?A . Returns the least common field values of a given field in the results.B . Returns the most common field values of a given field in the results.C . Returns the top 10 field values of a given field in the results.D . Returns...

September 23, 2019 No Comments READ MORE +

How can search results be kept longer than 7 days?

How can search results be kept longer than 7 days?A . By scheduling a report.B . By creating a link to the job.C . By changing the job settings.D . By changing the time range picker to more than 7 days.View AnswerAnswer: C

September 23, 2019 1 Comment READ MORE +

When running searches, command modifiers in the search string are displayed in what color?

When running searches, command modifiers in the search string are displayed in what color?A . RedB . BlueC . OrangeD . HighlightedView AnswerAnswer: C Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/7.2.6/Search/Parsingsearches

September 23, 2019 No Comments READ MORE +

When writing searches in Splunk, which of the following is true about Booleans?

When writing searches in Splunk, which of the following is true about Booleans?A . They must be lowercase.B . They must be uppercase.C . They must be in quotations.D . They must be in parentheses.View AnswerAnswer: B

September 22, 2019 No Comments READ MORE +

How are events displayed after a search is executed?

How are events displayed after a search is executed?A . In chronological order.B . Randomly by default.C . In reverse chronological order.D . Alphabetically according to field name.View AnswerAnswer: C

September 21, 2019 No Comments READ MORE +

When editing a dashboard, which of the following are possible options? (select all that apply)

When editing a dashboard, which of the following are possible options? (select all that apply)A . Add an output.B . Export a dashboard panel.C . Modify the chart type displayed in a dashboard panel.D . Drag a dashboard panel to a different location on the dashboard.View AnswerAnswer: C

September 21, 2019 1 Comment READ MORE +

Which search string only returns events from hostWWW3?

Which search string only returns events from hostWWW3?A . host=*B . host=WWW3C . host=WWW*D . Host=WWW3View AnswerAnswer: B

September 20, 2019 No Comments READ MORE +