This function of the stats command allows you to return the sample standard deviation of a field.
A.
stdev
B.
dev
C.
count deviation
D.
by standarddev
Which of the following commands will show the maximum bytes?
A.
sourcetype=access_* | maximum totals by bytes
B.
sourcetype=access_* | avg (bytes)
C.
sourcetype=access_* | stats max(bytes)
D.
sourcetype=access_* | max(bytes)
This search will return 20 results. SEARCH: error | top host limit = 20
A.
True
B.
False
Which of the following searches will show the number of categoryld used by each host?
A.
Sourcetype=access_* |sum bytes by host
B.
Sourcetype=access_* |stats sum(categoryl
C.
by host C.Sourcetype=access_* |sum(bytes) by host
D.
Sourcetype=access_* |stats sum by host
This clause is used to group the output of a stats command by a specific name.
A.
Rex
B.
As
C.
List
D.
By
This function of the stats command allows you to return the middle-most value of field X.
A.
Median(X)
B.
Eval by X
C.
Fields(X)
D.
Values(X)
When a search returns , you can view the results as a list.
A.
a list of events
B.
transactions
C.
statistical values
Clicking a SEGMENT on a chart, .
A.
drills down for that value
B.
highlights the field value across the chart
C.
adds the highlighted value to the search criteria
Use this command to use lookup fields in a search and see the lookup fields in the field sidebar.
A.
inputlookup
B.
lookup
Lookups can be private for a user.
A.
True
B.
False
In automatic lookup definitions, the fields are those that are not in the event dat a.
A.
input
B.
output
What is the correct order of steps for creating a new lookup?
A.
2, 1, 3
B.
1, 2, 3
C.
2, 3, 1
D.
| Page 6 out of 21 Pages |
| Previous |