Course Hero Logo

Splunk Core Certified Power User.docx - Splunk Core...

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 1 - 4 out of 17 pages.

Splunk Core Certified PowerUserQ1-Which of the following searches show a valid use of macro? (Select all that apply)A-index=main source=mySource oldField=* | ‘makeMyfield(oldfield)*| table _timenewFieldB-index=main source=mySource oldField=* | stats if (*makeMyField(oldField)*) |table _time newFieldC-index=main source=mySource oldField=* | avalnewField=‘makeMyField(oldField)*| table _time newFieldD-index=main source=mySource oldFields* | “‘newField(‘makeMyField(oldField)*)°" |table time newFieldQ2-A data model consists of which three types of datasets?A. Constraint, Fields, value.B. Events, searches, transactions.C. Field extraction, regex, delimited.D. Transaction, session ID, metadata.
Q3-Which of the following knowledge objects represents the output of an eval expression?
Q4- Which of the following statements describe the command below? (Choose all that apply.)*
C- An additional eld named eventcount is created.D- Events with the same JSESSIONID will be grouped together into a single event.Q5- Based on the macro definition shown below, what is the correct way to execute the macro in searchstring?
Q6- Which of the following statements describe the search string below?*| datamodel Application_State All_Application_State searchA. Events will be returned from dataset named Application_State.B. Events will be returned from the data model named Application_State.C. Events will be returned from the data model named All_Application_State.D. No events will be returned because the pipe should occur after the datamodel command.
Q7- Which of the following workflow actions can be executed from search results? (select all that apply)*
Q8- What does the following search do?index=corndog type= mysterymeat action=eaten | stats count as corndog_count by user
Q9- Which of the following statements describes Search workflow actions?
Q10- A user wants to convert numeric field values to strings and also to sort on those values. Whichcommand should be used first, the eval or the sort?*A. It doesn't matter whether eval or sort is used first.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 17 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
satish
Tags
a Constraint, Field Extractions, D Fields

Newly uploaded documents

Show More

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture