- All Exams Instant Download
Which of the following workflow actions can be executed from search results? (select all that apply)
Which of the following workflow actions can be executed from search results? (select all that apply)A . GETB . POSTC . LOOKUPD . SearchView AnswerAnswer: A,B,D
What does the Splunk Common Information Model (CIM) add-on include? (select all that apply)
What does the Splunk Common Information Model (CIM) add-on include? (select all that apply)A . Custom visualizationsB . Pre-configured data modelsC . Fields and event category tagsD . Automatic data model accelerationView AnswerAnswer: B,C
What does the fillnull command replace null values with, it the value argument is not specified?
What does the fillnull command replace null values with, it the value argument is not specified?A . 0B . N/AC . NaND . NULLView AnswerAnswer: A Explanation: Reference: https://answers.splunk.com/answers/653427/fillnull-doesnt-work-without-specfying-a-field.html
A calculated field maybe based on which of the following?
A calculated field maybe based on which of the following?A . Lookup tablesB . Extracted fieldsC . Regular expressionsD . Fields generated within a search stringView AnswerAnswer: B
Which of the following statements describes field aliases?
Which of the following statements describes field aliases?A . Field alias names replace the original field name.B . Field aliases can be used in lookup file definitions.C . Field aliases only normalize data across sources and sourcetypes.D . Field alias names are not case sensitive when used as part of...
Given the macro definition below, what should be entered into the Name and Arguments fileds to correctly configured the macro?
Given the macro definition below, what should be entered into the Name and Arguments fileds to correctly configured the macro? A . The macro name is sessiontracker and the arguments are action, JESSIONIC . The macro name is sessiontracker(2) and the arguments are action, JESSIONIE . The macro name is...
Based on the macro definition shown below, what is the correct way to execute the macro in a search string?
Based on the macro definition shown below, what is the correct way to execute the macro in a search string? A . Convert_sales (euro, , 79)”B . Convert_sales (euro, , .79)C . Convert_sales ($euro,$$,s79$D . Convert_sales ($euro, $$,S,79$)View AnswerAnswer: B Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/8.0.3/Knowledge/Usesearchmacros
Which of the following statements about data models and pivot are true? (select all that apply)
Which of the following statements about data models and pivot are true? (select all that apply)A . They are both knowledge objects.B . Data models are created out of datasets called pivots.C . Pivot requires users to input SPL searches on data models.D . Pivot allows the creation of data...
Which of the following data model are included In the Splunk Common Information Model (CIM) add-on? (select all that apply)
Which of the following data model are included In the Splunk Common Information Model (CIM) add-on? (select all that apply)A . AlertsB . EmailC . DatabaseD . User permissionsView AnswerAnswer: A,B,C Explanation: Reference: https://docs.splunk.com/Documentation/CIM/4.15.0/User/Overview
Which of the following can be used with the eval command tostring function (select all that apply)
Which of the following can be used with the eval command tostring function (select all that apply)A . ‘’hex’’B . ‘’commas’’C . ‘’Decimal’’D . ‘’duration’’View AnswerAnswer: A,B,D Explanation: https://docs.splunk.com/Documentation/Splunk/8.1.0/SearchReference/ConversionFunctions#tostring.28X.2CY.29
