- All Exams Instant Download
Which command should be used first, the eval or the sort?
A user wants to convert numeric field values to strings and also to sort on those values. Which command should be used first, the eval or the sort?A . It doesn't matter whether eval or sort is used first.B . Convert the numeric to a string with eval first, then...
Which of the following statements describe calculated fields? (select all that apply)
Which of the following statements describe calculated fields? (select all that apply)A . Calculated fields can be used in the search bar.B . Calculated fields can be based on an extracted field.C . Calculated fields can only be applied to host and sourcetype.D . Calculated fields are shortcuts for performing...
Which of the following statements describe the search string below?
Which of the following statements describe the search string below? | datamodel Application_State All_Application_State searchA . Evenrches would return a report of sales by state.B . Events will be returned from the data model named Application_State.C . Events will be returned from the data model named All_Application_state.D . No events...
Which of the following searches show a valid use of macro? (Select all that apply)
Which of the following searches show a valid use of macro? (Select all that apply)A . index=main source=mySource oldField=* |'makeMyField(oldField)'| table _time newFieldB . index=main source=mySource oldField=* | stats if('makeMyField(oldField)') | table _time newFieldC . index=main source=mySource oldField=* | eval newField='makeMyField(oldField)'| table _time newFieldD . index=main source=mySource oldField=* | "'newField('makeMyField(oldField)')'"...
Which of the following are required to create a POST workflow action?
Which of the following are required to create a POST workflow action?A . Label, URI, search string.B . XMI attributes, URI, name.C . Label, URI, post arguments.D . URI, search string, time range picker.View AnswerAnswer: C
Selected fields are displayed ______each event in the search results.
Selected fields are displayed ______each event in the search results.A . belowB . interesting fieldsC . other fieldsD . aboveView AnswerAnswer: A
Which of the following statements describes field aliases?
Which of the following statements describes field aliases?A . Field alias names replace the original field name.B . Field aliases can be used in lookup file definitions.C . Field aliases only normalize data across sources and sourcetypes.D . Field alias names are not case sensitive when used as part of...
Which of the following statements about tags is true?
Which of the following statements about tags is true?A . Tags are case insensitive.B . Tags are created at index time.C . Tags can make your data more understandable.D . Tags are searched by using the syntax tag: : <fieldneme>View AnswerAnswer: C
In which of the following scenarios is an event type more effective than a saved search?
In which of the following scenarios is an event type more effective than a saved search?A . When a search should always include the same time range.B . When a search needs to be added to other users' dashboards.C . When the search string needs to be used in future...
Which delimiters can the Field Extractor (FX) detect? (select all that apply)
Which delimiters can the Field Extractor (FX) detect? (select all that apply)A . TabsB . PipesC . SpacesD . CommasView AnswerAnswer: B,C,D Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/8.0.3/Knowledge/FXSelectMethodstep
