Splunk

Which of the following Splunk components typically resides on the machines where data originates?

Which of the following searches would return events with failure in index netfw or warn or critical in index netops?

Select the answer that displays the accurate placing of the pipe in the following search string: index=security sourcetype=access_* status=200 stats count by price

Which of the following represents the Splunk recommended naming convention for dashboards?

How can search results be kept longer than 7 days?

Which of the following is a Splunk search best practice?

When displaying results of a search, which of the following is true about line charts?

How are events displayed after a search is executed?

Which of the following is true about user account settings and preferences?

After running a search, what effect does clicking and dragging across the timeline have?

What must be done in order to use a lookup table in Splunk?

When sorting on multiple fields with the sort command, what delimiter can be used between the field names in the search?

Which of the following statements about case sensitivity is true?

What does the rare command do?

What does the values function of the stats command do?

How do you add or remove fields from search results?

What is the main requirement for creating visualizations using the Splunk UI?

What syntax is used to link key/value pairs in search strings?

What user interface component allows for time selection?

How does Splunk determine which fields to extract from data?