Copiar e Editar

SPLUNK 1002 TEST

Descrição

SPLUNK 1002 TEST
David OkOk
Quiz por David OkOk, atualizado 5 meses atrás
David OkOk
Criado por David OkOk 8 meses atrás
113
0
0

Resumo de Recurso

Questão 1

Questão
1.- Using the export function, you can export search results as __________.( Select all that apply)
Responda
  • Xml
  • Json
  • Html
  • A php file

Questão 2

Questão
2.- The fields sidebar does not show________. (Select all that apply.)
Responda
  • interesting fields
  • selected fields
  • all extracted fields

Questão 3

Questão
3.- Splunk alerts can be based on search that run______. (Select all that apply.)
Responda
  • in real-time
  • on a regular schedule
  • and have no matching events

Questão 4

Questão
4.- Alert throttling is used to _______.
Responda
  • verify each alert
  • stagger search request in a time sequenced order
  • stop spamming yourself with alerts
  • check severity

Questão 5

Questão
5.- A real-time alert is ______________.
Responda
  • A scheduled alert
  • constantly running in the background

Questão 6

Questão
6.- This tab shows you the event patterns in the results of a specific search.
Responda
  • statistics
  • visualization
  • patterns

Questão 7

Questão
7.- Which of the following about reports is/are true?
Responda
  • Reports are knowledge objects.
  • Reports can be scheduled.
  • Reports can run a script.
  • All of the above.

Questão 8

Questão
8.- Select this in the fields sidebar to automatically pipe you search results to the rare command
Responda
  • events with this field
  • rare values
  • top values by time
  • top values

Questão 9

Questão
9.- A report scheduled to run every 15 mins. but takes 17 mins. to complete is in danger of being_____.
Responda
  • skipped or deferred
  • automatically accelerated
  • deleted
  • all of the above

Questão 10

Questão
10.- Which of the following are valid options to speed up reports? (Select all the apply.)
Responda
  • Edit permissions
  • Edit description
  • Edit acceleration
  • Edit schedule

Questão 11

Questão
11.- Which of the following statements are true for this search? (Select all that apply.) SEARCH:sourcetype=access* |fields action productld status
Responda
  • is looking for all events that include the search terms: fields AND action AND productld AND status
  • users the table command to improve performance
  • limits the fields are extracted
  • returns a table with 3 columns

Questão 12

Questão
12.- Use the dedup command to _____.
Responda
  • Rename a field in the index
  • remove duplicate values
  • Provide an additional alias for the field that can
  • be used in the search criteria

Questão 13

Questão
13.- We can use the rename command to _____ (Select all that apply.)
Responda
  • Change indexed fields
  • Exclude fields from our search results
  • Extract new fields from our data using regular expressions
  • Give a field a new name at search time

Questão 14

Questão
14.- The limit attribute will___________.
Responda
  • override default of 10
  • only work with top command
  • override default of 20
  • override default of 15

Questão 15

Questão
15.- This function of the stats command allows you to identify the number of values a field has.
Responda
  • max
  • distinct_count
  • fields
  • count

Questão 16

Questão
16.- This function of the stats command allows you to return the sample standard deviation of a field.
Responda
  • stdev
  • dev
  • count deviation
  • by standarddev

Questão 17

Questão
17.- Which of the following commands will show the maximum bytes?
Responda
  • sourcetype=access_* | maximum totals by bytes
  • sourcetype=access_* | avg (bytes)
  • sourcetype=access_* | stats max(bytes)
  • sourcetype=access_* | max(bytes)

Questão 18

Questão
18.- Which of the following searches will show the number of categoryld used by each host?
Responda
  • Sourcetype=access_* |sum bytes by host
  • Sourcetype=access_* |stats sum(categoryld) by host
  • Sourcetype=access_* |sum(bytes) by host
  • Sourcetype=access_* |stats sum by host

Questão 19

Questão
19.- Sourcetype=access_* |stats sum by host
Responda
  • Rex
  • As
  • List
  • By

Questão 20

Questão
20.- This function of the stats command allows you to return the middle-most value of field X.
Responda
  • Median(X)
  • Eval by X
  • Fields(X)
  • Values(X)

Questão 21

Questão
21.- When a search returns __________, you can view the results as a list.
Responda
  • a list of events
  • transactions
  • statistical values

Questão 22

Questão
22.- Clicking a SEGMENT on a chart, ________.
Responda
  • drills down for that value
  • highlights the field value across the chart
  • adds the highlighted value to the search criteria

Questão 23

Questão
23.- Use this command to use lookup fields in a search and see the lookup fields in the field sidebar.
Responda
  • inputlookup
  • lookup

Questão 24

Questão
24.- It is mandatory for the lookup file to have this for an automatic lookup to work.
Responda
  • Source type
  • At least five columns
  • Timestamp
  • Input filed

Questão 25

Questão
25.- These users can create global knowledge objects. (Select all that apply.)
Responda
  • users
  • power users
  • administrators

Questão 26

Questão
25.- This is what Splunk uses to categorize the data that is being indexed.
Responda
  • sourcetype
  • index
  • source
  • host

Questão 27

Questão
27.- This is what Splunk uses to categorize the data that is being indexed.
Responda
  • Host
  • Sourcetype
  • Index
  • Source

Questão 28

Questão
28.- By default search results are not returned in ________ order.
Responda
  • Chronological
  • Reverser chronological
  • ASCIE
  • Alphabetical

Questão 29

Questão
29.- The stats command will create a _____________ by default.
Responda
  • Table
  • Report
  • Pie chart

Questão 30

Questão
30.- Which is not a comparison operator in Splunk
Responda
  • <=
  • =
  • !=
  • >
  • ?=

Questão 31

Questão
31.- Which of the following is NOT a stats function:
Responda
  • sum
  • addtotals
  • count
  • avg

Questão 32

Questão
32.- If a search returns ____________ it can be viewed as a chart.
Responda
  • timestamps
  • statistics
  • events
  • keywords

Questão 33

Questão
33.- In this search, __________ will appear on the y-axis. SEARCH: sourcetype=access_combined status!=200 | chart count over host
Responda
  • status
  • host
  • count

Questão 34

Questão
34.- The timechart command buckets data in time intervals depending on:
Responda
  • the number of events returned
  • the selected time range
  • the type of visualization selected

Questão 35

Questão
35.- Which of these search strings is NOT valid:
Responda
  • index=web status=50* | chart count over host, status
  • index=web status=50* | chart count over host by status
  • index=web status=5-* | chart count by host, status

Questão 36

Questão
36.- Which command is used to create choropleth maps?
Responda
  • geostats
  • cluster
  • geom

Questão 37

Questão
37.- which of the following are valid options with the chart command
Responda
  • useother
  • usenull
  • fillfield
  • usefiled

Questão 38

Questão
38.- The gauge command:
Responda
  • creates a single-value visualization
  • allows you to set colored ranges for a single-value visualization
  • creates a radial gauge visualization

Questão 39

Questão
39.- What will you learn from the results of the following search? sourcetype=cisco_esa | transaction mid, dcid, icid | timechart avg(duration)
Responda
  • The average time elapsed during each transaction for all transactions
  • The average time for each event within each transaction
  • The average time between each transaction

Questão 40

Questão
40.- Which of these is NOT a field that is automatically created with the transaction command?
Responda
  • maxcount
  • duration
  • eventcount

Questão 41

Questão
41.- How many ways are there to access the Field Extractor Utility?
Responda
  • 3
  • 4
  • 1
  • 5

Questão 42

Questão
42.- When extracting fields, we may choose to use our own regular expressions
Responda
  • True
  • False

Questão 43

Questão
43.- Field aliases are used to __________ data
Responda
  • clean
  • transform
  • calculate
  • normalize

Questão 44

Questão
44.- What is the correct way to name a macro with two arguments?
Responda
  • us_sales2
  • us_sales(1,2)
  • us_sale,2
  • us_sales(2)

Questão 45

Questão
45.- When using a field value variable with a Workflow Action, which punctuation mark will escape the data.
Responda
  • *
  • !
  • ^
  • #

Questão 46

Questão
46.- __________ datasets can be added to root dataset to narrow down the search
Responda
  • parent
  • extracted
  • event
  • child

Questão 47

Questão
47.- Which function should you use with the transaction command to set the maximum total time between the earliest and latest events returned?
Responda
  • maxpause
  • endswith
  • maxduration
  • maxspan

Questão 48

Questão
48.- The eval command 'if' function requires the following three arguments (in order):
Responda
  • Boolean expression, result if true, result if false
  • Result if true, result if false, boolean expression
  • Result if false, result if true, boolean expression
  • Boolean expression, result if false, result if true

Questão 49

Questão
49.- Which search would limit an "alert" tag to the "host" field?
Responda
  • tag=alert
  • host::tag::alert
  • tag==alert
  • tag::host=alert

Questão 50

Questão
50.- The transaction command allows you to __________ events across multiple sources
Responda
  • duplicate
  • correlate
  • persist
  • tag

Questão 51

Questão
51.- Which of the following commands are used when creating visualizations(select all that apply.)
Responda
  • Geom
  • Choropleth
  • Geostats
  • iplocation

Questão 52

Questão
52.- For choropleth maps,splunk ships with the following KMZ files (select all that apply)
Responda
  • States of the United States
  • States and provinces of the united states and Canada
  • Countries of the European Union
  • Countries of the World

Questão 53

Questão
54.- Complete the search, …. | _____ failure>successes
Responda
  • Search
  • Where
  • If
  • Any of the above

Questão 54

Questão
54.- These kinds of charts represent a series in a single bar with multiple sections
Responda
  • Multi-Series
  • Split-Series
  • Omit nulls
  • Stacked

Questão 55

Questão
55.- When using a split series on a chart, the series MUST be displayed using the STACKED option.
Responda
  • True
  • False

Questão 56

Questão
56.- Which of the following are valid options with the chart command ?(select all that apply)
Responda
  • usenull=f
  • useother=f
  • split=t
  • transcation=t

Questão 57

Questão
57.- This role is required to install the CIM Add-on.
Responda
  • ADMIN
  • POWER
  • USER

Questão 58

Questão
58.- The Splunk CIM Add-on includes data models in a __________ format. Select your answer.
Responda
  • MySQL
  • XML
  • JSON

Questão 59

Questão
59.- These allow you to categorize events based on search terms. Select your answer.
Responda
  • Groups
  • Event Types
  • Macros
  • Tags

Questão 60

Questão
60.- In the Field Extractor Utility, this button will display events that do not contain extracted fields. Select your answer.
Responda
  • Selected-Fields
  • Non-Matches
  • Non-Extractions
  • Matches

Quer criar seus próprios Quizzes gratuitos com a GoConqr? Saiba mais.

Semelhante

história do brasil -periodo colonial
Day Almeida
Aprenda a fazer uma boa Redação em 5 passos
Alessandra S.
Exame Nacional de Portugues
Sandra Franco
Espécies de Agente Público
Gik
II Guerra Mundial
GoConqr suporte .
Revisão de Direito Penal
GoConqr suporte .
Seres Vivos
Andrea Barreto M. Da Poça
1ª Guerra Mundial
Daniel Lima
Quiz - Advérbios
Rodrigo de Freit9506
Nutrição para o Cérebro e a Memória
Joana Meira
Contextualização da Aula 4 - Gestão - Administração da Carreira Profissional
Fabrícia Assunção
Explore a Biblioteca