Splunk Related Exams
SPLK-5001 Exam

An analyst would like to test how certain Splunk SPL commands work against a small set of data. What command should start the search pipeline if they wanted to create their own data instead of utilizing data contained within Splunk?
Which field is automatically added to search results when assets are properly defined and enabled in Splunk Enterprise Security?
An analyst investigates an IDS alert and confirms suspicious traffic to a known malicious IP. What Enterprise Security data model would they use to investigate which process initiated the network connection?