Podcast Beta
Questions and Answers
Which one of the following statements about the search command is true?
Answer hidden
It is mandatory for the lookup file to have this for an automatic lookup to work.
Answer hidden
What does the following search do? index=corndog type=mysterymeat action=eaten | stats count as cornlog_count by us:
Answer hidden
These kinds of charts represent a series in a single bar with multiple sections.
Answer hidden
If a search returns ____________ it can be viewed as a chart.
Answer hidden
Which of the following statements about tags is true?
Answer hidden
This role is required to install the CIM Add-on. Select your answer.
Answer hidden
Which of the following eval command function is valid?
Answer hidden
Field aliases are used to __________ data
Answer hidden
Which of the following is the correct way to use the data model command to search fields in the Web data model within the web dataset?
Answer hidden
When extracting fields, we may choose to use our own regular expressions
Answer hidden
Which of the following statements describes field aliases?
Answer hidden
Alert throttling is used to _______.
Answer hidden
This is what Splunk uses to categorize the data that is being indexed.
Answer hidden
Which of the following knowledge objects represents the output of an eval expression?
Answer hidden
Which of the following actions can the eval command perform?
Answer hidden
Which of the following statements describe data model acceleration? (select all that apply, write letter of corresponding answer/s) A. Root events cannot be accelerated. B. Accelerated data models cannot be edited. C. Private data models cannot be accelerated. D. You must have administrative permissions or the accelerate_dacamodel capability to accelerate a data model.
Answer hidden
What is the relationship between data models and pivots?
Answer hidden
This function of the stats command allows you to return the middle-most value of field X.
Answer hidden
Which of the following commands are used when creating visualizations(select all that apply.) A. Geom B. Choropleth C. Geostats D. Iplocation
Answer hidden
This function of the stats command allows you to identify the number of values a field has.
Answer hidden
Which of these search strings is NOT valid:
Answer hidden
A report scheduled to run every 15 mins. but takes 17 mins. to complete is in danger of being _____.
Answer hidden
What does the transaction command do?
Answer hidden
Which of the following is NOT a stats function:
Answer hidden
Data models are composed of one or more of which of the following datasets?
Answer hidden
Which delimiters can the Field Extractor (FX) detect?
Answer hidden
We can use the rename command to _____ (
Answer hidden
In what order are the following knowledge objects/configurations applied?
Answer hidden
Which is not a comparison operator in Splunk
Answer hidden
Which of the following can be used with the eval command tostring function
Answer hidden
Which command is used to create choropleth maps?
Answer hidden
A calculated field maybe based on which of the following?
Answer hidden
What do events in a transaction have in common?
Answer hidden
What are the two parts of a root event dataset?
Answer hidden
In which of the following scenarios is an event type more effective than a saved search?
Answer hidden
A space is an implied _____ in a search string.
Answer hidden
Which of the following statements describes macros?
Answer hidden
