Splunk fund. part 2 solved &
updated (GUARANTEED
SUCCESS)
When looking at a statistics table, what is one way to drill down to see the underlying events? - answer
Clicking on any field value in the table.
In the Splunk interface, the list of alerts can be filtered based on which characteristics? - answer App,
Owner, Severity, and Type
What are the steps to schedule a report? - answer After saving the report, click Schedule.
In the fields sidebar, what indicates that a field is numeric? - answer A # symbol to the left of the field
name.
Which of the following are functions of the stats command? - answer sum, avg, values
At index time, in which field does Splunk store the timestamp value? - answer _time
Which of the following is a best practice when writing a search string? - answer Include the search terms
at the beginning of the search string.
What type of search can be saved as a report? - answer Any search can be saved as a report.
What can be included in the All Fields option in the sidebar? - answer Non-interesting fields
When viewing the results of a search, what is an Interesting Field? - answer A field that appears in at
least 20% of the events.
, When a Splunk search generates calculated data that appears in the Statistics tab, in what formats can
the results be exported? - answer CSV, XML, JSON
Which search matches the events containing the terms "error" and "fail"? - answer index=security Error
Fail
Which of the following is an option after clicking an item in search results? - answer Adding the item to
the search.
Which of the following fields is stored with the events in the index? - answer source
Which of the following is the recommended way to create multiple dashboards displaying data from the
same search? - answer Save the search as a report and use it in multiple dashboards as needed.
What does the following specified time range do
earliest=-72h@h latest=@d - answer Look back from 3 days ago, up to the beginning of today.
Which events will be returned by the following search string? host=www3 status=503 - answer All
events with a host of www3 that also have a status of 503.
What does the stats command do? - answer Calculates statistics on data that matches the search
criteria.
Which is primary function of the timeline located under the search bar? - answer To show peaks and/or
valleys in the timeline, which can indicate spikes in activity or downtime.
What can be configured using the Edit Job Settings menu? - answer Change Job Lifetime from 10
minutes to 7 days.
Which command is used to validate a lookup file? - answer | inputlookup products.csv
updated (GUARANTEED
SUCCESS)
When looking at a statistics table, what is one way to drill down to see the underlying events? - answer
Clicking on any field value in the table.
In the Splunk interface, the list of alerts can be filtered based on which characteristics? - answer App,
Owner, Severity, and Type
What are the steps to schedule a report? - answer After saving the report, click Schedule.
In the fields sidebar, what indicates that a field is numeric? - answer A # symbol to the left of the field
name.
Which of the following are functions of the stats command? - answer sum, avg, values
At index time, in which field does Splunk store the timestamp value? - answer _time
Which of the following is a best practice when writing a search string? - answer Include the search terms
at the beginning of the search string.
What type of search can be saved as a report? - answer Any search can be saved as a report.
What can be included in the All Fields option in the sidebar? - answer Non-interesting fields
When viewing the results of a search, what is an Interesting Field? - answer A field that appears in at
least 20% of the events.
, When a Splunk search generates calculated data that appears in the Statistics tab, in what formats can
the results be exported? - answer CSV, XML, JSON
Which search matches the events containing the terms "error" and "fail"? - answer index=security Error
Fail
Which of the following is an option after clicking an item in search results? - answer Adding the item to
the search.
Which of the following fields is stored with the events in the index? - answer source
Which of the following is the recommended way to create multiple dashboards displaying data from the
same search? - answer Save the search as a report and use it in multiple dashboards as needed.
What does the following specified time range do
earliest=-72h@h latest=@d - answer Look back from 3 days ago, up to the beginning of today.
Which events will be returned by the following search string? host=www3 status=503 - answer All
events with a host of www3 that also have a status of 503.
What does the stats command do? - answer Calculates statistics on data that matches the search
criteria.
Which is primary function of the timeline located under the search bar? - answer To show peaks and/or
valleys in the timeline, which can indicate spikes in activity or downtime.
What can be configured using the Edit Job Settings menu? - answer Change Job Lifetime from 10
minutes to 7 days.
Which command is used to validate a lookup file? - answer | inputlookup products.csv
