SPLK-1001 by Splunk Valid Free Exam Practice Test

Question 1

Parsing of data can happen both in HF and UF.

A. Yes B. No

Correct Answer: B

Question 2

What type of search can be saved as a report?

A. Only searches containing a transforming command B. Only searches that generate statistics or visualizations C. Only searches that generate visualizations D. Any search can be saved as a report

Correct Answer: B

Explanation: Only visible for ExamsLabs members. You can sign-up / login (it's free).

Question 3

Following are the time selection option while making search:
(Choose all that apply.)

A. Date & Time Range B. Presets C. Date Range D. Advanced E. Relative

Correct Answer: D

Question 4

Monitor option in Add Data provides _______________.

A. Both One-time and continuous monitoring B. None of the above. C. Only continuous monitoring. D. Only One-time monitoring.

Correct Answer: A

Question 5

By default, which role contains the minimum permissions required to have write access to Splunk alerts?

A. Alerting B. Power C. Admin D. User

Correct Answer: B

Explanation: Only visible for ExamsLabs members. You can sign-up / login (it's free).

Question 6

Which of the following are common constraints of the top command?

A. showperc, countfield B. limits, countfield C. limit, showpercent D. limit, count

Correct Answer: C

Question 7

In the Search and Reporting app, which is a default selected field?

A. _time B. action C. index D. host

Correct Answer: A

Explanation: Only visible for ExamsLabs members. You can sign-up / login (it's free).

Question 8

Data sources being opened and read applies to:

A. License Metering B. Input Phase C. Parsing Phase D. None of the above E. Indexing Phase

Correct Answer: B

Question 9

What syntax is used to link key/value pairs in search strings?

A. action equal purchase B. action=purchase C. action+purchase D. action | purchase

Correct Answer: B

Question 10

What does the rare command do?

A. Returns the top 10 field values of a given field in the results. B. Returns the most common field values of a given field in the results. C. Returns the least common field values of a given field in the results. D. Returns the lowest 10 field values of a given field in the results.

Correct Answer: C

Splunk Core Certified User - SPLK-1001 Exam Practice Test