Which of the following searches will return events contains a tag name Privileged?
Which of the following searches will return events contains a tag name Privileged?
A . Tag= Priv
B . Tag= Pri*
C . Tag= Priv*
D . Tag= Privileged
Answer: B
Explanation:
Reference: https://docs.splunk.com/Documentation/PCI/4.1.0/Install/PrivilegedUserActivity
A tag is a descriptive label that you can apply to one or more fields or field values in your events1. You can use tags to simplify your searches by replacing long or complex field names or values with short and simple tags1. To search for events that contain a tag name, you can use the tag keyword followed by an equal sign and the tag name1. You can also use wildcards (*) to match partial tag names1. Therefore, option B is correct because it will return events that contain a tag name that starts with Pri. Options A and D are incorrect because they will only return events that contain an exact tag name match. Option C is incorrect because it will return events that contain a tag name that starts with Priv, not Privileged.
Latest SPLK-1002 Dumps Valid Version with 168 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund