최신 SPLK-1002 무료덤프 - Splunk Core Certified Power User

문제1

For the following search, which command would further filter for only IP addresses present more than five times?

A. index=games I search IP > 5

B. index=games | search IP_Count > 5

C. index=games I stats count as IP_count by IP B. | where IP_count > 5

D. index=games | where IP > 5

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제2

Which function should you use with the transaction command to set the maximum total time between the earliest and latest events returned?

A. maxspan

B. endswith

C. maxduration

D. maxpause

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제3

A user wants to create a new field alias for a field that appears in two sourcetypes.
How many field aliases need to be created?

A. Two.

B. One.

C. It depends on whether the two sourcetypes are associated with the same index.

D. It depends on whether the original fields have the same name.

정답: A

문제4

Use this command to use lookup fields in a search and see the lookup fields in the field sidebar.

A. inputlookup

B. lookup

정답: B

문제5

When extracting fields, we may choose to use our own regular expressions

A. True

B. False

정답: A

문제6

A user wants a table that will show the total revenue made for each product in each sales region. Which would be the correct SPL query to use?

A. index=X | chart total(product) over price by region

B. index=X | chart total(price) by product, region

C. index=X | chart sum(price) by product, region

D. index=X sourcetype=Y | chart sum(product) by price AND region

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제7

Which delimiters can the Field Extractor (FX) detect? (select all that apply)

A. Tabs

B. Spaces

C. Pipes

D. Commas

정답: B,C,D

설명: (DumpTOP 회원만 볼 수 있음)

문제8

Which of the following is included with the Common Information Model (CIM) add-on?

A. Event category tags

B. Search macros

C. tsidx files

D. Workflow actions

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제9

When a search returns __________, you can view the results as a list.

A. statistical values

B. a list of events

C. transactions

정답: A

문제10

Which of these stats commands will show the total bytes for each unique combination of page and server?

A. index=web | stats sum (bytes) BY page server

B. index=web | stats sum(bytes) BY values (page) values (server)

C. index=web | stats sum(bytes) BY page AND server

D. index=web | stats sum (bytes) BY page BY server

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제11

What is the correct syntax to find events associated with a tag?

A. tag=<value>

B. tags:<field>=<value>

C. tag:<field>=<value>

D. tags=<value>

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제12

What is a benefit of installing the Splunk Common Information Model (CIM) add-on?

A. It permits users to create workflow actions to align with industry standards.

B. It allows users to create 3-D models of their data and export these visualizations.

C. It enables users to itemize their events based on the results of the Search Job Inspector.

D. It provides users with a standardized set of field names and tags to normalize data.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제13

Which of the following describes the I transaction command?

A. It allows an exchange of data from one Splunk system to another Splunk system.

B. It is an SPL command that groups at least two events together based on shared values in selected fields.

C. It is an SPL command that groups events together with shared values in selected fields.

D. It allows an exchange of data from one Splunk index to another Splunk index.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제14

Consider the the following search run over a time range of last 7 days:
index=web sourcetype=access_conbined | timechart avg(bytes) by product_nane Which option is used to change the default time span so that results are grouped into 12 hour intervals?

A. span=12

B. span=12h

C. timespan=12

D. timespan=12h

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제15

Which of these is NOT a field that is automatically created with the transaction command?

A. maxcount

B. eventcount

C. duration

정답: A

문제16

When used with the timechart command, which value of the limit argument returns all values?

A. limit=*

B. limit=0

C. limit=none

D. limit=all

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제17

Which of the following options will define the first event in a transaction?

A. firstevent

B. startingwith

C. with

D. startswith

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제18

How is an event type created from the search window? (select all that apply)

A. Edit eventtypes.conf and add a new stanza.

B. In an event's detail dropdown, click Event Actions > Build Event Type.

C. In the top right corner, click Save As > Event Type.

D. Add | eventtype to the SPL and execute the search.

정답: A,C

설명: (DumpTOP 회원만 볼 수 있음)

문제19

What is required for a macro to accept three arguments?

A. Nothing, all macros can accept any number of arguments.

B. The macro's argument count setting is 3 or more.

C. The macro's name ends with (3).

D. The macro's name starts with (3).

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제20

Which of the following statements about tags is true?

A. Tags can make your data more understandable.

B. Tags are case insensitive.

C. Tags are created at index time.

D. Tags are searched by using the syntax tag: : <fieldneme>

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

최신 SPLK-1002 무료덤프 - Splunk Core Certified Power User

우리와 연락하기

유용한 링크

최신 업데이트