Which of the following represents the Splunk recommended naming convention for dashboards?
Which of the following represents the Splunk recommended naming convention for dashboards? A. Description_Group_Object B. Group_Description_Object C. Group_Object_Description D. Object_Group_Description Reference: https://docs.splunk.com/Documentation/Splunk/7.2.6/Knowledge/Developnamingconventionsforknowledgeobjecttitles
When running searches, command modifiers in the search string are displayed in what color?
When running searches, command modifiers in the search string are displayed in what color? A. Red B. Blue C. Orange D. Highlighted Reference: https://docs.splunk.com/Documentation/Splunk/7.2.6/Search/Parsingsearches
When editing a dashboard, which of the following are possible options?
When editing a dashboard, which of the following are possible options? (select all that apply) A. Add an output. B. Export a dashboard panel. C. Modify the chart type displayed in a dashboard panel. D. Drag a dashboard panel to a different location on the dashboard.
Which of the following constraints can be used with the top command?
Which of the following constraints can be used with the top command? A. limit B. useperc C. addtotals D. fieldcount Reference: https://answers.splunk.com/answers/339141/how-to-use-top-command-or-stats-with-sort-results.html
Select the answer that displays the accurate placing of the pipe in the following search string
Select the answer that displays the accurate placing of the pipe in the following search string: index=security sourcetype=access_* status=200 stats count by price A. index=security sourcetype=access_* status=200 stats | count by price B. index=security sourcetype=access_* status=200 | stats count by price C. index=security sourcetype=access_* status=200 | stats count | by price D. index=security sourcetype=access_* | […]
Which of the following searches would return events with failure in index netfw or warn or critical in index n
Which of the following searches would return events with failure in index netfw or warn or critical in index netops? A. (index=netfw failure) AND index=netops warn OR critical B. (index=netfw failure) OR (index=netops (warn OR critical)) C. (index=netfw failure) AND (index=netops (warn OR critical)) D. (index=netfw failure) OR index=netops OR (warn OR critical) Reference: https://docs.splunk.com/Documentation/Splunk/7.2.6/Search/Aboutsubsearches
When writing searches in Splunk, which of the following is true about Booleans?
When writing searches in Splunk, which of the following is true about Booleans? A. They must be lowercase. B. They must be uppercase. C. They must be in quotations. D. They must be in parentheses.
What determines the scope of data that appears in a scheduled report?
What determines the scope of data that appears in a scheduled report? A. All data accessible to the User role will appear in the report. B. All data accessible to the owner of the report will appear in the report. C. All data accessible to all users will appear in the report until the next […]
Which of the following Splunk components typically resides on the machines where data originates?
Which of the following Splunk components typically resides on the machines where data originates? A. Indexer B. Forwarder C. Search head D. Deployment server
What must be done before an automatic lookup can be created?
What must be done before an automatic lookup can be created? (select all that apply) A. The lookup command must be used. B. The lookup definition must be created. C. The lookup file must be uploaded to Splunk. D. The lookup file must be verified using the inputlookup command. Reference: https://docs.splunk.com/Documentation/Splunk/7.2.6/Knowledge/DefineanautomaticlookupinSplunkWeb