Exam4Training

Which search will return the 15 least common field values for the dest_ip field?

Which search will return the 15 least common field values for the dest_ip field?
A . sourcetype=firewall | rare num=15 dest_ip
B . sourcetype=firewall | rare last=15 dest_ip
C . sourcetype=firewall | rare count=15 dest_ip
D . sourcetype=firewall | rare limit=15 dest_ip

Answer: C

Explanation:

Reference: https://answers.splunk.com/answers/41928/add-a-lookup-csv-colum-information-to-the-results-ofa-inputlookup-search.html

Exit mobile version