It is no possible for a single instance of Splunk to manage the input, parsing and indexing of machine dat
A.
True
B.
False
False
It is not possible for a single instance of Splunk to manage the input, parsing and indexing of machine.
A.
True
B.
False
False
By default search results are not returned in order.
A.
Chronological
B.
Reverser chronological
C.
ASCIE
D.
Alphabetical
Chronological
Alphabetical
The stats command will create a by default.
A.
Table
B.
Report
C.
Pie chart
Table
Which is not a comparison operator in Splunk
A.
<=
B.
=
C.
!=
D.
>
E.
?=
?=
Which search string only returns events from hostWWW3?
A.
host=WWW3
B.
host=WWW*
C.
Host=WWW3
host=WWW*
What must be done before an automatic lookup can be created? (select all that apply)
A.
The lookup command must be used.
B.
The lookup definition must be created
C.
The lookup file must be uploaded to Splunk.
D.
The lookup file must be verified using the inputlookup command.
The lookup definition must be created
When writing searches in Splunk, which of the following is true about Booleans?
A.
They must be lowercase. B. They must be uppercase.
B.
They must be in quotations.
C.
They must be in parentheses.
Which of the following constraints can be used with the top command?
A.
limit
B.
addtotals
C.
fieldcount
limit
Which of the following represents the Splunk recommended naming convention for dashboards?
A.
Description_Group_Object
B.
Group_Description_Object
C.
Group_Object_Description
Group_Object_Description
How can search results be kept longer than 7 days?
A.
By scheduling a report.
B.
By creating a link to the job.
C.
C. By changing the job settings.
D.
By changing the time range picker to more than 7 days.
C. By changing the job settings.
Which of the following is a Splunk search best practice?
A.
Filter as early as possible.
B.
Never specify more than one index.
C.
Include as few search terms as possible.
D.
Use wildcards to return more search results.
Filter as early as possible.
| Page 8 out of 21 Pages |
| Previous |