Add to collection(s) Add to saved
  1. Engineering & Technology
Uploaded by fmz50994

Splunk-SPLK-1002

advertisement 
Splunk
SPLK-1002
Splunk Core Certified Power User Exam
Web: www.exactinside.com
Version: Demo
Email: support@exactinside.com
[ Total Questions: 10]
IMPORTANT NOTICE
Feedback
We have developed quality product and state-of-art service to ensure our customers interest. If you have any
suggestions, please feel free to contact us at feedback@exactinside.com
Support
If you have any questions about our product, please provide the following items:
exam code
screenshot of the question
login id/email
please contact us at support@exactinside.com and our technical experts will provide support within 24 hours.
Copyright
The product of each order has its own encryption code, so you should use it independently. Any unauthorized
changes will inflict legal punishment. We reserve the right of final explanation for this statement.
Exact Questions
Splunk - SPLK-1002
Exam Topic Breakdown
Exam Topic
Number of Questions
Topic 1 : Questions Set 1
5
Topic 2 : Questions Set 2
5
TOTAL
10
Find Everything , Exactly in your Exam
1 of 5
Exact Questions
Splunk - SPLK-1002
Topic 1, Questions Set 1
Question #:1 - (Exam Topic 1)
What does the Splunk Common Information Model (CIM) add-on include? (select all that apply)
A. Custom visualizations
B. Pre-configured data models
C. Fields and event category tags
D. Automatic data model acceleration
Answer: B C
Question #:2 - (Exam Topic 1)
When performing a regular expression (regex) field extraction using the Field Extractor (FX), what happens
when the require option is used?
A. The regex can no longer be edited.
B. The field being extracted will be required for all future events.
C. The events without the required field will not display in searches.
D. Only events with the required string will be included in the extraction.
Answer: D
Question #:3 - (Exam Topic 1)
To identify all of the contributing events within a transaction that contains at least one REJECT event, which
syntax is correct?
A. Index-main | REJECT trans sessionid
B. Index-main | transaction sessionid | search REJECT
C. Index=main | transaction sessionid | whose transaction=reject
D. Index=main | transaction sessionid | where transaction=reject’’
Answer: B
Find Everything , Exactly in your Exam
2 of 5
Exact Questions
Splunk - SPLK-1002
Question #:4 - (Exam Topic 1)
What do events in a transaction have In common?
A. All events In a transaction must have the same timestamp.
B. All events in a transaction must have the same sourcetype.
C. All events in a transaction must have the exact same set of fields.
D. All events in a transaction must be related by one or more fields.
Answer: D
Reference:https://docs.splunk.com/Documentation/Splunk/8.0.3/Knowledge/Abouttransactions
Question #:5 - (Exam Topic 1)
Which one of the following statements about the search command is true?
A. It does not allow the use of wildcards.
B. It treats field values in a case-sensitive manner.
C. It can only be used at the beginning of the search pipeline.
D. It behaves exactly like search strings before the first pipe.
Answer: D
Reference:https://docs.splunk.com/Documentation/SplunkCloud/8.0.2003/Search/Usethesearchcommand
Find Everything , Exactly in your Exam
3 of 5
Exact Questions
Splunk - SPLK-1002
Topic 2, Questions Set 2
Question #:6 - (Exam Topic 2)
When using | timchart by host, which filed is representted in the x-axis?
A. date
B. host
C. time
D. -time
Answer: A
Question #:7 - (Exam Topic 2)
A report scheduled to run every 15 mins. but takes 17 mins. to complete is in danger of being_____.
A. skipped or deferred
B. automatically accelerated
C. deleted
D. all of the above
Answer: A
Question #:8 - (Exam Topic 2)
The stats command will create a _____________ by default.
A. Table
B. Report
C. Pie chart
Answer: A
Question #:9 - (Exam Topic 2)
When using the transaction command, what does the argument maxspan do?
Find Everything , Exactly in your Exam
4 of 5
Exact Questions
Splunk - SPLK-1002
A. Sets the maximum total time between events in a transaction.
B. Sets the maximum length of all events within a transaction.
C. Sets the maximum total time between the earliest and latest events in a transaction.
D. Sets the maximum length that any single event can reach to be included in the transaction.
Answer: C
Reference:https://docs.splunk.com/Documentation/Splunk/8.0.3/SearchReference/Transaction
Question #:10 - (Exam Topic 2)
When a search returns __________, you can view the results as a list.
A. a list of events
B. transactions
C. statistical values
Answer: C
Find Everything , Exactly in your Exam
5 of 5
About exactinside.com
exactinside.com was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam
Questions, Study Guides, Practice Tests.
We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially
Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on.
View list of all certification exams: All vendors
We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed
below.
Sales: sales@exactinside.com
Feedback: feedback@exactinside.com
Support: support@exactinside.com
Any problems about IT certification or our products, You can write us back and we will get back to you within 24
hours.
Related documents
Phone Numbers
Phone Numbers
Exam Style Questions
Exam Style Questions
Splunk-SPLK-1001
Splunk-SPLK-1001
Splunk SPLK-1001 Practice Test
Splunk SPLK-1001 Practice Test
Free Demo of SPLK-2001 Dumps Pdf
Free Demo of SPLK-2001 Dumps Pdf
Download
advertisement