Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

examout.co

Which of the following knowledge objects represents the output of an eval expression?

A.

Eval fields

B.

Calculated fields

C.

Field extractions

D.

Calculated lookups

Which of the following workflow actions can be executed from search results? (select all that apply)

A.

GET

B.

POST

C.

LOOKUP

D.

Search

Which group of users would most likely use pivots?

A.

Users

B.

Architects

C.

Administrators

D.

Knowledge Managers

What does the Splunk Common Information Model (CIM) add-on include? (select all that apply)

A.

Custom visualizations

B.

Pre-configured data models

C.

Fields and event category tags

D.

Automatic data model acceleration

What do events in a transaction have In common?

A.

All events In a transaction must have the same timestamp.

B.

All events in a transaction must have the same sourcetype.

C.

All events in a transaction must have the exact same set of fields.

D.

All events in a transaction must be related by one or more fields.

Which of the following searches will return events contains a tag name Privileged?

A.

Tag= Priv

B.

Tag= Pri*

C.

Tag= Priv*

D.

Tag= Privileged

Which of the following statements describe the Common Information Model (CIM)? (select all that apply)

A.

CIM is a methodology for normalizing data.

B.

CIM can correlate data from different sources.

C.

The Knowledge Manager uses the CIM to create knowledge objects.

D.

CIM is an app that can coexist with other apps on a single Splunk deployment.

Given the macro definition below, what should be entered into the Name and Arguments fileds to correctly configured the macro?

A.

The macro name is sessiontracker and the arguments are action, JESSIONID.

B.

The macro name is sessiontracker(2) and the arguments are action, JESSIONID.

C.

The macro name is sessiontracker and the arguments are $action$, $JESSIONID$.

D.

The macro name is sessiontracker(2) and the Arguments are $action$, $JESSIONID$.

In what order arc the following knowledge objects/configurations applied?

A.

Field Aliases, Field Extractions, Lookups

B.

Field Extractions, Field Aliases, Lookups

C.

Field Extractions, Lookups, Field Aliases

D.

Lookups, Field Aliases, Field Extractions

Which of the following statements describe calculated fields? (select all that apply)

A.

Calculated fields can be used in the search bar.

B.

Calculated fields can be based on an extracted field.

C.

Calculated fields can only be applied to host and sourcetype.

D.

Calculated fields are shortcuts for performing calculations using the eval command.