Pytania i odpowiedzi
Splunk
Zebrane pytania i odpowiedzi do zestawu.
Ilość pytań: 84
Rozwiązywany: 814 razy
Pytanie 41
When viewing the results of a search, what is an Interesting Field?
A field that appears in at least 20% of the events.
Pytanie 42
When a Splunk search generates calculated data that appears in the Statistics tab, in what formats can the results be exported?
CSV, XML, JSON
Pytanie 43
Which search matches the events containing the terms “error” and “fail”?
index=security Error Fail
Pytanie 44
Which of the following fields is stored with the events in the index?
source
Pytanie 45
Which of the following is the recommended way to create multiple dashboards displaying data from the same search?
Save the search as a report and use it in multiple dashboards as needed.
Pytanie 46
What does the following specified time range do?
earliest=-72h@h latest=@d
Look back from 3 days ago, up to the beginning of today
Pytanie 47
Which events will be returned by the following search string?
host=www3 status=503
All events with a host of www3 that also have a status of 503.
Pytanie 48
What does the stats command do?
Calculates statistics on data that matches the search criteria.
Pytanie 49
Which is primary function of the timeline located under the search bar?
To show peaks and/or valleys in the timeline, which can indicate spikes in activity or downtime.
Pytanie 50
What can be configured using the Edit Job Settings menu?
Change Job Lifetime from 10 minutes to 7 days.
Pytanie 51
Which command is used to validate a lookup file?
| inputlookup products.csv
Pytanie 52
How can another user gain access to a saved report?
The owner of the report can edit permissions from the Edit dropdown.
Pytanie 53
What is the primary use for the rare command?
To find the least common values of a field in a dataset.
Pytanie 54
What happens when a field is added to the Selected Fields list in the fields sidebar?
The selected field and its corresponding values will appear underneath the events in the search results.
Pytanie 55
Three basic components of Splunk are (Choose three.):
Forwarders
Indexer
Search Head
Pytanie 56
What is Splunk?
Splunk is a software platform to search, analyze and visualize the machine-generated data.
Pytanie 57
Splunk Enterprise is used as a Scalable service in Splunk Cloud.
True
Pytanie 58
Which component of Splunk let us write SPL query to find the required data?
Search head
Pytanie 59
All components are installed and administered in Splunk Enterprise on-premise.
True
Pytanie 60
Which is the default app for Splunk Enterprise?
Searching and Reporting