SPLK-1002 exam

Which of the following are required to create a POST workflow action?A . Label, URI, search string.B . XMI attributes, URI, name.C . Label, URI, post arguments.D . URI, search string, time range picker.View AnswerAnswer: C Explanation: POST workflow actions are custom actions that send a POST request to a...

Based on the macro definition shown below, what is the correct way to execute the macro in a search string? A . Convert_sales (euro, , 79)”B . Convert_sales (euro, , .79)C . Convert_sales ($euro,$$,s79$D . Convert_sales ($euro, $$,S,79$)View AnswerAnswer: B Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/8.0.3/Knowledge/Usesearchmacros The correct way to execute the macro...

Which of the following can be used with the eval command tostring function (select all that apply)A . ‘’hex’’B . ‘’commas’’C . ‘’Decimal’’D . ‘’duration’’View AnswerAnswer: A, B, D Explanation: https://docs.splunk.com/Documentation/Splunk/8.1.0/SearchReference/ConversionFunctions#tostri ng.28X.2CY.29 The tostring function in the eval command converts a numeric value to a string value. It can take...

Selected fields are displayed ______each event in the search results.A . belowB . interesting fieldsC . other fieldsD . aboveView AnswerAnswer: A Explanation: Selected fields are fields that you choose to display in your search results by clicking on them in the Fields sidebar or by using the fields command2....

Calculated fields can be based on which of the following?A . TagsB . Extracted fieldsC . Output fields for a lookupD . Fields generated from a search stringView AnswerAnswer: B Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/8.0.3/Knowledge/definecalcfields A calculated field is a field that you create based on the value of another field or...

Use this command to use lookup fields in a search and see the lookup fields in the field sidebar.A . inputlookupB . lookupView AnswerAnswer: B

Which of the following statements describes macros?A . A macro is a reusable search string that must contain the full search.B . A macro is a reusable search string that must have a fixed time range.C . A macro Is a reusable search string that may have a flexible time...

Which of the following statements describe the search below? (select all that apply) Index=main I transaction clientip host maxspan=30s maxpause=5sA . Events in the transaction occurred within 5 seconds.B . It groups events that share the same clientip and host.C . The first and last events are no more than...

Which group of users would most likely use pivots?A . UsersB . ArchitectsC . AdministratorsD . Knowledge ManagersView AnswerAnswer: A Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/8.0.3/Pivot/IntroductiontoPivot A pivot is a tool that allows you to create reports and dashboards using data models without writing any SPL commands2. You can use pivots to explore,...

Which of the following statements describes this search? sourcetype=access_combined I transaction JSESSIONID | timechart avg (duration)A . This is a valid search and will display a timechart of the average duration, of each transaction event.B . This is a valid search and will display a stats table showing the maximum...