Computer Science > EXAM > SPLUNK EXAM WITH ANSWERS 2024 UPDATE (All)

SPLUNK EXAM WITH ANSWERS 2024 UPDATE

Document Content and Description Below

1) Which group of users would most likely use pivots? A . Users B . Architects C . Administrators D . Knowledge Managers Answer: D 2) Information needed to create a GET workflow action includes which of the following? (Choose all that apply.) ● A. A name for the workflow action. ● B. A URI where the user will be directed at search time. ● C. A label that will appear in the Event Action menu at search time. ● D. A name for the URI where the user will be directed at search time. Suggested Answer: ABC 3) What are the two parts of a root event dataset? ● A. Fields and variables. ● B. Fields and attributes. ● C. Constraints and fields. ● D. Constraints and lookups. Suggested Answer: C 4) Which type of visualization shows relationships between discrete values in three dimensions? ● A. Pie chart ● B. Line chart ● C. Bubble chart ● D. Scatter chart Suggested Answer: D 5) Which of the following statements describes the use of the Field Extractor (FX)? ● A. The Field Extractor automatically extracts all fields at search time. ● B. The Field Extractor uses PERL to extract fields from the raw events. ● C. Fields extracted using the Field Extractor persist as knowledge objects. ● D. Fields extracted using the Field Extractor do not persist and must be defined for each search. Suggested Answer: C 6) Which workflow action method can be used when the action type is set to link? ● A. GET ● B. PUT ● C. Search ● D. UPDATE Suggested Answer: A 7) A field alias has been created based on an original field. A search without any transforming commands is then executed in Smart Mode. Which field name appears in the results? ● A. Both will appear in the All Fields list, but only if the alias is specified in the search. ● B. Both will appear in the Interesting Fields list, but only if they appear in at least 20 percent of events. ● C. The original field only appears in All Fields list and the alias only appears in the Interesting Fields list. ● D. The alias only appears in the All Fields list and the original field only appears in te Interesting Fields list. Suggested Answer: B 8) Which of the following statements describes macros? ● A. A macro is a reusable search string that must contain the full search. ● B. A macro is a reusable search string that must have a fixed time range. ● C. A macro is a reusable search string that may have a flexible time range. ● D. A macro is a reusable search string that must contain only a portion of the search. Suggested Answer: C

[Show More]

Last updated: 2 years ago

Preview 1 out of 45 pages

Buy Now

Instant download

We Accept: