Question 1

Which search will return the 15 least common field values for the dest_ip field?

Accepted Answer

Question 2

After running a search, what effect does clicking and dragging across the timeline have?

Accepted Answer

A)  Executes a new search. 
B)  Filters current search results. 
C)  Moves to past or future events. 
D)  Expands the time range of the search. 
A)  Executes a new search. 
B)  Filters current search results. 
C)  Moves to past or future events. 
D)  Expands the time range of the search.

Question 3

Universal forwarder is recommended for forwarding the logs to indexers.

Accepted Answer

A) True 
 B)False

Question 4

Which of the following file types is an option for exporting Splunk search results?

Accepted Answer

A)  PDF 
B)  JSON 
C)  XLS 
D)  RTF 
A)  PDF 
B)  JSON 
C)  XLS 
D)  RTF

Question 5

Which of the following describes lookup files?

Accepted Answer

A)  Lookup fields cannot be used in searches. 
B)  Lookups contain static data available in the index. 
C)  Lookups add more fields to results returned by a search. 
D)  Lookups pull data at index time and add them to search results. 
A)  Lookup fields cannot be used in searches. 
B)  Lookups contain static data available in the index. 
C)  Lookups add more fields to results returned by a search. 
D)  Lookups pull data at index time and add them to search results.

Question 6

Which is the default app for Splunk Enterprise?

Accepted Answer

A)  Splunk Enterprise Security Suite 
B)  Searching and Reporting 
C)  Reporting and Searching 
D)  Splunk apps for Security 
A)  Splunk Enterprise Security Suite 
B)  Searching and Reporting 
C)  Reporting and Searching 
D)  Splunk apps for Security

Question 7

Which search would return events from the access_combined sourcetype?

Accepted Answer

A)  Sourcetype=access_combined 
B)  Sourcetype=Access_Combined 
C)  sourcetype=Access_Combined 
D)  SOURCETYPE=access_combined 
A)  Sourcetype=access_combined 
B)  Sourcetype=Access_Combined 
C)  sourcetype=Access_Combined 
D)  SOURCETYPE=access_combined

Which search will return the 15 least common field values for the dest_ip field?

After running a search, what effect does clicking and dragging across the timeline have?

Universal forwarder is recommended for forwarding the logs to indexers.

Which of the following file types is an option for exporting Splunk search results?

Which of the following describes lookup files?

Which is the default app for Splunk Enterprise?

Which search would return events from the access_combined sourcetype?

Splunk Enterprise Certified Admin

Splunk Certified Developer

Splunk Enterprise Certified Architect

Splunk Enterprise Security Certified Admin

Splunk IT Service Intelligence Certified Admin

Splunk Core Certified Consultant

Filters

Exam 1: Splunk Core Certified User

Which search will return the 15 least common field values for the dest_ip field?

After running a search, what effect does clicking and dragging across the timeline have?

Universal forwarder is recommended for forwarding the logs to indexers.

Which of the following file types is an option for exporting Splunk search results?

Which of the following describes lookup files?

Which is the default app for Splunk Enterprise?

Which search would return events from the access_combined sourcetype?

Splunk Enterprise Certified Admin

Splunk Certified Developer

Splunk Enterprise Certified Architect

Splunk Enterprise Security Certified Admin

Splunk IT Service Intelligence Certified Admin

Splunk Core Certified Consultant

Filters