Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

What is the correct order of steps for creating a new lookup?

1. Configure the lookup to run automatically

2. Create the lookup table

3. Define the lookup

A.

2, 1, 3

B.

1, 2, 3

C.

2, 3, 1

D.

3, 2, 1

Which component of Splunk is primarily responsible for saving data?

A.

Search Head

B.

Heavy Forwarder

C.

Indexer

D.

Universal Forwarder

Fields are searchable key value pairs in your event data.

A.

True

B.

False

It is no possible for a single instance of Splunk to manage the input, parsing and indexing of machine data.

A.

True

B.

False

By default, how long does Splunk retain a search job?

A.

10 Minutes

B.

15 Minutes

C.

1 Day

D.

7 Days

What happens when a field is added to the Selected Fields list in the fields sidebar'?

A.

Splunk will re-run the search job in Verbose Mode to prioritize the new Selected Field

B.

Splunk will highlight related fields as a suggestion to add them to the Selected Fields list.

C.

Custom selections will replace the Interesting Fields that Splunk populated into the list at search time

D.

The selected field and its corresponding values will appear underneath the events in the search results

Lookups allow you to overwrite your raw event.

A.

True

B.

False

The better way of writing search query for index is:

A.

index=a index=b

B.

(index=a OR index=b)

C.

index=(a & b)

D.

index = a, b

What is the default lifetime of every Splunk search job?

A.

All search jobs are saved for 10 days

B.

All search jobs are saved for 10 hours

C.

All search jobs are saved for 10 weeks

D.

All search jobs are saved for 10 minutes

Which command is used to review the contents of a specified static lookup file?

A.

lookup

B.

csvlookup

C.

inputlookup

D.

outputlookup