ExamGecko
Search Search Login
Home Home / Splunk / SPLK-1002

Splunk SPLK-1002 Practice Test - Questions Answers, Page 14

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which tool uses data models to generate reports and dashboard panels without using SPL?
Which syntax is used to represent an argument in a macro definition?
Which are valid ways to create an event type? (select all that apply)
What are the two parts of a root event dataset?
A Splunk app is configured to extract domain names in web service logs and specify them as a field named domain. What workflow action would return an external IP lookup for the field named domain?
If there are fields in the data with values that are ' ' or empty but not null, which of the following would add a value?
The fields sidebar does not show________. (Select all that apply.)
Which delimiters can the Field Extractor (FX) detect? (select all that apply)
What is required for a macro to accept three arguments?
When using timechart, how many fields can be listed after a by clause?

Question 131

Report
Export
Collapse

Which of the following statements describes POST workflow actions?

A.
Configuration of a POST workflow action includes choosing a sourcetype.
A.
Configuration of a POST workflow action includes choosing a sourcetype.
Answers
B.
POST workflow actions can be configured to send email to the URI location.
B.
POST workflow actions can be configured to send email to the URI location.
Answers
C.
By default, POST workflow action are shown in both the event and field menus.
C.
By default, POST workflow action are shown in both the event and field menus.
Answers
D.
POST workflow actions can be configured to send POST arguments to the URI location.
D.
POST workflow actions can be configured to send POST arguments to the URI location.
Answers
Suggested answer: D

Question 132

Report
Export
Collapse

What is a limitation of searches generated by workflow actions?

A.
Searches generated by workflow action cannot use macros.
A.
Searches generated by workflow action cannot use macros.
Answers
B.
Searches generated by workflow actions must be less than 256 characters long.
B.
Searches generated by workflow actions must be less than 256 characters long.
Answers
C.
Searches generated by workflow action must run in the same app as the workflow action.
C.
Searches generated by workflow action must run in the same app as the workflow action.
Answers
D.
Searches generated by workflow action run with the same permissions as the user running them.
D.
Searches generated by workflow action run with the same permissions as the user running them.
Answers
Suggested answer: D

Question 133

Report
Export
Collapse

Which workflow action method can be used the action type is set to link?

A.
GET
A.
GET
Answers
B.
PUT
B.
PUT
Answers
C.
Search
C.
Search
Answers
D.
UPDATE
D.
UPDATE
Answers
Suggested answer: A

Explanation:

https://docs.splunk.com/Documentation/Splunk/8.0.2/Knowledge/SetupaGETworkflowaction

Define a GET workflow action

Steps

Navigate toSettings > Fields > Workflow Actions.

ClickNewto open up a new workflow action form.

Define aLabelfor the action.

TheLabelfield enables you to define the text that is displayed in either the field or event workflow menu. Labels can be static or include the value of relevant fields.

Determine whether the workflow action applies to specific fields or event types in your data.

UseApply only to the following fieldsto identify one or more fields. When you identify fields, the workflow action only appears for events that have those fields, either in their event menu or field menus. If you leave it blank or enter an asterisk the action appears in menus for all fields.

UseApply only to the following event typesto identify one or more event types. If you identify an event type, the workflow action only appears in the event menus for events that belong to the event type.

ForShow action indetermine whether you want the action to appear in theEvent menu, theFields menus, orBoth.

SetAction typetolink.

InURIprovide a URI for the location of the external resource that you want to send your field values to.

Similar to theLabelsetting, when you declare the value of a field, you use the name of the field enclosed by dollar signs.

Variables passed in GET actions via URIs are automaticallyURL encodedduring transmission. This means you can include values that have spaces between words or punctuation characters.

UnderOpen link in, determine whether the workflow action displays in the current window or if it opens the link in a new window.

Set theLink methodtoget.

ClickSaveto save your workflow action definition.

Question 134

Report
Export
Collapse

When using | timechart by host, which field is represented in the x-axis?

A.
date
A.
date
Answers
B.
host
B.
host
Answers
C.
time
C.
time
Answers
D.
_time
D.
_time
Answers
Suggested answer: D

Question 135

Report
Export
Collapse

Which of the following commands support the same set of functions?

A.
stats, eval, table
A.
stats, eval, table
Answers
B.
search, where, eval
B.
search, where, eval
Answers
C.
stats, chart, timechart
C.
stats, chart, timechart
Answers
D.
transaction, chart, timechart
D.
transaction, chart, timechart
Answers
Suggested answer: C

Question 136

Report
Export
Collapse

The eval command allows you to do which of the following? (Choose all that apply.)

A.
Format values
A.
Format values
Answers
B.
Convert values
B.
Convert values
Answers
C.
Perform calculations
C.
Perform calculations
Answers
D.
Use conditional statements
D.
Use conditional statements
Answers
Suggested answer: A, B, C, D

Question 137

Report
Export
Collapse

When using the timechart command, how can a user group the events into buckets based on time?

A.
Using the span argument.
A.
Using the span argument.
Answers
B.
Using the duration argument.
B.
Using the duration argument.
Answers
C.
Using the interval argument.
C.
Using the interval argument.
Answers
D.
Adjusting the fieldformat options.
D.
Adjusting the fieldformat options.
Answers
Suggested answer: A

Question 138

Report
Export
Collapse

Which type of visualization shows relationships between discrete values in three dimensions?

A.
Pie chart
A.
Pie chart
Answers
B.
Line chart
B.
Line chart
Answers
C.
Bubble chart
C.
Bubble chart
Answers
D.
Scatter chart
D.
Scatter chart
Answers
Suggested answer: C

Explanation:

https://docs.splunk.com/Documentation/DashApp/0.9.0/DashApp/chartsBub

Question 139

Report
Export
Collapse

Which of the following is a function of the Splunk Common Information Model (CIM)?

A.
Normalizing data across a Splunk deployment.
A.
Normalizing data across a Splunk deployment.
Answers
B.
Providing templates for reports and dashboards.
B.
Providing templates for reports and dashboards.
Answers
C.
Algorithmically shifting events to other indexes.
C.
Algorithmically shifting events to other indexes.
Answers
D.
Reingesting previously indexed data with new field names.
D.
Reingesting previously indexed data with new field names.
Answers
Suggested answer: A

Question 140

Report
Export
Collapse

What information must be included when using the datamodel command?

A.
status field
A.
status field
Answers
B.
Multiple indexes
B.
Multiple indexes
Answers
C.
Data model field name.
C.
Data model field name.
Answers
D.
Data model dataset name.
D.
Data model dataset name.
Answers
Suggested answer: D
Total 291 questions
Go to page: of 30
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms