CertsTopics Logo

Labour Day Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Splunk Core Certified User SPLK-1001 Exam Questions and Answers PDF

Page: 11 / 18
Total 244 questions
Get SPLK-1001 Full Access Download SPLK-1001 PDF

Splunk Core Certified User Exam Questions and Answers

Question 41

Which stats command function provides a count of how many unique values exist for a given field in the result set?

Options:

A.

dc(field)

B.

count(field)

C.

count-by(field)

D.

distinct-count(field)

Question 42

Which search will return the 15 least common field values for the dest_ip field?

Options:

A.

sourcetype=firewall | rare num=15 dest_ip

B.

sourcetype=firewall | rare last=15 dest_ip

C.

sourcetype=firewall | rare count=15 dest_ip

D.

sourcetype=firewall | rare limit=15 dest_ip

Question 43

Which is a primary function of the timeline located under the search bar?

Options:

A.

To differentiate between structured and unstructured events in the data

B.

To sort the events returned by the search command in chronological order

C.

To zoom in and zoom out. although this does not change the scale of the chart

D.

To show peaks and/or valleys in the timeline, which can indicate spikes in activity or downtime

Question 44

Which search string only returns events from hostWWW3?

Options:

A.

B. host=WWW3

B.

C. host=WWW*

C.

D. Host=WWW3

Page: 11 / 18
Total 244 questions
Get SPLK-1001 Full Access Download SPLK-1001 PDF