Splunk SPLK-1001 Practice Test - Questions Answers, Page 19
Question list
List of questions
Related questions
Data summary button just below the search bar gives you the following (Choose three.):
A.
Hosts
B.
Sourcetypes
C.
Sources
D.
Indexes
What options do you get after selecting timeline? (Choose four.)
A.
Zoom to selection
B.
Format Timeline
C.
Deselect
D.
Delete
E.
Zoom Out
At the time of searching the start time is 03:35:08.
Will it look back to 03:00:00 if we use -30m@h in searching?
A.
Yes
B.
No
You can also specify a time range in the search bar. You can use the following for beginning and ending for a time range (Choose two.):
A.
Not possible to specify time manually in Search query
B.
end=
C.
start=
D.
earliest=
E.
latest=
Which all time unit abbreviations can you include in Advanced time range picker? (Choose seven.)
A.
h
B.
day
C.
mon
D.
yr
E.
y
F.
w
G.
week
H.
d
I.
s
J.
m
Interesting fields are the fields that have at least 20% of resulting fields.
A.
True
B.
False
How to make Interesting field into a selected field?
A.
Click field in field sidebar -> click YES on the pop-up dialog on upper right side -> check now field should be visible in the list of selected fields.
B.
Not possible.
C.
Only CLI changes will enable it.
D.
Click Settings -> Find field option -> Drop down select field -> enable selected field -> check now field should be visible in the list of selected fields.
Question