Which search string only returns events from hostWWW3?
#1
Answer: B✅ Correct❌ Incorrect
By default, how long does Splunk retain a search job?
#2
Answer: A✅ Correct❌ Incorrect
What must be done before an automatic lookup can be created?
#3
Answer: B✅ Correct❌ Incorrect
Which of the following Splunk components typically resides on the machines where data originates?
#4
Answer: B✅ Correct❌ Incorrect
What determines the scope of data that appears in a scheduled report?
#5
Answer: B✅ Correct❌ Incorrect
When writing searches in Splunk, which of the following is true about Booleans?
#6
Answer: B✅ Correct❌ Incorrect
Which of the following searches would return events with failure in index netfw or warn or critical in index netops?
#7
Answer: B✅ Correct❌ Incorrect
Select the answer that displays the accurate placing of the pipe in the following search string: index=security sourcetype=access_* status=200 stats count by price
#8
Answer: B✅ Correct❌ Incorrect
Which of the following constraints can be used with the top command?
#9
Answer: A✅ Correct❌ Incorrect
When editing a dashboard, which of the following are possible options?
#10
Answer: C✅ Correct❌ Incorrect
When running searches, command modifiers in the search string are displayed in what color?
#11
Answer: C✅ Correct❌ Incorrect
Which of the following represents the Splunk recommended naming convention for dashboards?
#12
Answer: C✅ Correct❌ Incorrect
How can search results be kept longer than 7 days?
#13
Answer: A✅ Correct❌ Incorrect
Which of the following is a Splunk search best practice?
#14
Answer: A✅ Correct❌ Incorrect
When looking at a dashboard panel that is based on a report, which of the following is true?
#15
Answer: C✅ Correct❌ Incorrect
Which of the following are common constraints of the top command?
#16
Answer: D✅ Correct❌ Incorrect
When displaying results of a search, which of the following is true about line charts?
#17
Answer: A✅ Correct❌ Incorrect
How are events displayed after a search is executed?
#18
Answer: C✅ Correct❌ Incorrect
Which of the following is true about user account settings and preferences?
#19
Answer: D✅ Correct❌ Incorrect
What is a primary function of a scheduled report?
#20
Answer: D✅ Correct❌ Incorrect
After running a search, what effect does clicking and dragging across the timeline have?
#21
Answer: B✅ Correct❌ Incorrect
Which command is used to review the contents of a specified static lookup file?
#22
Answer: C✅ Correct❌ Incorrect
What must be done in order to use a lookup table in Splunk?
#23
Answer: C✅ Correct❌ Incorrect
When sorting on multiple fields with the sort command, what delimiter can be used between the field names in the search?
#24
Answer: D✅ Correct❌ Incorrect
Which time range picker configuration would return real-time events for the past 30 seconds?
#25
Answer: C✅ Correct❌ Incorrect
What is the correct syntax to count the number of events containing a vendor_action field?
#26
Answer: C✅ Correct❌ Incorrect
What is one benefit of creating dashboard panels from reports?
#27
Answer: D✅ Correct❌ Incorrect
By default, which of the following fields would be listed in the fields sidebar under interesting Fields?
#28
Answer: B✅ Correct❌ Incorrect
Which of the following statements about case sensitivity is true?