Strona 1
Splunk
Pytanie 1
Which of the following Splunk components typically resides on the machines where data originates?
Indexer
Search head
Deployment server
Forwarder
Pytanie 2
Which of the following searches would return events with failure in index netfw or warn or critical in index netops?
(index=netfw failure) OR (index=netops (warn OR critical))
(index=netfw failure) AND index=netops warn OR critical
(index=netfw failure) OR index=netops OR (warn OR critical)
(index=netfw failure) AND (index=netops (warn OR critical))
Pytanie 3
Select the answer that displays the accurate placing of the pipe in the following search string:
index=security sourcetype=access_* status=200 stats count by price
index=security sourcetype=access_* status=200 stats | count by price
index=security sourcetype=access_* status=200 | stats count | by price
index=security sourcetype=access_* status=200 | stats count by price
index=security sourcetype=access_* | status=200 | stats count by price
Pytanie 4
Which of the following represents the Splunk recommended naming convention for dashboards?
Object_Group_Description
Group_Description_Object
Group_Object_Description
Description_Group_Object
Pytanie 5
How can search results be kept longer than 7 days?
By changing the time range picker to more than 7 days.
By creating a link to the job.
By changing the job settings.
By scheduling a report.
Pytanie 6
Which of the following is a Splunk search best practice?
Filter as early as possible.
Use wildcards to return more search results.
Never specify more than one index.
Include as few search terms as possible.
Pytanie 7
When displaying results of a search, which of the following is true about line charts?
Line charts are optimal for single and multiple series.
Line charts are optimal for multiple series with 3 or more columns.
Line charts are optimal for single series when using Fast mode.
Line charts are optimal for multiseries searches with at least 2 or more columns
Pytanie 8
How are events displayed after a search is executed?
Alphabetically according to field name.
In reverse chronological order.
In chronological order
Randomly by default.