Test: Splunk

Ucz się szybciej

Testy Fiszki Notatki

Zaloguj

Strona 3

Splunk

Pytanie 17

What is the main requirement for creating visualizations using the Splunk UI?

Your search must transform event data into Excel file format first.

Your search must transform event data into XML formatted data first.

Your search must transform event data into statistical data tables first.

Your search must transform event data into JSON formatted data first.

Pytanie 18

What syntax is used to link key/value pairs in search strings?

action=purchase

action+purchase

action | purchase

action equal purchase

Pytanie 19

What user interface component allows for time selection?

Search time picker

Time summary

Time range picker

Data source time statistics

Pytanie 20

How does Splunk determine which fields to extract from data?

Splunk automatically discovers many fields based on sourcetype and key/value pairs found in the data.

Splunk only extracts fields users have manually specified in their data.

Splunk automatically extracts any fields that generate interesting visualizations.

Splunk only extracts the most interesting data from the last 24 hours.

Pytanie 21

What syntax is used to link key/value pairs in search strings?

Relational operators such as =, <, or >

@ or # symbols

Parentheses

Quotation marks

Pytanie 22

Which search string returns a filed containing the number of matching events and names that field Event Count?

index=security failure | stats sum as “Event Count”

index=security failure | stats count by “Event Count”

index=security failure | stats dc(count) as “Event Count”

index=security failure | stats count as “Event Count”

Pytanie 23

Which of the following index searches would provide the most efficient search performance?

(index=web OR index=sales)

index=web OR index=s*

index=*

*index=sales AND index=web*

Pytanie 24

What is a suggested Splunk best practice for naming reports?

Name reports as uniquely as possible with no overlap to differentiate them from one another.

Use a consistent naming convention so they are easily separated by characteristics such as group and object.

Reports are best named using many numbers so they can be more easily sorted.

Any naming convention is fine as long as you keep an external spreadsheet to keep track.

Przejdź na Memorizer+

W trybie testu zyskasz:

Brak reklam

Quiz powtórkowy - pozwoli Ci opanować pytania, których nie umiesz

Więcej pytań na stronie testu

Wybór pytań do ponownego rozwiązania

Trzy razy bardziej pojemną historię aktywności

Wykup dostęp

Następne pytania Pozostało stron: 8