ExamGecko
Search Search Login
Home Home / Splunk / SPLK-1001

Splunk SPLK-1001 Practice Test - Questions Answers, Page 4

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which all time unit abbreviations can you include in Advanced time range picker? (Choose seven.)
Which of the following is a metadata field assigned to every event in Splunk?
What are the three main Splunk components?
Selected fields are a set of configurable fields displayed for each event.
You are able to create new Index in Data Input settings.
Beginning parentheses is automatically highlighted to guide you on the presence of complimenting parentheses.
Which of the following is an accurate definition of fields within Splunk?
In the Search and Reporting app, which is a default selected field?
Which search will return the 15 least common field values for the dest_ip field?
Field names are case sensitive and field value are not.

Question 31

Report
Export
Collapse

What does the stats command do?

A.
Automatically correlates related fields
A.
Automatically correlates related fields
Answers
B.
Converts field values into numerical values
B.
Converts field values into numerical values
Answers
C.
Calculates statistics on data that matches the search criteria
C.
Calculates statistics on data that matches the search criteria
Answers
D.
Analyzes numerical fields for their ability to predict another discrete field
D.
Analyzes numerical fields for their ability to predict another discrete field
Answers
Suggested answer: C

Question 32

Report
Export
Collapse

Which is a primary function of the timeline located under the search bar?

A.
To differentiate between structured and unstructured events in the data
A.
To differentiate between structured and unstructured events in the data
Answers
B.
To sort the events returned by the search command in chronological order
B.
To sort the events returned by the search command in chronological order
Answers
C.
To zoom in and zoom out. although this does not change the scale of the chart
C.
To zoom in and zoom out. although this does not change the scale of the chart
Answers
D.
To show peaks and/or valleys in the timeline, which can indicate spikes in activity or downtime
D.
To show peaks and/or valleys in the timeline, which can indicate spikes in activity or downtime
Answers
Suggested answer: D

Question 33

Report
Export
Collapse

Which statement is true about Splunk alerts?

A.
Alerts are based on searches that are either run on a scheduled interval or in real-time.
A.
Alerts are based on searches that are either run on a scheduled interval or in real-time.
Answers
B.
Alerts are based on searches and when triggered will only send an email notification.
B.
Alerts are based on searches and when triggered will only send an email notification.
Answers
C.
Alerts are based on searches and require cron to run on scheduled interval.
C.
Alerts are based on searches and require cron to run on scheduled interval.
Answers
D.
Alerts are based on searches that are run exclusively as real-time.
D.
Alerts are based on searches that are run exclusively as real-time.
Answers
Suggested answer: A

Question 34

Report
Export
Collapse

What can be configured using the Edit Job Settings menu?

A.
Export the results to CSV format
A.
Export the results to CSV format
Answers
B.
Add the Job results to a dashboard
B.
Add the Job results to a dashboard
Answers
C.
Schedule the Job to re-run in 10 minutes
C.
Schedule the Job to re-run in 10 minutes
Answers
D.
Change Job Lifetime from 10 minutes to 7 days.
D.
Change Job Lifetime from 10 minutes to 7 days.
Answers
Suggested answer: D

Question 35

Report
Export
Collapse

Which command is used to validate a lookup file?

A.
| lookup products.csv
A.
| lookup products.csv
Answers
B.
inputlookup products.csv
B.
inputlookup products.csv
Answers
C.
I inputlookup products.csv
C.
I inputlookup products.csv
Answers
D.
| lookup definition products.csv
D.
| lookup definition products.csv
Answers
Suggested answer: C

Question 36

Report
Export
Collapse

Which stats command function provides a count of how many unique values exist for a given field in the result set?

A.
dc(field)
A.
dc(field)
Answers
B.
count(field)
B.
count(field)
Answers
C.
count-by(field)
C.
count-by(field)
Answers
D.
distinct-count(field)
D.
distinct-count(field)
Answers
Suggested answer: A

Question 37

Report
Export
Collapse

What user interface component allows for time selection?

A.
Time summary
A.
Time summary
Answers
B.
Time range picker
B.
Time range picker
Answers
C.
Search time picker
C.
Search time picker
Answers
D.
Data source time statistics
D.
Data source time statistics
Answers
Suggested answer: B

Question 38

Report
Export
Collapse

When an alert action is configured to run a script, Splunk must be able to locate the script. Which is one of the directories Splunk will look in to find the script?

A.
$SPLUNK_HOME/bin/scripts
A.
$SPLUNK_HOME/bin/scripts
Answers
B.
$SPLUNK_HOME/etc/scripts
B.
$SPLUNK_HOME/etc/scripts
Answers
C.
$SPLUNK_HOME/bin/etc/scripts
C.
$SPLUNK_HOME/bin/etc/scripts
Answers
D.
$SPLUNK_HOME/etc/scripts/bin
D.
$SPLUNK_HOME/etc/scripts/bin
Answers
Suggested answer: A

Question 39

Report
Export
Collapse

When editing a dashboard, which of the following are possible options? (select all that apply)

A.
Add an output.
A.
Add an output.
Answers
B.
Export a dashboard panel.
B.
Export a dashboard panel.
Answers
C.
Modify the chart type displayed in a dashboard panel.
C.
Modify the chart type displayed in a dashboard panel.
Answers
D.
Drag a dashboard panel to a different location on the dashboard.
D.
Drag a dashboard panel to a different location on the dashboard.
Answers
Suggested answer: D

Question 40

Report
Export
Collapse

Which of the following index searches would provide the most efficient search performance?

A.
index=*
A.
index=*
Answers
B.
index=web OR index=s*
B.
index=web OR index=s*
Answers
C.
(index=web OR index=sales)
C.
(index=web OR index=sales)
Answers
D.
*index=sales AND index=web*
D.
*index=sales AND index=web*
Answers
Suggested answer: C
Total 246 questions
Go to page: of 25
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms