SPLK-1002 exam

Which of the following Statements about macros is true? (select all that apply)A . Arguments are defined at execution time.B . Arguments are defined when the macro is created.C . Argument values are used to resolve the search string at execution time.D . Argument values are used to resolve the...

Which of the following eval command function is valid?A . Int ()B . Count ( )C . Print ()D . Tostring ()View AnswerAnswer: D Explanation: The eval command supports a number of functions that you can use in your expressions to perform calculations, conversions, string manipulations and more2. One of...

What does the Splunk Common Information Model (CIM) add-on include? (select all that apply)A . Custom visualizationsB . Pre-configured data modelsC . Fields and event category tagsD . Automatic data model accelerationView AnswerAnswer: BC Explanation: The Splunk Common Information Model (CIM) add-on is a collection of pre-built data models and...

Which of the following workflow actions can be executed from search results? (select all that apply)A . GETB . POSTC . LOOKUPD . SearchView AnswerAnswer: A, B, D Explanation: As mentioned before, there are two types of workflow actions: GET and POST1. Both types of workflow actions can be executed...

How does a user display a chart in stack mode?A . By using the stack command.B . By turning on the Use Trellis Layout option.C . By changing Stack Mode in the Format menu.D . You cannot display a chart in stack mode, only a timechart.View AnswerAnswer: C Explanation: A...

Which of the following commands will show the maximum bytes?A . sourcetype=access_* | maximum totals by bytesB . sourcetype=access_* | avg (bytes)C . sourcetype=access_* | stats max(bytes)D . sourcetype=access_* | max(bytes)View AnswerAnswer: C

What does the fillnull command replace null values with, it the value argument is not specified?A . 0B . N/AC . NaND . NULLView AnswerAnswer: A Explanation: Reference: https://answers.splunk.com/answers/653427/fillnull-doesnt-work-without-specfying-a-field.html The fillnull command is a search command that replaces null values with a specified value or 0 if no value is...

Which of the following statements describes field aliases?A . Field alias names replace the original field name.B . Field aliases can be used in lookup file definitions.C . Field aliases only normalize data across sources and sourcetypes.D . Field alias names are not case sensitive when used as part of...

What is required for a macro to accept three arguments?A . The macro's name ends with (3).B . The macro's name starts with (3).C . The macro's argument count setting is 3 or more.D . Nothing, all macros can accept any number of arguments.View AnswerAnswer: A Explanation: To create a...

What does the following search do? A . Creates a table of the total count of users and split by corndogs.B . Creates a table of the total count of mysterymeat corndogs split by user.C . Creates a table with the count of all types of corndogs eaten split by...