A calculated field maybe based on which of the following?

A calculated field maybe based on which of the following?A . Lookup tablesB . Extracted fieldsC . Regular expressionsD . Fields generated within a search stringView AnswerAnswer: B

March 22, 2021 No Comments READ MORE +

Which of the following eval command function is valid?

Which of the following eval command function is valid?A . Int ()B . Count ( )C . Print ()D . Tostring ()View AnswerAnswer: D

March 22, 2021 No Comments READ MORE +

Data model are composed of one or more of which of the fo-owing datasets? (select all that apply.)

Data model are composed of one or more of which of the fo-owing datasets? (select all that apply.)A . Events datasetsB . Search datasetsC . Transaction datasetsD . Any child of event, transaction, and search datasetsView AnswerAnswer: A,B,C D

March 22, 2021 No Comments READ MORE +

Which of the following statements about tags is true?

Which of the following statements about tags is true?A . Tags are case insensitive.B . Tags are created at index time.C . Tags can make your data more understandable.D . Tags are searched by using the syntax tag: : <fieldneme>View AnswerAnswer: C

March 22, 2021 No Comments READ MORE +

Calculated fields can be based on which of the following?

Calculated fields can be based on which of the following?A . TagsB . Extracted fieldsC . Output fields for a lookupD . Fields generated from a search stringView AnswerAnswer: B Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/8.0.3/Knowledge/definecalcfield s

March 21, 2021 No Comments READ MORE +

What are the two parts of a root event dataset?

What are the two parts of a root event dataset?A . Fields and variables.B . Fields and attributes.C . Constraints and fields.D . Constraints and lookups.View AnswerAnswer: C Explanation: Reference: https://docs.splunk.com/Documentation/SplunkLight/7.3.5/GettingStarted/Designdatamodelobjects

March 21, 2021 No Comments READ MORE +

Which field name appears in the results?

A field alias has been created based on an original field. A search without any transforming commands is then executed in Smart Mode. Which field name appears in the results?A . Both will appear in the All Fields list, but only if the alias is specified in the search.B ....

March 21, 2021 No Comments READ MORE +

Which of the following statements describe calculated fields? (select all that apply)

Which of the following statements describe calculated fields? (select all that apply)A . Calculated fields can be used in the search bar.B . Calculated fields can be based on an extracted field.C . Calculated fields can only be applied to host and sourcetype.D . Calculated fields are shortcuts for performing...

March 20, 2021 No Comments READ MORE +

What is the relationship between data models and pivots?

What is the relationship between data models and pivots?A . Data models provide the datasets for pivots.B . Pivots and data models have no relationship.C . Pivots and data models are the same thing.D . Pivots provide the datasets for data models.View AnswerAnswer: A

March 20, 2021 No Comments READ MORE +

Which of the following workflow actions can be executed from search results? (select all that apply)

Which of the following workflow actions can be executed from search results? (select all that apply)A . GETB . POSTC . LOOKUPD . SearchView AnswerAnswer: A,B,D

March 20, 2021 No Comments READ MORE +